aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rust: bindgen SCDetectHelperBufferRegister

Browse Source 
Ticket: 7667
pull/13230/head
Philippe Antoine 4 months ago committed by Victor Julien
parent 0d82e905bc
commit a7448a0c16
12 changed files with 87 additions and 83 deletions
Show Stats Download Patch File Download Diff File

3
rust/src/detect/mod.rs
Unescape Escape View File

@ -170,9 +170,6 @@ extern "C" {
) -> c_int;
pub fn DetectHelperKeywordRegister(kw: *const SCSigTableAppLiteElmt) -> c_int;
pub fn DetectHelperKeywordAliasRegister(kwid: c_int, alias: *const c_char);
pub fn DetectHelperBufferRegister(
name: *const libc::c_char, alproto: AppProto, dir: u8,
) -> c_int;
pub fn DetectSignatureSetAppProto(s: *mut Signature, alproto: AppProto) -> c_int;
pub fn SigMatchAppendSMToList(
de: *mut DetectEngineCtx, s: *mut Signature, kwid: c_int, ctx: *const c_void, bufid: c_int,

12
rust/src/dhcp/detect.rs
Unescape Escape View File

@ -23,11 +23,11 @@ use super::parser::DHCPOptionWrapper;
use crate::core::{STREAM_TOCLIENT, STREAM_TOSERVER};
use crate::detect::uint::{DetectUintData, SCDetectU64Free, SCDetectU64Match, SCDetectU64Parse};
use crate::detect::{
DetectHelperBufferRegister, DetectHelperKeywordRegister, DetectSignatureSetAppProto,
SCSigTableAppLiteElmt, SigMatchAppendSMToList,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList,
};
use suricata_sys::sys::{DetectEngineCtx, Signature};
use std::os::raw::{c_int, c_void};
use suricata_sys::sys::{DetectEngineCtx, SCDetectHelperBufferRegister, Signature};
fn dhcp_tx_get_time(tx: &DHCPTransaction, code: u8) -> Option<u64> {
for option in &tx.message.options {
@ -176,7 +176,7 @@ pub unsafe extern "C" fn SCDetectDHCPRegister() {
flags: 0,
};
G_DHCP_LEASE_TIME_KW_ID = DetectHelperKeywordRegister(&kw);
G_DHCP_LEASE_TIME_BUFFER_ID = DetectHelperBufferRegister(
G_DHCP_LEASE_TIME_BUFFER_ID = SCDetectHelperBufferRegister(
b"dhcp.leasetime\0".as_ptr() as *const libc::c_char,
ALPROTO_DHCP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -191,7 +191,7 @@ pub unsafe extern "C" fn SCDetectDHCPRegister() {
flags: 0,
};
G_DHCP_REBINDING_TIME_KW_ID = DetectHelperKeywordRegister(&kw);
G_DHCP_REBINDING_TIME_BUFFER_ID = DetectHelperBufferRegister(
G_DHCP_REBINDING_TIME_BUFFER_ID = SCDetectHelperBufferRegister(
b"dhcp.rebinding-time\0".as_ptr() as *const libc::c_char,
ALPROTO_DHCP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -206,7 +206,7 @@ pub unsafe extern "C" fn SCDetectDHCPRegister() {
flags: 0,
};
G_DHCP_RENEWAL_TIME_KW_ID = DetectHelperKeywordRegister(&kw);
G_DHCP_RENEWAL_TIME_BUFFER_ID = DetectHelperBufferRegister(
G_DHCP_RENEWAL_TIME_BUFFER_ID = SCDetectHelperBufferRegister(
b"dhcp.renewal-time\0".as_ptr() as *const libc::c_char,
ALPROTO_DHCP,
STREAM_TOSERVER | STREAM_TOCLIENT,

