aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rust: bindgen functions needed for datasets

Browse Source 
Ticket: 7762
pull/14332/head
Philippe Antoine 4 weeks ago committed by Victor Julien
parent 12892ba010
commit cba13ed9b1
9 changed files with 78 additions and 76 deletions
Show Stats Download Patch File Download Diff File

57
rust/src/detect/datasets.rs
Unescape Escape View File

@ -28,17 +28,6 @@ use std::net::{Ipv4Addr, Ipv6Addr};
use std::path::Path;
use std::str::FromStr;
/// Opaque Dataset type defined in C
#[derive(Copy, Clone)]
pub enum Dataset {}
// Simple C type converted to Rust
#[derive(Debug, PartialEq)]
#[repr(C)]
pub struct DataRepType {
pub value: u16,
}
#[derive(Debug)]
#[repr(C)]
pub enum DatasetType {
@ -49,18 +38,11 @@ pub enum DatasetType {
DSIpv6,
}
// Extern fns operating on the opaque Dataset type above
#[allow(unused_doc_comments)]
/// cbindgen:ignore
extern "C" {
pub fn DatasetAdd(set: &Dataset, data: *const u8, len: u32) -> i32;
pub fn DatasetAddwRep(set: &Dataset, data: *const u8, len: u32, rep: *const DataRepType)
-> i32;
}
use suricata_sys::sys::{Dataset, SCDatasetAdd, SCDatasetAddwRep};
#[no_mangle]
pub unsafe extern "C" fn ParseDatasets(
set: &Dataset, name: *const c_char, fname: *const c_char, fmode: *const c_char,
set: &mut Dataset, name: *const c_char, fname: *const c_char, fmode: *const c_char,
dstype: DatasetType,
) -> i32 {
let file_string = unwrap_or_return!(CStr::from_ptr(fname).to_str(), -2);
@ -136,7 +118,7 @@ pub unsafe extern "C" fn ParseDatasets(
}
unsafe fn process_string_set(
set: &Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
set: &mut Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
) -> i32 {
let mut decoded: Vec<u8> = vec![];
if base64::engine::general_purpose::STANDARD
@ -147,10 +129,9 @@ unsafe fn process_string_set(
return -1;
}
if no_rep {
DatasetAdd(set, decoded.as_ptr(), decoded.len() as u32);
SCDatasetAdd(set, decoded.as_ptr(), decoded.len() as u32);
} else if let Ok(val) = v[1].to_string().parse::<u16>() {
let rep: DataRepType = DataRepType { value: val };
DatasetAddwRep(set, decoded.as_ptr(), decoded.len() as u32, &rep);
SCDatasetAddwRep(set, decoded.as_ptr(), decoded.len() as u32, &val);
} else {
SCFatalErrorOnInit!(
"invalid datarep value {} in {}",
@ -163,7 +144,7 @@ unsafe fn process_string_set(
}
unsafe fn process_md5_set(
set: &Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
set: &mut Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
) -> i32 {
let md5_string = match hex::decode(v[0]) {
Ok(rs) => rs,
@ -171,10 +152,9 @@ unsafe fn process_md5_set(
};
if no_rep {
DatasetAdd(set, md5_string.as_ptr(), 16);
SCDatasetAdd(set, md5_string.as_ptr(), 16);
} else if let Ok(val) = v[1].to_string().parse::<u16>() {
let rep: DataRepType = DataRepType { value: val };
DatasetAddwRep(set, md5_string.as_ptr(), 16, &rep);
SCDatasetAddwRep(set, md5_string.as_ptr(), 16, &val);
} else {
SCFatalErrorOnInit!(
"invalid datarep value {} in {}",
@ -187,7 +167,7 @@ unsafe fn process_md5_set(
}
unsafe fn process_sha256_set(
set: &Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
set: &mut Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
) -> i32 {
let sha256_string = match hex::decode(v[0]) {
Ok(rs) => rs,
@ -195,10 +175,9 @@ unsafe fn process_sha256_set(
};
if no_rep {
DatasetAdd(set, sha256_string.as_ptr(), 32);
SCDatasetAdd(set, sha256_string.as_ptr(), 32);
} else if let Ok(val) = v[1].to_string().parse::<u16>() {
let rep: DataRepType = DataRepType { value: val };
DatasetAddwRep(set, sha256_string.as_ptr(), 32, &rep);
SCDatasetAddwRep(set, sha256_string.as_ptr(), 32, &val);
} else {
SCFatalErrorOnInit!(
"invalid datarep value {} in {}",
@ -211,7 +190,7 @@ unsafe fn process_sha256_set(
}
unsafe fn process_ipv4_set(
set: &Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
set: &mut Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
) -> i32 {
let ipv4 = match Ipv4Addr::from_str(v[0]) {
Ok(a) => a,
@ -221,10 +200,9 @@ unsafe fn process_ipv4_set(
}
};
if no_rep {
DatasetAdd(set, ipv4.octets().as_ptr(), 4);
SCDatasetAdd(set, ipv4.octets().as_ptr(), 4);
} else if let Ok(val) = v[1].to_string().parse::<u16>() {
let rep: DataRepType = DataRepType { value: val };
DatasetAddwRep(set, ipv4.octets().as_ptr(), 4, &rep);
SCDatasetAddwRep(set, ipv4.octets().as_ptr(), 4, &val);
} else {
SCFatalErrorOnInit!(
"invalid datarep value {} in {}",
@ -237,7 +215,7 @@ unsafe fn process_ipv4_set(
}
unsafe fn process_ipv6_set(
set: &Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
set: &mut Dataset, v: Vec<&str>, set_name: &str, filename: &Path, no_rep: bool,
) -> i32 {
let ipv6 = match Ipv6Addr::from_str(v[0]) {
Ok(a) => a,
@ -272,10 +250,9 @@ unsafe fn process_ipv6_set(
.into();
}
if no_rep {
DatasetAdd(set, fin_ipv6.octets().as_ptr(), 16);
SCDatasetAdd(set, fin_ipv6.octets().as_ptr(), 16);
} else if let Ok(val) = v[1].to_string().parse::<u16>() {
let rep: DataRepType = DataRepType { value: val };
DatasetAddwRep(set, fin_ipv6.octets().as_ptr(), 16, &rep);
SCDatasetAddwRep(set, fin_ipv6.octets().as_ptr(), 16, &val);
} else {
SCFatalErrorOnInit!(
"invalid datarep value {} in {}",

