aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor error message cleanups

Browse Source
remotes/origin/master
Victor Julien 14 years ago
parent fa22a26366
commit da3c5bf84d
11 changed files with 59 additions and 61 deletions
Show Stats Download Patch File Download Diff File

10
src/detect-depth.c
Unescape Escape View File

@ -124,26 +124,26 @@ static int DetectDepthSetup (DetectEngineCtx *de_ctx, Signature *s, char *depths
if (cd->flags & DETECT_CONTENT_NEGATED) {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"negated keyword set along with a fast_pattern");
goto error;
}
} else {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"keyword set along with a fast_pattern:only;");
goto error;
}
}
if (cd->flags & DETECT_CONTENT_WITHIN || cd->flags & DETECT_CONTENT_DISTANCE) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use a relative keyword "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a relative keyword "
"with a non-relative keyword for the same content." );
goto error;
}
if (cd->flags & DETECT_CONTENT_DEPTH) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use multiple depths for the same content.");
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple depths for the same content.");
goto error;
}
@ -152,7 +152,7 @@ static int DetectDepthSetup (DetectEngineCtx *de_ctx, Signature *s, char *depths
DetectByteExtractRetrieveSMVar(str, s,
SigMatchListSMBelongsTo(s, pm));
if (bed_sm == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown byte_extract var "
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown byte_extract var "
"seen in depth - %s\n", str);
goto error;
}

24
src/detect-distance.c
Unescape Escape View File

@ -198,26 +198,26 @@ static int DetectDistanceSetup (DetectEngineCtx *de_ctx, Signature *s,
if (cd->flags & DETECT_CONTENT_NEGATED) {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"negated keyword set along with a fast_pattern");
goto error;
}
} else {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"keyword set along with a fast_pattern:only;");
goto error;
}
}
if (cd->flags & DETECT_CONTENT_DEPTH || cd->flags & DETECT_CONTENT_OFFSET) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use a relative keyword "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a relative keyword "
"with a non-relative keyword for the same content." );
goto error;
}
if (cd->flags & DETECT_CONTENT_DISTANCE) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use multiple distances with the same content. ");
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple distances with the same content. ");
goto error;
}
@ -226,7 +226,7 @@ static int DetectDistanceSetup (DetectEngineCtx *de_ctx, Signature *s,
DetectByteExtractRetrieveSMVar(str, s,
SigMatchListSMBelongsTo(s, pm));
if (bed_sm == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown byte_extract var "
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown byte_extract var "
"seen in distance - %s\n", str);
goto error;
}
@ -259,16 +259,16 @@ static int DetectDistanceSetup (DetectEngineCtx *de_ctx, Signature *s,
/* Set the relative next flag on the prev sigmatch */
cd = (DetectContentData *)pm->ctx;
if (cd == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown previous-"
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown previous-"
"previous keyword!");
goto error;
}
cd->flags |= DETECT_CONTENT_RELATIVE_NEXT;
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Previous keyword "
"has a fast_pattern:only; set. You can't "
"have relative keywords around a fast_pattern "
SCLogError(SC_ERR_INVALID_SIGNATURE, "previous keyword "
"has a fast_pattern:only; set. Can't have "
"relative keywords around a fast_pattern "
"only content");
goto error;
}
@ -278,7 +278,7 @@ static int DetectDistanceSetup (DetectEngineCtx *de_ctx, Signature *s,
case DETECT_PCRE:
pe = (DetectPcreData *) pm->ctx;
if (pe == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown previous-"
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown previous-"
"previous keyword!");
goto error;
}
@ -287,14 +287,14 @@ static int DetectDistanceSetup (DetectEngineCtx *de_ctx, Signature *s,
break;
case DETECT_BYTEJUMP:
SCLogDebug("No setting relative_next for bytejump. We "
SCLogDebug("no setting relative_next for bytejump. We "
"have no use for it");
break;
default:
/* this will never hit */
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown previous-"
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown previous-"
"previous keyword!");
break;
}

5
src/detect-engine.c
Unescape Escape View File

@ -238,9 +238,8 @@ static uint8_t DetectEngineCtxLoadConf(DetectEngineCtx *de_ctx) {
} else if (strcmp(sgh_mpm_context, "full") == 0) {
de_ctx->sgh_mpm_context = ENGINE_SGH_MPM_FACTORY_CONTEXT_FULL;
} else {
SCLogWarning(SC_ERR_INVALID_YAML_CONF_ENTRY, "You have supplied an "
"invalid conf value for detect-engine.sgh-mpm-context-"
"%s", sgh_mpm_context);
SCLogWarning(SC_ERR_INVALID_YAML_CONF_ENTRY, "invalid conf value "
"for detect-engine.sgh-mpm-context -- %s", sgh_mpm_context);
}
}

5
src/detect-fast-pattern.c
Unescape Escape View File

@ -264,13 +264,14 @@ static int DetectFastPatternSetup(DetectEngineCtx *de_ctx, Signature *s, char *a
/* we can't have any of these if we are having "only" */
SCLogError(SC_ERR_INVALID_SIGNATURE, "fast_pattern; cannot be "
"used with negated content, along with relative modifiers.");
"used with negated content, along with relative modifiers");
goto error;
}
if (arg == NULL|| strcmp(arg, "") == 0) {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use multiple fast_pattern options for the same content. ");
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple fast_pattern "
"options for the same content");
goto error;
}
cd->flags |= DETECT_CONTENT_FAST_PATTERN;

