Convert classtype keyword to pcre_copy_substring

11 years ago · a7a77e32ca
parent 4dd605ae3b
commit a7a77e32ca
1 changed files with 8 additions and 11 deletions
--- a/src/detect-classtype.c
+++ b/src/detect-classtype.c
@ -86,11 +86,10 @@ void DetectClasstypeRegister(void)
 *
 * \param Pointer to the string to be parsed.
 *
- * \retval ct_name Pointer to the parsed string on Success; NULL on failure.
+ * \retval bool success or failure.
 */
-static inline const char *DetectClasstypeParseRawString(char *rawstr)
+static int DetectClasstypeParseRawString(char *rawstr, char *out, size_t outsize)
 {
-    const char *ct_name = NULL;
 #define MAX_SUBSTRINGS 30
    int ret = 0;
    int ov[MAX_SUBSTRINGS];
@ -110,14 +109,15 @@ static inline const char *DetectClasstypeParseRawString(char *rawstr)
        goto end;
    }

-    ret = pcre_get_substring((char *)rawstr, ov, 30, 1, &ct_name);
+    ret = pcre_copy_substring((char *)rawstr, ov, 30, 1, out, outsize);
    if (ret < 0) {
-        SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed");
+        SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_copy_substring failed");
        goto end;
    }

+    return 0;
 end:
-    return ct_name;
+    return -1;
 }

 /**
@ -133,10 +133,10 @@ static inline const char *DetectClasstypeParseRawString(char *rawstr)
 */
 static int DetectClasstypeSetup(DetectEngineCtx *de_ctx, Signature *s, char *rawstr)
 {
-    const char *parsed_ct_name = NULL;
+    char parsed_ct_name[1024] = "";
    SCClassConfClasstype *ct = NULL;

-    if ( (parsed_ct_name = DetectClasstypeParseRawString(rawstr)) == NULL) {
+    if (DetectClasstypeParseRawString(rawstr, parsed_ct_name, sizeof(parsed_ct_name)) < -1) {
        SCLogError(SC_ERR_PCRE_PARSE, "Error parsing classtype argument supplied with the "
                   "classtype keyword");
        goto error;
@ -160,12 +160,9 @@ static int DetectClasstypeSetup(DetectEngineCtx *de_ctx, Signature *s, char *raw
    if (s->prio == -1)
        s->prio = ct->priority;

-    pcre_free_substring(parsed_ct_name);
    return 0;

 error:
-    if (parsed_ct_name != NULL)
-        pcre_free_substring(parsed_ct_name);
    return -1;
 }