15
rust/sys/src/sys.rs
Unescape Escape View File

@ -1037,3 +1037,18 @@ extern "C" {
extern "C" {
pub fn SCRequiresFeature(arg1: *const ::std::os::raw::c_char) -> bool;
}
pub type DataRepType = u16;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct Dataset {
_unused: [u8; 0],
}
extern "C" {
pub fn SCDatasetAdd(set: *mut Dataset, data: *const u8, data_len: u32)
-> ::std::os::raw::c_int;
}
extern "C" {
pub fn SCDatasetAddwRep(
set: *mut Dataset, data: *const u8, data_len: u32, rep: *const DataRepType,
) -> ::std::os::raw::c_int;
}

1
src/bindgen.h
Unescape Escape View File

@ -65,5 +65,6 @@
#include "reputation.h"
#include "feature.h"
#include "datasets.h"
#endif

57
src/datasets.c
Unescape Escape View File

@ -895,7 +895,7 @@ static int DatasetLookupString(Dataset *set, const uint8_t *data, const uint32_t
if (set == NULL)
return -1;
StringType lookup = { .ptr = (uint8_t *)data, .len = data_len, .rep.value = 0 };
StringType lookup = { .ptr = (uint8_t *)data, .len = data_len, .rep = 0 };
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
DatasetUnlockData(rdata);
@ -907,7 +907,7 @@ static int DatasetLookupString(Dataset *set, const uint8_t *data, const uint32_t
static DataRepResultType DatasetLookupStringwRep(Dataset *set,
const uint8_t *data, const uint32_t data_len, const DataRepType *rep)
{
DataRepResultType rrep = { .found = false, .rep = { .value = 0 }};
DataRepResultType rrep = { .found = false, .rep = 0 };
if (set == NULL)
return rrep;
@ -932,7 +932,7 @@ static int DatasetLookupIPv4(Dataset *set, const uint8_t *data, const uint32_t d
if (data_len != 4)
return -1;
IPv4Type lookup = { .rep.value = 0 };
IPv4Type lookup = { .rep = 0 };
memcpy(lookup.ipv4, data, 4);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -945,7 +945,7 @@ static int DatasetLookupIPv4(Dataset *set, const uint8_t *data, const uint32_t d
static DataRepResultType DatasetLookupIPv4wRep(
Dataset *set, const uint8_t *data, const uint32_t data_len, const DataRepType *rep)
{
DataRepResultType rrep = { .found = false, .rep = { .value = 0 } };
DataRepResultType rrep = { .found = false, .rep = 0 };
if (set == NULL)
return rrep;
@ -953,7 +953,7 @@ static DataRepResultType DatasetLookupIPv4wRep(
if (data_len != 4)
return rrep;
IPv4Type lookup = { .rep.value = 0 };
IPv4Type lookup = { .rep = 0 };
memcpy(lookup.ipv4, data, data_len);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -974,7 +974,7 @@ static int DatasetLookupIPv6(Dataset *set, const uint8_t *data, const uint32_t d
if (data_len != 16 && data_len != 4)
return -1;
IPv6Type lookup = { .rep.value = 0 };
IPv6Type lookup = { .rep = 0 };
memcpy(lookup.ipv6, data, data_len);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -987,7 +987,7 @@ static int DatasetLookupIPv6(Dataset *set, const uint8_t *data, const uint32_t d
static DataRepResultType DatasetLookupIPv6wRep(
Dataset *set, const uint8_t *data, const uint32_t data_len, const DataRepType *rep)
{
DataRepResultType rrep = { .found = false, .rep = { .value = 0 } };
DataRepResultType rrep = { .found = false, .rep = 0 };
if (set == NULL)
return rrep;
@ -995,7 +995,7 @@ static DataRepResultType DatasetLookupIPv6wRep(