14
rust/src/dns/detect.rs
Unescape Escape View File

@ -22,16 +22,16 @@ use crate::detect::uint::{
SCDetectU8Parse,
};
use crate::detect::{
helper_keyword_register_sticky_buffer, DetectHelperBufferRegister,
DetectHelperKeywordAliasRegister, DetectHelperKeywordRegister, DetectSignatureSetAppProto,
SCSigTableAppLiteElmt, SigMatchAppendSMToList, SigTableElmtStickyBuffer,
helper_keyword_register_sticky_buffer, DetectHelperKeywordAliasRegister,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use crate::direction::Direction;
use std::ffi::CStr;
use std::os::raw::{c_int, c_void};
use suricata_sys::sys::{
DetectEngineCtx, DetectEngineThreadCtx, SCDetectBufferSetActiveList,
SCDetectHelperMultiBufferProgressMpmRegister, Signature,
SCDetectHelperBufferRegister, SCDetectHelperMultiBufferProgressMpmRegister, Signature,
};
/// Perform the DNS opcode match.
@ -352,7 +352,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() {
flags: 0,
};
G_DNS_OPCODE_KW_ID = DetectHelperKeywordRegister(&kw);
G_DNS_OPCODE_BUFFER_ID = DetectHelperBufferRegister(
G_DNS_OPCODE_BUFFER_ID = SCDetectHelperBufferRegister(
b"dns.opcode\0".as_ptr() as *const libc::c_char,
ALPROTO_DNS,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -384,7 +384,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() {
flags: 0,
};
G_DNS_RCODE_KW_ID = DetectHelperKeywordRegister(&kw);
G_DNS_RCODE_BUFFER_ID = DetectHelperBufferRegister(
G_DNS_RCODE_BUFFER_ID = SCDetectHelperBufferRegister(
b"dns.rcode\0".as_ptr() as *const libc::c_char,
ALPROTO_DNS,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -399,7 +399,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() {
flags: 0,
};
G_DNS_RRTYPE_KW_ID = DetectHelperKeywordRegister(&kw);
G_DNS_RRTYPE_BUFFER_ID = DetectHelperBufferRegister(
G_DNS_RRTYPE_BUFFER_ID = SCDetectHelperBufferRegister(
b"dns.rrtype\0".as_ptr() as *const libc::c_char,
ALPROTO_DNS,
STREAM_TOSERVER | STREAM_TOCLIENT,

45
rust/src/enip/detect.rs
Unescape Escape View File

@ -36,12 +36,13 @@ use crate::detect::uint::{
SCDetectU8Match, SCDetectU8Parse,
};
use crate::detect::{
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
SigTableElmtStickyBuffer,
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use suricata_sys::sys::{
DetectEngineCtx, SCDetectBufferSetActiveList, SCDetectHelperBufferRegister, Signature,
};
use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use crate::direction::Direction;
@ -1345,7 +1346,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_CIPSERVICE_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_CIPSERVICE_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_CIPSERVICE_BUFFER_ID = SCDetectHelperBufferRegister(
b"cip\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1360,7 +1361,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_CAPABILITIES_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_CAPABILITIES_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_CAPABILITIES_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.capabilities\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1375,7 +1376,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_CIP_ATTRIBUTE_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_CIP_ATTRIBUTE_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_CIP_ATTRIBUTE_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.cip_attribute\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1390,7 +1391,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_CIP_CLASS_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_CIP_CLASS_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_CIP_CLASS_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.cip_class\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1405,7 +1406,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_VENDOR_ID_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_VENDOR_ID_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_VENDOR_ID_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.vendor_id\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1420,7 +1421,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_STATUS_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_STATUS_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_STATUS_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.status\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1435,7 +1436,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_STATE_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_STATE_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_STATE_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.state\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1450,7 +1451,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_SERIAL_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_SERIAL_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_SERIAL_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.serial\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1465,7 +1466,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_REVISION_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_REVISION_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_REVISION_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.revision\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1480,7 +1481,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_PROTOCOL_VERSION_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_PROTOCOL_VERSION_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_PROTOCOL_VERSION_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.protocol_version\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1495,7 +1496,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_PRODUCT_CODE_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_PRODUCT_CODE_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_PRODUCT_CODE_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.product_code\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1510,7 +1511,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_COMMAND_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_COMMAND_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_COMMAND_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.command\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1525,7 +1526,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_IDENTITY_STATUS_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_IDENTITY_STATUS_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_IDENTITY_STATUS_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.identity_status\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1540,7 +1541,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_DEVICE_TYPE_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_DEVICE_TYPE_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_DEVICE_TYPE_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.device_type\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1555,7 +1556,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_CIP_STATUS_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_CIP_STATUS_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_CIP_STATUS_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.cip_status\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1570,7 +1571,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_CIP_INSTANCE_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_CIP_INSTANCE_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_CIP_INSTANCE_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.cip_instance\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1586,7 +1587,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() {
flags: 0,
};
G_ENIP_CIP_EXTENDEDSTATUS_KW_ID = DetectHelperKeywordRegister(&kw);
G_ENIP_CIP_EXTENDEDSTATUS_BUFFER_ID = DetectHelperBufferRegister(
G_ENIP_CIP_EXTENDEDSTATUS_BUFFER_ID = SCDetectHelperBufferRegister(
b"enip.cip_extendedstatus\0".as_ptr() as *const libc::c_char,
ALPROTO_ENIP,
STREAM_TOSERVER | STREAM_TOCLIENT,

