aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect: fix setup for some keywords

Browse Source 
Fix problems found by siginit.cocci.
pull/2242/head
Eric Leblond 9 years ago committed by Victor Julien
parent 4324805478
commit ed90a16e89
8 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File

4
src/detect-dce-iface.c
Unescape Escape View File

@ -336,13 +336,13 @@ static int DetectDceIfaceSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
sm->type = DETECT_DCE_IFACE; sm->type = DETECT_DCE_IFACE;
sm->ctx = (void *)did; sm->ctx = (void *)did;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_DCERPC) { if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_DCERPC) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
s->alproto = ALPROTO_DCERPC; s->alproto = ALPROTO_DCERPC;
/* Flagged the signature as to inspect the app layer data */ /* Flagged the signature as to inspect the app layer data */
s->flags |= SIG_FLAG_APPLAYER; s->flags |= SIG_FLAG_APPLAYER;

4
src/detect-dce-opnum.c
Unescape Escape View File

@ -306,13 +306,13 @@ static int DetectDceOpnumSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
sm->type = DETECT_DCE_OPNUM; sm->type = DETECT_DCE_OPNUM;
sm->ctx = (void *)dod; sm->ctx = (void *)dod;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_DCERPC) { if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_DCERPC) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
s->alproto = ALPROTO_DCERPC; s->alproto = ALPROTO_DCERPC;
/* Flagged the signature as to inspect the app layer data */ /* Flagged the signature as to inspect the app layer data */
s->flags |= SIG_FLAG_APPLAYER; s->flags |= SIG_FLAG_APPLAYER;

4
src/detect-fileext.c
Unescape Escape View File

@ -209,13 +209,13 @@ static int DetectFileextSetup (DetectEngineCtx *de_ctx, Signature *s, char *str)
sm->type = DETECT_FILEEXT; sm->type = DETECT_FILEEXT;
sm->ctx = (void *)fileext; sm->ctx = (void *)fileext;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) { if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto == ALPROTO_HTTP) { if (s->alproto == ALPROTO_HTTP) {
AppLayerHtpNeedFileInspection(); AppLayerHtpNeedFileInspection();
} }

4
src/detect-filemd5.c
Unescape Escape View File

@ -322,13 +322,13 @@ static int DetectFileMd5Setup (DetectEngineCtx *de_ctx, Signature *s, char *str)
sm->type = DETECT_FILEMD5; sm->type = DETECT_FILEMD5;
sm->ctx = (void *)filemd5; sm->ctx = (void *)filemd5;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) { if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto == ALPROTO_HTTP) { if (s->alproto == ALPROTO_HTTP) {
AppLayerHtpNeedFileInspection(); AppLayerHtpNeedFileInspection();
} }

4
src/detect-filename.c
Unescape Escape View File

@ -213,13 +213,13 @@ static int DetectFilenameSetup (DetectEngineCtx *de_ctx, Signature *s, char *str
sm->type = DETECT_FILENAME; sm->type = DETECT_FILENAME;
sm->ctx = (void *)filename; sm->ctx = (void *)filename;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) { if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto == ALPROTO_HTTP) { if (s->alproto == ALPROTO_HTTP) {
AppLayerHtpNeedFileInspection(); AppLayerHtpNeedFileInspection();
} }

4
src/detect-filesize.c
Unescape Escape View File

@ -287,13 +287,13 @@ static int DetectFilesizeSetup (DetectEngineCtx *de_ctx, Signature *s, char *str
sm->type = DETECT_FILESIZE; sm->type = DETECT_FILESIZE;
sm->ctx = (SigMatchCtx *)fsd; sm->ctx = (SigMatchCtx *)fsd;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) { if (s->alproto != ALPROTO_HTTP && s->alproto != ALPROTO_SMTP) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_FILEMATCH);
if (s->alproto == ALPROTO_HTTP) { if (s->alproto == ALPROTO_HTTP) {
AppLayerHtpNeedFileInspection(); AppLayerHtpNeedFileInspection();
} }

4
src/detect-ssl-version.c
Unescape Escape View File

@ -292,13 +292,13 @@ static int DetectSslVersionSetup (DetectEngineCtx *de_ctx, Signature *s, char *s
sm->type = DETECT_AL_SSL_VERSION; sm->type = DETECT_AL_SSL_VERSION;
sm->ctx = (void *)ssl; sm->ctx = (void *)ssl;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) { if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
s->alproto = ALPROTO_TLS; s->alproto = ALPROTO_TLS;
return 0; return 0;

4
src/detect-tls-version.c
Unescape Escape View File

@ -228,13 +228,13 @@ static int DetectTlsVersionSetup (DetectEngineCtx *de_ctx, Signature *s, char *s
sm->type = DETECT_AL_TLS_VERSION; sm->type = DETECT_AL_TLS_VERSION;
sm->ctx = (void *)tls; sm->ctx = (void *)tls;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) { if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords."); SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
goto error; goto error;
} }
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
s->alproto = ALPROTO_TLS; s->alproto = ALPROTO_TLS;
return 0; return 0;

Write Preview
Loading…
Cancel
Save