aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add a few more tests for portrange validation.

Browse Source
remotes/origin/master-1.0.x
Victor Julien 16 years ago
parent 927685928c
commit 5ffb7a7bd7
2 changed files with 104 additions and 7 deletions
Show Stats Download Patch File Download Diff File

85
src/detect-engine-port.c
Unescape Escape View File

@ -39,6 +39,7 @@ void DetectPortRegister (void) {
static int DetectPortCutNot(DetectPort *, DetectPort **); static int DetectPortCutNot(DetectPort *, DetectPort **);
static int DetectPortCut(DetectEngineCtx *, DetectPort *, DetectPort *, DetectPort **); static int DetectPortCut(DetectEngineCtx *, DetectPort *, DetectPort *, DetectPort **);
DetectPort *PortParse(char *str); DetectPort *PortParse(char *str);
int DetectPortIsValidRange(char *);
/* memory usage counters */ /* memory usage counters */
static uint32_t detect_port_memory = 0; static uint32_t detect_port_memory = 0;
@ -1132,11 +1133,20 @@ DetectPort *PortParse(char *str) {
/* 80:81 range format */ /* 80:81 range format */
port[port2 - port] = '\0'; port[port2 - port] = '\0';
port2++; port2++;
dp->port = atoi(port);
if (strcmp(port2,"") != 0) if(DetectPortIsValidRange(port))
dp->port2 = atoi(port2); dp->port = atoi(port);
else else
goto error;
if (strcmp(port2,"") != 0){
if(DetectPortIsValidRange(port2))
dp->port2 = atoi(port2);
else
goto error;
} else {
dp->port2 = 65535; dp->port2 = 65535;
}
/* a>b is illegal, a=b is ok */ /* a>b is illegal, a=b is ok */
if (dp->port > dp->port2) if (dp->port > dp->port2)
@ -1146,8 +1156,10 @@ DetectPort *PortParse(char *str) {
if (strcasecmp(port,"any") == 0) { if (strcasecmp(port,"any") == 0) {
dp->port = 0; dp->port = 0;
dp->port2 = 65535; dp->port2 = 65535;
} else { } else if(DetectPortIsValidRange(port)){
dp->port = dp->port2 = atoi(port); dp->port = dp->port2 = atoi(port);
} else {
goto error;
} }
} }
@ -1159,6 +1171,13 @@ error:
return NULL; return NULL;
} }
int DetectPortIsValidRange(char *port){
if(atoi(port) >= 0 && atoi(port) <= 65535)
return 1;
else
return 0;
}
/* end parsing routines */ /* end parsing routines */
/* init hashes */ /* init hashes */
@ -1439,8 +1458,61 @@ int PortTestParse09 (void) {
end: end:
return result; return result;
} }
#endif /* UNITTESTS */
/** \test Test port that is too big */
int PortTestParse10 (void) {
DetectPort *dd = NULL;
int result = 0;
int r = DetectPortParse(&dd,"777777777777777777777777777777777777777777777777777777777");
if (r != 0) {
result = 1 ;
goto end;
}
DetectPortFree(dd);
end:
return result;
}
/** \test Test second port of range being too big */
int PortTestParse11 (void) {
DetectPort *dd = NULL;
int result = 0;
int r = DetectPortParse(&dd,"1024:65536");
if (r != 0) {
result = 1 ;
goto end;
}
DetectPortFree(dd);
end:
return result;
}
/** \test Test second port of range being just right */
int PortTestParse12 (void) {
DetectPort *dd = NULL;
int result = 0;
int r = DetectPortParse(&dd,"1024:65535");
if (r != 0) {
goto end;
}
DetectPortFree(dd);
result = 1 ;
end:
return result;
}
#endif /* UNITTESTS */
void DetectPortTests(void) { void DetectPortTests(void) {
#ifdef UNITTESTS #ifdef UNITTESTS
@ -1453,6 +1525,9 @@ void DetectPortTests(void) {
UtRegisterTest("PortTestParse07", PortTestParse07, 1); UtRegisterTest("PortTestParse07", PortTestParse07, 1);
UtRegisterTest("PortTestParse08", PortTestParse08, 1); UtRegisterTest("PortTestParse08", PortTestParse08, 1);
UtRegisterTest("PortTestParse09", PortTestParse09, 1); UtRegisterTest("PortTestParse09", PortTestParse09, 1);
UtRegisterTest("PortTestParse10", PortTestParse10, 1);
UtRegisterTest("PortTestParse11", PortTestParse11, 1);
UtRegisterTest("PortTestParse12", PortTestParse12, 1);
#endif /* UNITTESTS */ #endif /* UNITTESTS */
} }

