diff --git a/src/detect-luajit.c b/src/detect-luajit.c index 47b8f4b85a..f17792eaf5 100644 --- a/src/detect-luajit.c +++ b/src/detect-luajit.c @@ -113,17 +113,80 @@ static int DetectLuajitMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, { SCEnter(); int ret = 0; - //DetectLuajitData *luajit = (DetectLuajitData *)m->ctx; + DetectLuajitData *luajit = (DetectLuajitData *)m->ctx; + if (luajit == NULL) + SCReturnInt(0); + + DetectLuajitThreadData *tluajit = (DetectLuajitThreadData *)DetectThreadCtxGetKeywordThreadCtx(det_ctx, luajit->thread_ctx_id); + if (tluajit == NULL) + SCReturnInt(0); + + lua_getglobal(tluajit->luastate, "match"); + lua_newtable(tluajit->luastate); /* stack at -1 */ + + if (p->payload_len) { + lua_pushliteral(tluajit->luastate, "payload"); /* stack at -2 */ + lua_pushlstring (tluajit->luastate, (const char *)p->payload, (size_t)p->payload_len); /* stack at -3 */ + lua_settable(tluajit->luastate, -3); + } + if (GET_PKT_LEN(p)) { + lua_pushliteral(tluajit->luastate, "packet"); /* stack at -2 */ + lua_pushlstring (tluajit->luastate, (const char *)GET_PKT_DATA(p), (size_t)GET_PKT_LEN(p)); /* stack at -3 */ + lua_settable(tluajit->luastate, -3); + } + + int retval = lua_pcall(tluajit->luastate, 1, 1, 0); + if (retval != 0) { + SCLogInfo("failed to run script: %s", lua_tostring(tluajit->luastate, -1)); + } - /** \todo */ + double script_ret = lua_tonumber(tluajit->luastate, 1); + SCLogDebug("script_ret %f", script_ret); + lua_pop(tluajit->luastate, 1); + + if (script_ret == 1.0) + ret = 1; SCReturnInt(ret); } +static void *DetectLuajitThreadInit(void *data) { + DetectLuajitThreadData *t = SCMalloc(sizeof(DetectLuajitThreadData)); + if (t != NULL) { + memset(t, 0x00, sizeof(DetectLuajitThreadData)); + + t->luastate = luaL_newstate(); + BUG_ON(t->luastate == NULL); + luaL_openlibs(t->luastate); + + int status = luaL_loadfile(t->luastate, (char *)data); + if (status) { + fprintf(stderr, "Couldn't load file: %s\n", lua_tostring(t->luastate, -1)); + BUG_ON(1); + } + + /* prime the script (or something) */ + if (lua_pcall(t->luastate, 0, 0, 0) != 0) { + fprintf(stderr, "Couldn't prime file: %s\n", lua_tostring(t->luastate, -1)); + BUG_ON(1); + } + } + + return (void *)t; +} + +static void DetectLuajitThreadFree(void *ctx) { + DetectLuajitThreadData *t = (DetectLuajitThreadData *)ctx; + + /** \todo lua state cleanup */ + + SCFree(t); +} + /** * \brief Parse the luajit keyword * - * \param idstr Pointer to the user provided option + * \param str Pointer to the user provided option * * \retval luajit pointer to DetectLuajitData on success * \retval NULL on failure @@ -145,13 +208,11 @@ static DetectLuajitData *DetectLuajitParse (char *str) } /* get full filename */ - char *filename = DetectLoadCompleteSigPath(str); - if (filename == NULL) { + luajit->filename = DetectLoadCompleteSigPath(str); + if (luajit->filename == NULL) { goto error; } - /** \todo open file, etc */ - return luajit; error: @@ -180,6 +241,12 @@ static int DetectLuajitSetup (DetectEngineCtx *de_ctx, Signature *s, char *str) if (luajit == NULL) goto error; + luajit->thread_ctx_id = DetectRegisterThreadCtxFuncs(de_ctx, "luajit", + DetectLuajitThreadInit, (void *)luajit->filename, + DetectLuajitThreadFree); + if (luajit->thread_ctx_id == -1) + goto error; + /* Okay so far so good, lets get this into a SigMatch * and put it in the Signature. */ sm = SigMatchAlloc(); @@ -189,7 +256,7 @@ static int DetectLuajitSetup (DetectEngineCtx *de_ctx, Signature *s, char *str) sm->type = DETECT_LUAJIT; sm->ctx = (void *)luajit; - SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_PMATCH); + SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_MATCH); return 0; diff --git a/src/detect-luajit.h b/src/detect-luajit.h index 51aaed268b..a2d91c2336 100644 --- a/src/detect-luajit.h +++ b/src/detect-luajit.h @@ -25,11 +25,19 @@ #define __DETECT_LUAJIT_H__ #ifdef HAVE_LUAJIT -#include + +#include +#include +#include + +typedef struct DetectLuajitThreadData { + lua_State *luastate; +} DetectLuajitThreadData; typedef struct DetectLuajitData { + int thread_ctx_id; int negated; - lua_State *luastate; + char *filename; } DetectLuajitData; #endif