17
rust/src/ldap/detect.rs
Unescape Escape View File

@ -22,15 +22,14 @@ use crate::detect::uint::{
SCDetectU8Free,
};
use crate::detect::{
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
SigTableElmtStickyBuffer,
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use crate::ldap::types::{LdapMessage, LdapResultCode, ProtocolOp, ProtocolOpCode};
use suricata_sys::sys::{
DetectEngineCtx, DetectEngineThreadCtx, SCDetectBufferSetActiveList,
SCDetectHelperMultiBufferMpmRegister, Signature,
SCDetectHelperBufferRegister, SCDetectHelperMultiBufferMpmRegister, Signature,
};
use std::collections::VecDeque;
@ -646,7 +645,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() {
flags: 0,
};
G_LDAP_REQUEST_OPERATION_KW_ID = DetectHelperKeywordRegister(&kw);
G_LDAP_REQUEST_OPERATION_BUFFER_ID = DetectHelperBufferRegister(
G_LDAP_REQUEST_OPERATION_BUFFER_ID = SCDetectHelperBufferRegister(
b"ldap.request.operation\0".as_ptr() as *const libc::c_char,
ALPROTO_LDAP,
STREAM_TOSERVER,
@ -662,7 +661,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() {
flags: 0,
};
G_LDAP_RESPONSES_OPERATION_KW_ID = DetectHelperKeywordRegister(&kw);
G_LDAP_RESPONSES_OPERATION_BUFFER_ID = DetectHelperBufferRegister(
G_LDAP_RESPONSES_OPERATION_BUFFER_ID = SCDetectHelperBufferRegister(
b"ldap.responses.operation\0".as_ptr() as *const libc::c_char,
ALPROTO_LDAP,
STREAM_TOCLIENT,
@ -677,7 +676,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() {
flags: 0,
};
G_LDAP_RESPONSES_COUNT_KW_ID = DetectHelperKeywordRegister(&kw);
G_LDAP_RESPONSES_COUNT_BUFFER_ID = DetectHelperBufferRegister(
G_LDAP_RESPONSES_COUNT_BUFFER_ID = SCDetectHelperBufferRegister(
b"ldap.responses.count\0".as_ptr() as *const libc::c_char,
ALPROTO_LDAP,
STREAM_TOCLIENT,
@ -721,7 +720,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() {
flags: 0,
};
G_LDAP_RESPONSES_RESULT_CODE_KW_ID = DetectHelperKeywordRegister(&kw);
G_LDAP_RESPONSES_RESULT_CODE_BUFFER_ID = DetectHelperBufferRegister(
G_LDAP_RESPONSES_RESULT_CODE_BUFFER_ID = SCDetectHelperBufferRegister(
b"ldap.responses.result_code\0".as_ptr() as *const libc::c_char,
ALPROTO_LDAP,
STREAM_TOCLIENT,