if (data_len != 16 && data_len != 4)
return rrep;
IPv6Type lookup = { .rep.value = 0 };
IPv6Type lookup = { .rep = 0 };
memcpy(lookup.ipv6, data, data_len);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -1016,7 +1016,7 @@ static int DatasetLookupMd5(Dataset *set, const uint8_t *data, const uint32_t da
if (data_len != 16)
return -1;
Md5Type lookup = { .rep.value = 0 };
Md5Type lookup = { .rep = 0 };
memcpy(lookup.md5, data, data_len);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -1029,7 +1029,7 @@ static int DatasetLookupMd5(Dataset *set, const uint8_t *data, const uint32_t da
static DataRepResultType DatasetLookupMd5wRep(Dataset *set,
const uint8_t *data, const uint32_t data_len, const DataRepType *rep)
{
DataRepResultType rrep = { .found = false, .rep = { .value = 0 }};
DataRepResultType rrep = { .found = false, .rep = 0 };
if (set == NULL)
return rrep;
@ -1037,7 +1037,7 @@ static DataRepResultType DatasetLookupMd5wRep(Dataset *set,
if (data_len != 16)
return rrep;
Md5Type lookup = { .rep.value = 0};
Md5Type lookup = { .rep = 0 };
memcpy(lookup.md5, data, data_len);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -1058,7 +1058,7 @@ static int DatasetLookupSha256(Dataset *set, const uint8_t *data, const uint32_t
if (data_len != 32)
return -1;
Sha256Type lookup = { .rep.value = 0 };
Sha256Type lookup = { .rep = 0 };
memcpy(lookup.sha256, data, data_len);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -1071,7 +1071,7 @@ static int DatasetLookupSha256(Dataset *set, const uint8_t *data, const uint32_t
static DataRepResultType DatasetLookupSha256wRep(Dataset *set,
const uint8_t *data, const uint32_t data_len, const DataRepType *rep)
{
DataRepResultType rrep = { .found = false, .rep = { .value = 0 }};
DataRepResultType rrep = { .found = false, .rep = 0 };
if (set == NULL)
return rrep;
@ -1079,7 +1079,7 @@ static DataRepResultType DatasetLookupSha256wRep(Dataset *set,
if (data_len != 32)
return rrep;
Sha256Type lookup = { .rep.value = 0 };
Sha256Type lookup = { .rep = 0 };
memcpy(lookup.sha256, data, data_len);
THashData *rdata = THashLookupFromHash(set->hash, &lookup);
if (rdata) {
@ -1124,7 +1124,7 @@ int DatasetLookup(Dataset *set, const uint8_t *data, const uint32_t data_len)
DataRepResultType DatasetLookupwRep(Dataset *set, const uint8_t *data, const uint32_t data_len,
const DataRepType *rep)
{
DataRepResultType rrep = { .found = false, .rep = { .value = 0 }};
DataRepResultType rrep = { .found = false, .rep = 0 };
if (set == NULL)
return rrep;
@ -1153,8 +1153,7 @@ static int DatasetAddString(Dataset *set, const uint8_t *data, const uint32_t da
if (set == NULL)
return -1;
StringType lookup = { .ptr = (uint8_t *)data, .len = data_len,
.rep.value = 0 };
StringType lookup = { .ptr = (uint8_t *)data, .len = data_len, .rep = 0 };
struct THashDataGetResult res = THashGetFromHash(set->hash, &lookup);
if (res.data) {
DatasetUnlockData(res.data);
@ -1194,7 +1193,7 @@ static int DatasetAddIPv4(Dataset *set, const uint8_t *data, const uint32_t data
return -2;
}
IPv4Type lookup = { .rep.value = 0 };
IPv4Type lookup = { .rep = 0 };
memcpy(lookup.ipv4, data, 4);
