detect: remove dead code

pull/1978/head
Victor Julien 10 years ago
parent b3dcdb10be
commit 66b3dba676

@ -1576,122 +1576,6 @@ static void PopulateMpmAddPatternToMpm(const DetectEngineCtx *de_ctx,
}
SigMatch *RetrieveFPForSig(Signature *s)
{
SigMatch *mpm_sm = NULL, *sm = NULL;
uint8_t has_non_negated_non_stream_pattern = 0;
if (s->mpm_sm != NULL)
return s->mpm_sm;
int list_id;
for (list_id = 0 ; list_id < DETECT_SM_LIST_MAX; list_id++) {
/* we have no keywords that support fp in this Signature sm list */
if (!FastPatternSupportEnabledForSigMatchList(list_id))
continue;
for (sm = s->sm_lists[list_id]; sm != NULL; sm = sm->next) {
/* this keyword isn't registered for fp support */
if (sm->type != DETECT_CONTENT)
continue;
DetectContentData *cd = (DetectContentData *)sm->ctx;
if (cd->flags & DETECT_CONTENT_FAST_PATTERN)
return sm;
if (!(cd->flags & DETECT_CONTENT_NEGATED) &&
(list_id != DETECT_SM_LIST_PMATCH) &&
(list_id != DETECT_SM_LIST_HMDMATCH) &&
(list_id != DETECT_SM_LIST_HSMDMATCH) &&
(list_id != DETECT_SM_LIST_HSCDMATCH)) {
has_non_negated_non_stream_pattern = 1;
}
}
}
int max_len = 0;
int max_len_negated = 0;
int max_len_non_negated = 0;
for (list_id = 0; list_id < DETECT_SM_LIST_MAX; list_id++) {
if (!FastPatternSupportEnabledForSigMatchList(list_id))
continue;
if (has_non_negated_non_stream_pattern &&
((list_id == DETECT_SM_LIST_PMATCH) ||
(list_id == DETECT_SM_LIST_HMDMATCH) ||
(list_id == DETECT_SM_LIST_HSMDMATCH) ||
(list_id == DETECT_SM_LIST_HSCDMATCH))) {
continue;
}
for (sm = s->sm_lists[list_id]; sm != NULL; sm = sm->next) {
if (sm->type != DETECT_CONTENT)
continue;
DetectContentData *cd = (DetectContentData *)sm->ctx;
if (cd->flags & DETECT_CONTENT_NEGATED) {
if (max_len_negated < cd->content_len)
max_len_negated = cd->content_len;
} else {
if (max_len_non_negated < cd->content_len)
max_len_non_negated = cd->content_len;
}
}
}
int skip_negated_content = 0;
if (max_len_non_negated == 0) {
max_len = max_len_negated;
skip_negated_content = 0;
} else {
max_len = max_len_non_negated;
skip_negated_content = 1;
}
for (list_id = 0; list_id < DETECT_SM_LIST_MAX; list_id++) {
if (!FastPatternSupportEnabledForSigMatchList(list_id))
continue;
if (has_non_negated_non_stream_pattern &&
((list_id == DETECT_SM_LIST_PMATCH) ||
(list_id == DETECT_SM_LIST_HMDMATCH) ||
(list_id == DETECT_SM_LIST_HSMDMATCH) ||
(list_id == DETECT_SM_LIST_HSCDMATCH))) {
continue;
}
for (sm = s->sm_lists[list_id]; sm != NULL; sm = sm->next) {
if (sm->type != DETECT_CONTENT)
continue;
DetectContentData *cd = (DetectContentData *)sm->ctx;
if ((cd->flags & DETECT_CONTENT_NEGATED) && skip_negated_content)
continue;
if (cd->content_len < max_len)
continue;
if (mpm_sm == NULL) {
mpm_sm = sm;
} else {
DetectContentData *data1 = (DetectContentData *)sm->ctx;
DetectContentData *data2 = (DetectContentData *)mpm_sm->ctx;
uint32_t ls = PatternStrength(data1->content, data1->content_len);
uint32_t ss = PatternStrength(data2->content, data2->content_len);
if (ls > ss) {
mpm_sm = sm;
} else if (ls == ss) {
/* if 2 patterns are of equal strength, we pick the longest */
if (data1->content_len > data2->content_len)
mpm_sm = sm;
} else {
SCLogDebug("sticking with mpm_sm");
}
} /* else - if (mpm == NULL) */
} /* for (sm = s->sm_lists[list_id]; sm != NULL; sm = sm->next) */
} /* for ( ; list_id < DETECT_SM_LIST_MAX; list_id++) */
return mpm_sm;
}
SigMatch *RetrieveFPForSigV2(Signature *s)
{
if (s->mpm_sm != NULL)
return s->mpm_sm;
@ -2802,7 +2686,7 @@ int DetectSetFastPatternAndItsId(DetectEngineCtx *de_ctx)
* true size, since duplicates are removed below, but counted here.
*/
for (s = de_ctx->sig_list; s != NULL; s = s->next) {
s->mpm_sm = RetrieveFPForSigV2(s);
s->mpm_sm = RetrieveFPForSig(s);
if (s->mpm_sm != NULL) {
DetectContentData *cd = (DetectContentData *)s->mpm_sm->ctx;
struct_total_size += sizeof(DetectFPAndItsId);

@ -82,7 +82,6 @@ int SignatureHasPacketContent(const Signature *);
int SignatureHasStreamContent(const Signature *);
SigMatch *RetrieveFPForSig(Signature *s);
SigMatch *RetrieveFPForSigV2(Signature *s);
/**
* \brief Figured out the FP and their respective content ids for all the

@ -357,7 +357,7 @@ static int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file,
sig = DetectEngineAppendSig(de_ctx, line);
if (sig != NULL) {
if (rule_engine_analysis_set || fp_engine_analysis_set) {
sig->mpm_sm = RetrieveFPForSigV2(sig);
sig->mpm_sm = RetrieveFPForSig(sig);
if (fp_engine_analysis_set) {
EngineAnalysisFP(sig, line);
}

Loading…
Cancel
Save