23
rust/src/mqtt/detect.rs
Unescape Escape View File

@ -23,14 +23,13 @@ use crate::detect::uint::{
SCDetectU8Free, SCDetectU8Parse,
};
use crate::detect::{
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
SigTableElmtStickyBuffer,
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use suricata_sys::sys::{
DetectEngineCtx, DetectEngineThreadCtx, SCDetectBufferSetActiveList,
SCDetectHelperMultiBufferMpmRegister, Signature,
SCDetectHelperBufferRegister, SCDetectHelperMultiBufferMpmRegister, Signature,
};
use nom7::branch::alt;
@ -1108,7 +1107,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() {
flags: 0,
};
G_MQTT_TYPE_KW_ID = DetectHelperKeywordRegister(&kw);
G_MQTT_TYPE_BUFFER_ID = DetectHelperBufferRegister(
G_MQTT_TYPE_BUFFER_ID = SCDetectHelperBufferRegister(
b"mqtt.type\0".as_ptr() as *const libc::c_char,
ALPROTO_MQTT,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1148,7 +1147,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() {
flags: 0,
};
G_MQTT_REASON_CODE_KW_ID = DetectHelperKeywordRegister(&kw);
G_MQTT_REASON_CODE_BUFFER_ID = DetectHelperBufferRegister(
G_MQTT_REASON_CODE_BUFFER_ID = SCDetectHelperBufferRegister(
b"mqtt.reason_code\0".as_ptr() as *const libc::c_char,
ALPROTO_MQTT,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -1164,7 +1163,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() {
flags: 0,
};
G_MQTT_CONNACK_SESSIONPRESENT_KW_ID = DetectHelperKeywordRegister(&kw);
G_MQTT_CONNACK_SESSIONPRESENT_BUFFER_ID = DetectHelperBufferRegister(
G_MQTT_CONNACK_SESSIONPRESENT_BUFFER_ID = SCDetectHelperBufferRegister(
b"mqtt.connack.session_present\0".as_ptr() as *const libc::c_char,
ALPROTO_MQTT,
STREAM_TOCLIENT,
@ -1180,7 +1179,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() {
flags: 0,
};
G_MQTT_QOS_KW_ID = DetectHelperKeywordRegister(&kw);
G_MQTT_QOS_BUFFER_ID = DetectHelperBufferRegister(
G_MQTT_QOS_BUFFER_ID = SCDetectHelperBufferRegister(
b"mqtt.qos\0".as_ptr() as *const libc::c_char,
ALPROTO_MQTT,
STREAM_TOSERVER,
@ -1223,7 +1222,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() {
flags: 0,
};
G_MQTT_PROTOCOL_VERSION_KW_ID = DetectHelperKeywordRegister(&kw);
G_MQTT_PROTOCOL_VERSION_BUFFER_ID = DetectHelperBufferRegister(
G_MQTT_PROTOCOL_VERSION_BUFFER_ID = SCDetectHelperBufferRegister(
b"mqtt.protocol_version\0".as_ptr() as *const libc::c_char,
ALPROTO_MQTT,
STREAM_TOSERVER,
@ -1238,7 +1237,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() {
flags: 0,
};
G_MQTT_FLAGS_KW_ID = DetectHelperKeywordRegister(&kw);
G_MQTT_FLAGS_BUFFER_ID = DetectHelperBufferRegister(
G_MQTT_FLAGS_BUFFER_ID = SCDetectHelperBufferRegister(
b"mqtt.flags\0".as_ptr() as *const libc::c_char,
ALPROTO_MQTT,
STREAM_TOSERVER,
@ -1253,7 +1252,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() {
flags: 0,
};
G_MQTT_CONN_FLAGS_KW_ID = DetectHelperKeywordRegister(&kw);
G_MQTT_CONN_FLAGS_BUFFER_ID = DetectHelperBufferRegister(
G_MQTT_CONN_FLAGS_BUFFER_ID = SCDetectHelperBufferRegister(
b"mqtt.connect.flags\0".as_ptr() as *const libc::c_char,
ALPROTO_MQTT,
STREAM_TOSERVER,

