aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

pcre: print filename and line number for JIT warning.

Browse Source
remotes/origin/HEAD
Victor Julien 14 years ago
parent 4689783342
commit cae46ab5eb
3 changed files with 61 additions and 12 deletions
Show Stats Download Patch File Download Diff File

66
src/detect-pcre.c
Unescape Escape View File

@ -727,7 +727,7 @@ int DetectPcreMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p,
SCReturnInt(r); SCReturnInt(r);
} }
DetectPcreData *DetectPcreParse (char *regexstr) DetectPcreData *DetectPcreParse (DetectEngineCtx *de_ctx, char *regexstr)
{ {
int ec; int ec;
const char *eb; const char *eb;
@ -946,7 +946,12 @@ DetectPcreData *DetectPcreParse (char *regexstr)
int jit = 0; int jit = 0;
ret = pcre_fullinfo(pd->re, pd->sd, PCRE_INFO_JIT, &jit); ret = pcre_fullinfo(pd->re, pd->sd, PCRE_INFO_JIT, &jit);
if (ret != 0 || jit != 1) { if (ret != 0 || jit != 1) {
SCLogWarning(SC_ERR_PCRE_STUDY, "PCRE JIT compiler does not support: %s", regexstr); /* warning, so we won't print the sig after this. Adding
* file and line to the message so the admin can figure
* out what sig this is about */
SCLogWarning(SC_ERR_PCRE_STUDY, "PCRE JIT compiler does not support: %s. "
"Falling back to regular PCRE handling (%s:%d)",
regexstr, de_ctx->rule_file, de_ctx->rule_line);
} }
#else #else
pd->sd = pcre_study(pd->re, 0, &eb); pd->sd = pcre_study(pd->re, 0, &eb);
@ -1067,7 +1072,7 @@ static int DetectPcreSetup (DetectEngineCtx *de_ctx, Signature *s, char *regexst
SigMatch *sm = NULL; SigMatch *sm = NULL;
SigMatch *prev_sm = NULL; SigMatch *prev_sm = NULL;
pd = DetectPcreParse(regexstr); pd = DetectPcreParse(de_ctx, regexstr);
if (pd == NULL) if (pd == NULL)
goto error; goto error;
@ -1329,13 +1334,18 @@ static int DetectPcreParseTest01 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/blah/7"; char *teststring = "/blah/7";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd != NULL) { if (pd != NULL) {
printf("expected NULL: got %p", pd); printf("expected NULL: got %p", pd);
result = 0; result = 0;
DetectPcreFree(pd); DetectPcreFree(pd);
} }
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1346,13 +1356,17 @@ static int DetectPcreParseTest02 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/blah/Ui$"; char *teststring = "/blah/Ui$";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd != NULL) { if (pd != NULL) {
printf("expected NULL: got %p", pd); printf("expected NULL: got %p", pd);
result = 0; result = 0;
DetectPcreFree(pd); DetectPcreFree(pd);
} }
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1363,13 +1377,17 @@ static int DetectPcreParseTest03 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/blah/UZi"; char *teststring = "/blah/UZi";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd != NULL) { if (pd != NULL) {
printf("expected NULL: got %p", pd); printf("expected NULL: got %p", pd);
result = 0; result = 0;
DetectPcreFree(pd); DetectPcreFree(pd);
} }
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1380,14 +1398,18 @@ static int DetectPcreParseTest04 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/b\\\"lah/i"; char *teststring = "/b\\\"lah/i";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd == NULL) { if (pd == NULL) {
printf("expected %p: got NULL", pd); printf("expected %p: got NULL", pd);
result = 0; result = 0;
} }
DetectPcreFree(pd); DetectPcreFree(pd);
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1398,14 +1420,18 @@ static int DetectPcreParseTest05 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/b(l|a)h/"; char *teststring = "/b(l|a)h/";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd == NULL) { if (pd == NULL) {
printf("expected %p: got NULL", pd); printf("expected %p: got NULL", pd);
result = 0; result = 0;
} }
DetectPcreFree(pd); DetectPcreFree(pd);
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1416,14 +1442,18 @@ static int DetectPcreParseTest06 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/b(l|a)h/smi"; char *teststring = "/b(l|a)h/smi";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd == NULL) { if (pd == NULL) {
printf("expected %p: got NULL", pd); printf("expected %p: got NULL", pd);
result = 0; result = 0;
} }
DetectPcreFree(pd); DetectPcreFree(pd);
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1434,14 +1464,18 @@ static int DetectPcreParseTest07 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/blah/Ui"; char *teststring = "/blah/Ui";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd == NULL) { if (pd == NULL) {
printf("expected %p: got NULL", pd); printf("expected %p: got NULL", pd);
result = 0; result = 0;
} }
DetectPcreFree(pd); DetectPcreFree(pd);
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1452,14 +1486,18 @@ static int DetectPcreParseTest08 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/b(l|a)h/O"; char *teststring = "/b(l|a)h/O";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd == NULL) { if (pd == NULL) {
printf("expected %p: got NULL", pd); printf("expected %p: got NULL", pd);
result = 0; result = 0;
} }
DetectPcreFree(pd); DetectPcreFree(pd);
DetectEngineCtxFree(de_ctx);
return result; return result;
} }
@ -1471,14 +1509,18 @@ static int DetectPcreParseTest09 (void) {
int result = 1; int result = 1;
DetectPcreData *pd = NULL; DetectPcreData *pd = NULL;
char *teststring = "/lala\\\\/"; char *teststring = "/lala\\\\/";
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL)
return 0;
pd = DetectPcreParse(teststring); pd = DetectPcreParse(de_ctx, teststring);
if (pd == NULL) { if (pd == NULL) {
printf("expected %p: got NULL", pd); printf("expected %p: got NULL", pd);
result = 0; result = 0;
} }
DetectPcreFree(pd); DetectPcreFree(pd);
DetectEngineCtxFree(de_ctx);
return result; return result;
} }

3
src/detect.c
Unescape Escape View File

@ -513,6 +513,9 @@ int DetectLoadSigFile(DetectEngineCtx *de_ctx, char *sig_file, int *sigs_tot) {
/* Reset offset. */ /* Reset offset. */
offset = 0; offset = 0;
de_ctx->rule_file = sig_file;
de_ctx->rule_line = lineno - multiline;
sig = DetectEngineAppendSig(de_ctx, line); sig = DetectEngineAppendSig(de_ctx, line);
(*sigs_tot)++; (*sigs_tot)++;
if (sig != NULL) { if (sig != NULL) {

4
src/detect.h
Unescape Escape View File

@ -649,6 +649,10 @@ typedef struct DetectEngineCtx_ {
/** sgh for signatures that match against invalid packets. In those cases /** sgh for signatures that match against invalid packets. In those cases
* we can't lookup by proto, address, port as we don't have these */ * we can't lookup by proto, address, port as we don't have these */
struct SigGroupHead_ *decoder_event_sgh; struct SigGroupHead_ *decoder_event_sgh;
/** Store rule file and line so that parsers can use them in errors. */
char *rule_file;
int rule_line;
} DetectEngineCtx; } DetectEngineCtx;
/* Engine groups profiles (low, medium, high, custom) */ /* Engine groups profiles (low, medium, high, custom) */

Write Preview
Loading…
Cancel
Save