detect/asn1: Log out errors

- Failure to parse asn1-max-frames - Failure on asn1 detection checks
5 years ago · 627e90a4bd
parent 88601b1993
commit 627e90a4bd
3 changed files with 31 additions and 12 deletions
--- a/rust/src/asn1/mod.rs
+++ b/rust/src/asn1/mod.rs
@ -15,6 +15,7 @@
 * 02110-1301, USA.
 */

+use crate::log::*;
 use der_parser::ber::{parse_ber_recursive, BerObject, BerObjectContent, BerTag};
 use der_parser::error::BerError;
 use std::convert::TryFrom;
@ -28,9 +29,7 @@ pub struct Asn1(Vec<BerObject<'static>>);

 /// Errors possible during decoding of Asn1
 #[derive(Debug)]
-#[repr(u32)]
-pub enum Asn1DecodeError {
-    Success = 0,
+enum Asn1DecodeError {
    InvalidKeywordParameter,
    MaxFrames,
    InvalidStructure,
@ -59,12 +58,18 @@ enum Asn1Check {

 /// Errors possible during Asn1 checks
 #[derive(Debug)]
-#[repr(u32)]
-pub enum Asn1CheckError {
-    Success = 0,
+enum Asn1CheckError {
    MaxDepth,
 }

+impl std::fmt::Display for Asn1CheckError {
+    fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
+        match self {
+            Asn1CheckError::MaxDepth => write!(f, "MaxDepth"),
+        }
+    }
+}
+
 impl Asn1 {
    /// Checks each BerObject contained in self with the provided detection
    /// data, returns the first successful match if one occurs
@ -296,11 +301,14 @@ pub unsafe extern "C" fn rs_asn1_checks(
    let asn1 = &*ptr;
    let ad = &*ad_ptr;

-    if let Ok(Some(_)) = asn1.check(ad) {
-        return 1;
+    match asn1.check(ad) {
+        Ok(Some(_check)) => 1,
+        Ok(None) => 0,
+        Err(e) => {
+            SCLogError!("error during asn1 checks: {}", e.to_string());
+            0
+        }
    }
-
-    0
 }

 impl From<std::num::TryFromIntError> for Asn1DecodeError {
--- a/rust/src/asn1/parse_rules.rs
+++ b/rust/src/asn1/parse_rules.rs
@ -55,13 +55,17 @@ pub unsafe extern "C" fn rs_detect_asn1_parse(input: *const c_char) -> *mut Dete
                if let Ok(v) = max_frames.parse::<u16>() {
                    data.max_frames = v;
                } else {
-                    SCLogDebug!("Could not parse asn1-max-frames: {}", max_frames);
+                    SCLogError!("Could not parse asn1-max-frames: {}", max_frames);
+                    return std::ptr::null_mut();
                };
            }

            Box::into_raw(Box::new(data))
        }
-        Err(_) => std::ptr::null_mut(),
+        Err(e) => {
+            SCLogError!("Malformed asn1 argument: {}", e.to_string());
+            std::ptr::null_mut()
+        }
    }
 }

--- a/rust/src/log.rs
+++ b/rust/src/log.rs
@ -113,6 +113,13 @@ macro_rules!SCLogConfig {
    }
 }

+#[macro_export]
+macro_rules!SCLogError {
+    ($($arg:tt)*) => {
+        do_log!(Level::Error, file!(), line!(), function!(), 0, $($arg)*);
+    }
+}
+
 // Debug mode: call C SCLogDebug
 #[cfg(feature = "debug")]
 #[macro_export]