15
rust/src/rfb/detect.rs
Unescape Escape View File

@ -24,15 +24,16 @@ use crate::detect::uint::{
detect_match_uint, detect_parse_uint_enum, DetectUintData, SCDetectU32Free, SCDetectU32Parse,
};
use crate::detect::{
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
SigTableElmtStickyBuffer,
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use std::ffi::CStr;
use std::os::raw::{c_int, c_void};
use std::ptr;
use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use suricata_sys::sys::{
DetectEngineCtx, SCDetectBufferSetActiveList, SCDetectHelperBufferRegister, Signature,
};
unsafe extern "C" fn rfb_name_get_data(
tx: *const c_void, _flags: u8, buffer: *mut *const u8, buffer_len: *mut u32,
@ -214,7 +215,7 @@ pub unsafe extern "C" fn SCDetectRfbRegister() {
flags: 0,
};
G_RFB_SEC_TYPE_KW_ID = DetectHelperKeywordRegister(&kw);
G_RFB_SEC_TYPE_BUFFER_ID = DetectHelperBufferRegister(
G_RFB_SEC_TYPE_BUFFER_ID = SCDetectHelperBufferRegister(
b"rfb.sectype\0".as_ptr() as *const libc::c_char,
ALPROTO_RFB,
STREAM_TOSERVER,
@ -229,7 +230,7 @@ pub unsafe extern "C" fn SCDetectRfbRegister() {
flags: 0,
};
G_RFB_SEC_RESULT_KW_ID = DetectHelperKeywordRegister(&kw);
G_RFB_SEC_RESULT_BUFFER_ID = DetectHelperBufferRegister(
G_RFB_SEC_RESULT_BUFFER_ID = SCDetectHelperBufferRegister(
b"rfb.secresult\0".as_ptr() as *const libc::c_char,
ALPROTO_RFB,
STREAM_TOCLIENT,

15
rust/src/snmp/detect.rs
Unescape Escape View File

@ -21,13 +21,14 @@ use super::snmp::{SNMPTransaction, ALPROTO_SNMP};
use crate::core::{STREAM_TOCLIENT, STREAM_TOSERVER};
use crate::detect::uint::{DetectUintData, SCDetectU32Free, SCDetectU32Match, SCDetectU32Parse};
use crate::detect::{
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
SigTableElmtStickyBuffer,
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use std::os::raw::{c_int, c_void};
use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use suricata_sys::sys::{
DetectEngineCtx, SCDetectBufferSetActiveList, SCDetectHelperBufferRegister, Signature,
};
static mut G_SNMP_VERSION_KW_ID: c_int = 0;
static mut G_SNMP_VERSION_BUFFER_ID: c_int = 0;
@ -195,7 +196,7 @@ pub(super) unsafe extern "C" fn detect_snmp_register() {
flags: 0,
};
G_SNMP_VERSION_KW_ID = DetectHelperKeywordRegister(&kw);
G_SNMP_VERSION_BUFFER_ID = DetectHelperBufferRegister(
G_SNMP_VERSION_BUFFER_ID = SCDetectHelperBufferRegister(
b"snmp.version\0".as_ptr() as *const libc::c_char,
ALPROTO_SNMP,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -211,7 +212,7 @@ pub(super) unsafe extern "C" fn detect_snmp_register() {
flags: 0,
};
G_SNMP_PDUTYPE_KW_ID = DetectHelperKeywordRegister(&kw);
G_SNMP_PDUTYPE_BUFFER_ID = DetectHelperBufferRegister(
G_SNMP_PDUTYPE_BUFFER_ID = SCDetectHelperBufferRegister(
b"snmp.pdu_type\0".as_ptr() as *const libc::c_char,
ALPROTO_SNMP,
STREAM_TOSERVER | STREAM_TOCLIENT,

