aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect/http_header: remove obsolete tests

Browse Source
pull/8732/head
Victor Julien 2 years ago
parent 1a1a7e00e0
commit 456786b36d
1 changed files with 0 additions and 355 deletions
Show Stats Download Patch File Download Diff File

355
src/tests/detect-http-header.c
Unescape Escape View File

@ -86,47 +86,6 @@ static int DetectHttpHeaderParserTest02(void)
PASS;
}
/**
* \test Test that a signature containting a http_header is correctly parsed
* and the keyword is registered.
*/
static int DetectHttpHeaderTest01(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
SigMatch *sm = NULL;
de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any "
"(msg:\"Testing http_header\"; "
"content:\"one\"; http_header; sid:1;)");
if (de_ctx->sig_list != NULL) {
result = 1;
} else {
printf("Error parsing signature: ");
goto end;
}
sm = de_ctx->sig_list->sm_lists[g_http_header_buffer_id];
if (sm != NULL) {
result &= (sm->type == DETECT_CONTENT);
result &= (sm->next == NULL);
} else {
result = 0;
printf("Error updating content pattern to http_header pattern: ");
}
end:
DetectEngineCtxFree(de_ctx);
return result;
}
/**
*\test Test that the http_header content matches against a http request
* which holds the content.
@ -964,311 +923,6 @@ end:
return result;
}
static int DetectHttpHeaderTest20(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(content:\"one\"; http_header; "
"content:\"two\"; distance:0; http_header; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL) {
printf("de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL) {
printf("de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL\n");
goto end;
}
DetectContentData *hhd1 = (DetectContentData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->ctx;
DetectContentData *hhd2 = (DetectContentData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->ctx;
if (hhd1->flags != DETECT_CONTENT_RELATIVE_NEXT ||
memcmp(hhd1->content, "one", hhd1->content_len) != 0 ||
hhd2->flags != DETECT_CONTENT_DISTANCE ||
memcmp(hhd2->content, "two", hhd1->content_len) != 0) {
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
static int DetectHttpHeaderTest21(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(content:\"one\"; http_header; "
"content:\"two\"; within:5; http_header; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL) {
printf("de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL) {
printf("de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL\n");
goto end;
}
DetectContentData *hhd1 = (DetectContentData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->ctx;
DetectContentData *hhd2 = (DetectContentData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->ctx;
if (hhd1->flags != DETECT_CONTENT_RELATIVE_NEXT ||
memcmp(hhd1->content, "one", hhd1->content_len) != 0 ||
hhd2->flags != DETECT_CONTENT_WITHIN ||
memcmp(hhd2->content, "two", hhd1->content_len) != 0) {
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
static int DetectHttpHeaderTest22(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(content:\"one\"; within:5; http_header; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
static int DetectHttpHeaderTest23(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(content:\"one\"; http_header; within:5; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
static int DetectHttpHeaderTest24(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(content:\"one\"; within:5; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
static int DetectHttpHeaderTest25(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(pcre:/one/H; "
"content:\"two\"; within:5; http_header; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL) {
printf("de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL) {
printf("de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id] == NULL ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->type != DETECT_CONTENT ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev == NULL ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->type != DETECT_PCRE) {
goto end;
}
DetectPcreData *pd1 = (DetectPcreData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->ctx;