struct THashDataGetResult res = THashGetFromHash(set->hash, &lookup);
if (res.data) {
@ -1214,7 +1213,7 @@ static int DatasetAddIPv6(Dataset *set, const uint8_t *data, const uint32_t data
return -2;
}
IPv6Type lookup = { .rep.value = 0 };
IPv6Type lookup = { .rep = 0 };
memcpy(lookup.ipv6, data, data_len);
struct THashDataGetResult res = THashGetFromHash(set->hash, &lookup);
if (res.data) {
@ -1270,7 +1269,7 @@ static int DatasetAddMd5(Dataset *set, const uint8_t *data, const uint32_t data_
if (data_len != 16)
return -2;
Md5Type lookup = { .rep.value = 0 };
Md5Type lookup = { .rep = 0 };
memcpy(lookup.md5, data, 16);
struct THashDataGetResult res = THashGetFromHash(set->hash, &lookup);
if (res.data) {
@ -1326,7 +1325,7 @@ static int DatasetAddSha256(Dataset *set, const uint8_t *data, const uint32_t da
if (data_len != 32)
return -2;
Sha256Type lookup = { .rep.value = 0 };
Sha256Type lookup = { .rep = 0 };
memcpy(lookup.sha256, data, 32);
struct THashDataGetResult res = THashGetFromHash(set->hash, &lookup);
if (res.data) {
@ -1336,7 +1335,7 @@ static int DatasetAddSha256(Dataset *set, const uint8_t *data, const uint32_t da
return -1;
}
int DatasetAdd(Dataset *set, const uint8_t *data, const uint32_t data_len)
int SCDatasetAdd(Dataset *set, const uint8_t *data, const uint32_t data_len)
{
if (set == NULL)
return -1;
@ -1356,7 +1355,8 @@ int DatasetAdd(Dataset *set, const uint8_t *data, const uint32_t data_len)
return -1;
}
int DatasetAddwRep(Dataset *set, const uint8_t *data, const uint32_t data_len, DataRepType *rep)
int SCDatasetAddwRep(
Dataset *set, const uint8_t *data, const uint32_t data_len, const DataRepType *rep)
{
if (set == NULL)
return -1;
@ -1471,8 +1471,7 @@ static int DatasetRemoveString(Dataset *set, const uint8_t *data, const uint32_t
if (set == NULL)
return -1;
StringType lookup = { .ptr = (uint8_t *)data, .len = data_len,
.rep.value = 0 };
StringType lookup = { .ptr = (uint8_t *)data, .len = data_len, .rep = 0 };
return THashRemoveFromHash(set->hash, &lookup);
}
@ -1484,7 +1483,7 @@ static int DatasetRemoveIPv4(Dataset *set, const uint8_t *data, const uint32_t d
if (data_len != 4)
return -2;
IPv4Type lookup = { .rep.value = 0 };
IPv4Type lookup = { .rep = 0 };
memcpy(lookup.ipv4, data, 4);
return THashRemoveFromHash(set->hash, &lookup);
}
@ -1497,7 +1496,7 @@ static int DatasetRemoveIPv6(Dataset *set, const uint8_t *data, const uint32_t d
if (data_len != 16)
return -2;
IPv6Type lookup = { .rep.value = 0 };
IPv6Type lookup = { .rep = 0 };
memcpy(lookup.ipv6, data, 16);
return THashRemoveFromHash(set->hash, &lookup);
}
@ -1510,7 +1509,7 @@ static int DatasetRemoveMd5(Dataset *set, const uint8_t *data, const uint32_t da
if (data_len != 16)
return -2;
Md5Type lookup = { .rep.value = 0 };
Md5Type lookup = { .rep = 0 };
memcpy(lookup.md5, data, 16);
return THashRemoveFromHash(set->hash, &lookup);
}
@ -1523,7 +1522,7 @@ static int DatasetRemoveSha256(Dataset *set, const uint8_t *data, const uint32_t
if (data_len != 32)
return -2;
Sha256Type lookup = { .rep.value = 0 };
Sha256Type lookup = { .rep = 0 };
memcpy(lookup.sha256, data, 32);
return THashRemoveFromHash(set->hash, &lookup);
}