17
rust/src/websocket/detect.rs
Unescape Escape View File

@ -22,13 +22,14 @@ use crate::detect::uint::{
SCDetectU32Match, SCDetectU32Parse, SCDetectU8Free, SCDetectU8Match,
};
use crate::detect::{
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
SigTableElmtStickyBuffer,
helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use crate::websocket::parser::WebSocketOpcode;
use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use suricata_sys::sys::{
DetectEngineCtx, SCDetectBufferSetActiveList, SCDetectHelperBufferRegister, Signature,
};
use nom7::branch::alt;
use nom7::bytes::complete::{is_a, tag};
@ -291,7 +292,7 @@ pub unsafe extern "C" fn SCDetectWebsocketRegister() {
flags: 0,
};
G_WEBSOCKET_OPCODE_KW_ID = DetectHelperKeywordRegister(&kw);
G_WEBSOCKET_OPCODE_BUFFER_ID = DetectHelperBufferRegister(
G_WEBSOCKET_OPCODE_BUFFER_ID = SCDetectHelperBufferRegister(
b"websocket.opcode\0".as_ptr() as *const libc::c_char,
ALPROTO_WEBSOCKET,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -306,7 +307,7 @@ pub unsafe extern "C" fn SCDetectWebsocketRegister() {
flags: 0,
};
G_WEBSOCKET_MASK_KW_ID = DetectHelperKeywordRegister(&kw);
G_WEBSOCKET_MASK_BUFFER_ID = DetectHelperBufferRegister(
G_WEBSOCKET_MASK_BUFFER_ID = SCDetectHelperBufferRegister(
b"websocket.mask\0".as_ptr() as *const libc::c_char,
ALPROTO_WEBSOCKET,
STREAM_TOSERVER | STREAM_TOCLIENT,
@ -321,7 +322,7 @@ pub unsafe extern "C" fn SCDetectWebsocketRegister() {
flags: 0,
};
G_WEBSOCKET_FLAGS_KW_ID = DetectHelperKeywordRegister(&kw);
G_WEBSOCKET_FLAGS_BUFFER_ID = DetectHelperBufferRegister(
G_WEBSOCKET_FLAGS_BUFFER_ID = SCDetectHelperBufferRegister(
b"websocket.flags\0".as_ptr() as *const libc::c_char,
ALPROTO_WEBSOCKET,
STREAM_TOSERVER | STREAM_TOCLIENT,

5
rust/sys/src/sys.rs
Unescape Escape View File

@ -326,6 +326,11 @@ pub struct SCTransformTableElmt {
extern "C" {
pub fn SCDetectHelperNewKeywordId() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn SCDetectHelperBufferRegister(
name: *const ::std::os::raw::c_char, alproto: AppProto, direction: u8,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn SCDetectHelperMultiBufferMpmRegister(
name: *const ::std::os::raw::c_char, desc: *const ::std::os::raw::c_char,

2
src/detect-engine-helper.c
Unescape Escape View File

@ -31,7 +31,7 @@
#include "detect-engine-content-inspection.h"
#include "rust.h"
int DetectHelperBufferRegister(const char *name, AppProto alproto, uint8_t direction)
int SCDetectHelperBufferRegister(const char *name, AppProto alproto, uint8_t direction)
{
if (direction & STREAM_TOSERVER) {
DetectAppLayerInspectEngineRegister(

2
src/detect-engine-helper.h
Unescape Escape View File

@ -77,7 +77,7 @@ int SCDetectHelperNewKeywordId(void);
int DetectHelperKeywordRegister(const SCSigTableAppLiteElmt *kw);
void DetectHelperKeywordAliasRegister(int kwid, const char *alias);
int DetectHelperBufferRegister(const char *name, AppProto alproto, uint8_t direction);
int SCDetectHelperBufferRegister(const char *name, AppProto alproto, uint8_t direction);
typedef bool (*SimpleGetTxBuffer)(void *, uint8_t, const uint8_t **, uint32_t *);

Write Preview
Loading…
Cancel
Save