From 5e955241229968d11223c5fdd848026b53db82fc Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Thu, 31 May 2012 19:56:07 +0200 Subject: [PATCH] Improve error reporting in case of syntax errors in the address and port vars. --- src/detect-engine-address.c | 11 +++++++---- src/detect-engine-port.c | 4 ++-- src/suricata.c | 17 ++++++++++++----- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c index a1c091cd92..8c120f32bf 100644 --- a/src/detect-engine-address.c +++ b/src/detect-engine-address.c @@ -825,8 +825,8 @@ int DetectAddressSetup(DetectAddressHead *gh, char *s) ad = DetectAddressParseSingle(s); if (ad == NULL) { SCLogError(SC_ERR_ADDRESS_ENGINE_GENERIC, - "DetectAddressParse error \"%s\"", s); - goto error; + "failed to parse address \"%s\"", s); + return -1; } if (ad->flags & ADDRESS_FLAG_ANY) @@ -1240,7 +1240,7 @@ int DetectAddressTestConfVars(void) ConfNode *seq_node; TAILQ_FOREACH(seq_node, &address_vars_node->head, next) { - SCLogDebug("Testing %s - %s\n", seq_node->name, seq_node->val); + SCLogDebug("Testing %s - %s", seq_node->name, seq_node->val); DetectAddressHead *gh = DetectAddressHeadInit(); if (gh == NULL) { @@ -1253,12 +1253,15 @@ int DetectAddressTestConfVars(void) int r = DetectAddressParse2(gh, ghn, seq_node->val, /* start with negate no */0); if (r < 0) { + SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, + "failed to parse address var \"%s\" with value \"%s\". " + "Please check it's syntax", seq_node->name, seq_node->val); goto error; } if (DetectAddressIsCompleteIPSpace(ghn)) { SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, - "Address var - \"%s\" has the complete IP space negated " + "address var - \"%s\" has the complete IP space negated " "with it's value \"%s\". Rule address range is NIL. " "Probably have a !any or an address range that supplies " "a NULL address range", seq_node->name, seq_node->val); diff --git a/src/detect-engine-port.c b/src/detect-engine-port.c index 2b231b3c37..c7bd9fcafd 100644 --- a/src/detect-engine-port.c +++ b/src/detect-engine-port.c @@ -914,8 +914,8 @@ static int DetectPortParseInsertString(DetectPort **head, char *s) { /** parse the address */ ad = PortParse(s); if (ad == NULL) { - SCLogError(SC_ERR_INVALID_ARGUMENT,"PortParse error \"%s\"",s); - goto error; + SCLogError(SC_ERR_INVALID_ARGUMENT," failed to parse port \"%s\"",s); + return -1; } if (ad->flags & PORT_FLAG_ANY) { diff --git a/src/suricata.c b/src/suricata.c index 9b35fe693b..4fa23f71a4 100644 --- a/src/suricata.c +++ b/src/suricata.c @@ -1373,6 +1373,18 @@ int main(int argc, char **argv) TagInitCtx(); + if (DetectAddressTestConfVars() < 0) { + SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, + "basic address vars test failed. Please check %s for errors", conf_filename); + exit(EXIT_FAILURE); + } + if (DetectPortTestConfVars() < 0) { + SCLogError(SC_ERR_INVALID_YAML_CONF_ENTRY, + "basic port vars test failed. Please check %s for errors", conf_filename); + exit(EXIT_FAILURE); + } + + TmModuleReceiveNFQRegister(); TmModuleVerdictNFQRegister(); TmModuleDecodeNFQRegister(); @@ -1640,11 +1652,6 @@ int main(int argc, char **argv) if (MagicInit() != 0) exit(EXIT_FAILURE); - if (DetectAddressTestConfVars() < 0) - exit(0); - if (DetectPortTestConfVars() < 0) - exit(0); - if (SigLoadSignatures(de_ctx, sig_file, sig_file_exclusive) < 0) { if (sig_file == NULL) { SCLogError(SC_ERR_OPENING_FILE, "Signature file has not been provided");