11
src/datasets.h
Unescape Escape View File

@ -18,6 +18,14 @@
#ifndef SURICATA_DATASETS_H
#define SURICATA_DATASETS_H
// forward declaration to make things opaque to bindgen
typedef uint16_t DataRepType;
typedef struct Dataset Dataset;
int SCDatasetAdd(Dataset *set, const uint8_t *data, const uint32_t data_len);
int SCDatasetAddwRep(
Dataset *set, const uint8_t *data, const uint32_t data_len, const DataRepType *rep);
#ifndef SURICATA_BINDGEN_H
#include "util-thash.h"
#include "rust.h"
#include "datasets-reputation.h"
@ -70,7 +78,6 @@ Dataset *DatasetGet(const char *name, enum DatasetTypes type, const char *save,
uint64_t memcap, uint32_t hashsize);
int DatasetGetOrCreate(const char *name, enum DatasetTypes type, const char *save, const char *load,
uint64_t *memcap, uint32_t *hashsize, Dataset **ret_set);
int DatasetAdd(Dataset *set, const uint8_t *data, const uint32_t data_len);
int DatasetRemove(Dataset *set, const uint8_t *data, const uint32_t data_len);
int DatasetLookup(Dataset *set, const uint8_t *data, const uint32_t data_len);
DataRepResultType DatasetLookupwRep(Dataset *set, const uint8_t *data, const uint32_t data_len,
@ -83,4 +90,6 @@ int DatasetAddSerialized(Dataset *set, const char *string);
int DatasetRemoveSerialized(Dataset *set, const char *string);
int DatasetLookupSerialized(Dataset *set, const char *string);
#endif // SURICATA_BINDGEN_H
#endif /* SURICATA_DATASETS_H */

8
src/detect-datarep.c
Unescape Escape View File

@ -79,15 +79,15 @@ int DetectDatarepBufferMatch(DetectEngineThreadCtx *det_ctx,
switch (sd->op) {
case DATAREP_OP_GT:
if (r.rep.value > sd->rep.value)
if (r.rep > sd->rep)
return 1;
break;
case DATAREP_OP_LT:
if (r.rep.value < sd->rep.value)
if (r.rep < sd->rep)
return 1;
break;
case DATAREP_OP_EQ:
if (r.rep.value == sd->rep.value)
if (r.rep == sd->rep)
return 1;
break;
}
@ -344,7 +344,7 @@ static int DetectDatarepSetup (DetectEngineCtx *de_ctx, Signature *s, const char
cd->set = set;
cd->op = op;
cd->rep.value = value;
cd->rep = value;
SCLogDebug("cmd %s, name %s",
cmd_str, strlen(name) ? name : "(none)");

2
src/detect-dataset.c
Unescape Escape View File

@ -147,7 +147,7 @@ int DetectDatasetBufferMatch(DetectEngineThreadCtx *det_ctx,
}
case DETECT_DATASET_CMD_SET: {
//PrintRawDataFp(stdout, data, data_len);
int r = DatasetAdd(sd->set, data, data_len);
int r = SCDatasetAdd(sd->set, data, data_len);
if (r == 1)
return 1;
break;

1
src/rust.h
Unescape Escape View File

@ -20,6 +20,7 @@
// Forward declarations needed by rust-bindings.h
typedef struct HttpRangeContainerBlock HttpRangeContainerBlock;
typedef struct Dataset Dataset;
typedef struct DetectEngineState_ DetectEngineState;

2
src/util-lua-dataset.c
Unescape Escape View File

@ -90,7 +90,7 @@ static int LuaDatasetAdd(lua_State *luastate)
uint32_t str_len = lua_tonumber(luastate, 3);
int r = DatasetAdd(s->set, (const uint8_t *)str, str_len);
int r = SCDatasetAdd(s->set, (const uint8_t *)str, str_len);
/* return value through luastate, as a luanumber */
lua_pushnumber(luastate, (lua_Number)r);
SCLogDebug("add:end");

Write Preview
Loading…
Cancel
Save