26
src/detect-parse.c
Unescape Escape View File

@ -583,7 +583,7 @@ int SigParseTest03 (void) {
if (de_ctx == NULL) if (de_ctx == NULL)
goto end; goto end;
sig = SigInit(de_ctx, "alert tcp 1.2.3.4 any <- !1.2.3.4 any (msg:\"SigParseTest01\"; sid:1;)"); sig = SigInit(de_ctx, "alert tcp 1.2.3.4 any <- !1.2.3.4 any (msg:\"SigParseTest03\"; sid:1;)");
if (sig != NULL) { if (sig != NULL) {
result = 0; result = 0;
printf("expected NULL got sig ptr %p: ",sig); printf("expected NULL got sig ptr %p: ",sig);
@ -604,7 +604,7 @@ int SigParseTest04 (void) {
if (de_ctx == NULL) if (de_ctx == NULL)
goto end; goto end;
sig = SigInit(de_ctx, "alert tcp 1.2.3.4 1024: -> !1.2.3.4 1024: (msg:\"SigParseTest03\"; sid:1;)"); sig = SigInit(de_ctx, "alert tcp 1.2.3.4 1024: -> !1.2.3.4 1024: (msg:\"SigParseTest04\"; sid:1;)");
if (sig == NULL) { if (sig == NULL) {
result = 0; result = 0;
goto end; goto end;
@ -616,6 +616,27 @@ end:
return result; return result;
} }
/** \test Port validation */
int SigParseTest05 (void) {
int result = 1;
Signature *sig = NULL;
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
goto end;
sig = SigInit(de_ctx, "alert tcp 1.2.3.4 1024:65536 -> !1.2.3.4 any (msg:\"SigParseTest05\"; sid:1;)");
if (sig != NULL) {
result = 1;
SigFree(sig);
goto end;
}
DetectEngineCtxFree(de_ctx);
end:
return result;
}
/** /**
* \test check that we don't allow invalid negation options * \test check that we don't allow invalid negation options
*/ */
@ -800,6 +821,7 @@ void SigParseRegisterTests(void) {
UtRegisterTest("SigParseTest02", SigParseTest02, 1); UtRegisterTest("SigParseTest02", SigParseTest02, 1);
UtRegisterTest("SigParseTest03", SigParseTest03, 1); UtRegisterTest("SigParseTest03", SigParseTest03, 1);
UtRegisterTest("SigParseTest04", SigParseTest04, 1); UtRegisterTest("SigParseTest04", SigParseTest04, 1);
UtRegisterTest("SigParseTest05", SigParseTest05, 1);
UtRegisterTest("SigParseTestNegation01", SigParseTestNegation01, 1); UtRegisterTest("SigParseTestNegation01", SigParseTestNegation01, 1);
UtRegisterTest("SigParseTestNegation02", SigParseTestNegation02, 1); UtRegisterTest("SigParseTestNegation02", SigParseTestNegation02, 1);
UtRegisterTest("SigParseTestNegation03", SigParseTestNegation03, 1); UtRegisterTest("SigParseTestNegation03", SigParseTestNegation03, 1);

Write Preview
Loading…
Cancel
Save