DetectContentData *hhd2 = (DetectContentData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->ctx;
if (pd1->flags != (DETECT_PCRE_RELATIVE_NEXT) ||
hhd2->flags != DETECT_CONTENT_WITHIN ||
memcmp(hhd2->content, "two", hhd2->content_len) != 0) {
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
static int DetectHttpHeaderTest26(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(content:\"two\"; http_header; "
"pcre:/one/HR; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL) {
printf("de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL) {
printf("de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id] == NULL ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->type != DETECT_PCRE ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev == NULL ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->type != DETECT_CONTENT) {
goto end;
}
DetectContentData *hhd1 = (DetectContentData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->ctx;
DetectPcreData *pd2 = (DetectPcreData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->ctx;
if (pd2->flags != (DETECT_PCRE_RELATIVE) ||
hhd1->flags != DETECT_CONTENT_RELATIVE_NEXT ||
memcmp(hhd1->content, "two", hhd1->content_len) != 0) {
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
static int DetectHttpHeaderTest27(void)
{
DetectEngineCtx *de_ctx = NULL;
int result = 0;
if ( (de_ctx = DetectEngineCtxInit()) == NULL)
goto end;
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(pcre:/one/H; "
"content:\"two\"; distance:5; http_header; sid:1;)");
if (de_ctx->sig_list == NULL) {
printf("de_ctx->sig_list == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL) {
printf("de_ctx->sig_list->sm_lists[DETECT_SM_LIST_PMATCH] != NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL) {
printf("de_ctx->sig_list->sm_lists[g_http_header_buffer_id] == NULL\n");
goto end;
}
if (de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id] == NULL ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->type != DETECT_CONTENT ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev == NULL ||
de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->type != DETECT_PCRE) {
goto end;
}
DetectPcreData *pd1 = (DetectPcreData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->prev->ctx;
DetectContentData *hhd2 = (DetectContentData *)de_ctx->sig_list->sm_lists_tail[g_http_header_buffer_id]->ctx;
if (pd1->flags != (DETECT_PCRE_RELATIVE_NEXT) ||
hhd2->flags != DETECT_CONTENT_DISTANCE ||
memcmp(hhd2->content, "two", hhd2->content_len) != 0) {
goto end;
}
result = 1;
end:
DetectEngineCtxFree(de_ctx);
return result;
}
/** \test app-layer-event:http.host_header_ambiguous should not be set
* \bug 640*/
static int DetectHttpHeaderTest28(void)
@ -4905,7 +4559,6 @@ void DetectHttpHeaderRegisterTests(void)
UtRegisterTest("DetectHttpHeaderParserTest01", DetectHttpHeaderParserTest01);
UtRegisterTest("DetectHttpHeaderParserTest02", DetectHttpHeaderParserTest02);
UtRegisterTest("DetectHttpHeaderTest01", DetectHttpHeaderTest01);
UtRegisterTest("DetectHttpHeaderTest06", DetectHttpHeaderTest06);
UtRegisterTest("DetectHttpHeaderTest07", DetectHttpHeaderTest07);
UtRegisterTest("DetectHttpHeaderTest08", DetectHttpHeaderTest08);
@ -4914,14 +4567,6 @@ void DetectHttpHeaderRegisterTests(void)
UtRegisterTest("DetectHttpHeaderTest11", DetectHttpHeaderTest11);
UtRegisterTest("DetectHttpHeaderTest12", DetectHttpHeaderTest12);
UtRegisterTest("DetectHttpHeaderTest13", DetectHttpHeaderTest13);
UtRegisterTest("DetectHttpHeaderTest20", DetectHttpHeaderTest20);
UtRegisterTest("DetectHttpHeaderTest21", DetectHttpHeaderTest21);
UtRegisterTest("DetectHttpHeaderTest22", DetectHttpHeaderTest22);
UtRegisterTest("DetectHttpHeaderTest23", DetectHttpHeaderTest23);
UtRegisterTest("DetectHttpHeaderTest24", DetectHttpHeaderTest24);
UtRegisterTest("DetectHttpHeaderTest25", DetectHttpHeaderTest25);
UtRegisterTest("DetectHttpHeaderTest26", DetectHttpHeaderTest26);
UtRegisterTest("DetectHttpHeaderTest27", DetectHttpHeaderTest27);
UtRegisterTest("DetectHttpHeaderTest28", DetectHttpHeaderTest28);
UtRegisterTest("DetectHttpHeaderTest29", DetectHttpHeaderTest29);
UtRegisterTest("DetectHttpHeaderTest30", DetectHttpHeaderTest30);

Write Preview
Loading…
Cancel
Save