16
src/detect-ipproto.c
Unescape Escape View File

@ -240,7 +240,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
switch (data->op) {
case DETECT_IPPROTO_OP_EQ:
if (eq_set || gt_set || lt_set || not_set) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a eq "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a eq "
"ipproto without any operators attached to "
"them in the same sig");
goto error;
@ -250,7 +250,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
case DETECT_IPPROTO_OP_GT:
if (eq_set || gt_set) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a eq or gt "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a eq or gt "
"ipproto along with a greater than ipproto in the "
"same sig ");
goto error;
@ -271,7 +271,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
if (temp_sm != NULL) {
DetectIPProtoData *data_temp = temp_sm->ctx;
if (data_temp->proto <= data->proto) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a have "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have "
"both gt and lt ipprotos, with the lt being "
"lower than gt value");
goto error;
@ -317,7 +317,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
/* Updated by AS. Please do not remove this unused code.
* Need it as we redo this code once we solve ipproto
* multiple uses */
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a have "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have "
"both gt and lt ipprotos, with the lt being "
"lower than gt value");
goto error;
@ -369,7 +369,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
case DETECT_IPPROTO_OP_LT:
if (eq_set || lt_set) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a eq or lt "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a eq or lt "
"ipproto along with a less than ipproto in the "
"same sig ");
goto error;
@ -393,7 +393,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
/* Updated by AS. Please do not remove this unused code.
* Need it as we redo this code once we solve ipproto
* multiple uses */
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a have "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a have "
"both gt and lt ipprotos, with the lt being "
"lower than gt value");
goto error;
@ -437,7 +437,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
/* Updated by AS. Please do not remove this unused code.
* Need it as we redo this code once we solve ipproto
* multiple uses */
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a have "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have "
"both gt and lt ipprotos, with the lt being "
"lower than gt value");
goto error;
@ -489,7 +489,7 @@ static int DetectIPProtoSetup(DetectEngineCtx *de_ctx, Signature *s, char *optst
case DETECT_IPPROTO_OP_NOT:
if (eq_set) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "We can't use a eq "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a eq "
"ipproto along with a not ipproto in the "
"same sig ");
goto error;

2
src/detect-nocase.c
Unescape Escape View File

@ -104,7 +104,7 @@ static int DetectNocaseSetup (DetectEngineCtx *de_ctx, Signature *s, char *nulls
SCReturnInt(-1);
}
if (cd->flags & DETECT_CONTENT_NOCASE) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use multiple nocase modifiers with the same content; ignoring this option. ");
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple nocase modifiers with the same content");
SCReturnInt(-1);
}
cd->flags |= DETECT_CONTENT_NOCASE;

12
src/detect-offset.c
Unescape Escape View File

@ -123,26 +123,26 @@ int DetectOffsetSetup (DetectEngineCtx *de_ctx, Signature *s, char *offsetstr)
if (cd->flags & DETECT_CONTENT_NEGATED) {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"negated keyword set along with a fast_pattern");
goto error;
}
} else {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"keyword set along with a fast_pattern:only;");
goto error;
}
}
if (cd->flags & DETECT_CONTENT_WITHIN || cd->flags & DETECT_CONTENT_DISTANCE) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use a relative keyword "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a relative keyword "
"with a non-relative keyword for the same content." );
goto error;
}
if (cd->flags & DETECT_CONTENT_OFFSET) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use multiple offsets for the same content. ");
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple offsets for the same content. ");
goto error;
}
@ -151,7 +151,7 @@ int DetectOffsetSetup (DetectEngineCtx *de_ctx, Signature *s, char *offsetstr)
DetectByteExtractRetrieveSMVar(str, s,
SigMatchListSMBelongsTo(s, pm));
if (bed_sm == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown byte_extract var "
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown byte_extract var "
"seen in offset - %s\n", str);
goto error;
}
@ -176,7 +176,7 @@ int DetectOffsetSetup (DetectEngineCtx *de_ctx, Signature *s, char *offsetstr)
default:
SCLogError(SC_ERR_OFFSET_MISSING_CONTENT, "offset needs a preceeding"
" content or uricontent option");
" content keyword");
goto error;
}

3
src/detect-parse.c
Unescape Escape View File

@ -217,7 +217,8 @@ SigMatch *SigMatchGetLastSMFromLists(Signature *s, int args, ...)
"(non zero as well) to this function, since we need a "
"SigMatch list for every SigMatch type(send a map of sm_type "
"and sm_list) sent");
return NULL;
/* as this is a bug we should abort to ease debugging */
BUG_ON(1);
}
SigMatch *sm_list[args / 2];

2
src/detect-rawbytes.c
Unescape Escape View File

@ -76,7 +76,7 @@ static int DetectRawbytesSetup (DetectEngineCtx *de_ctx, Signature *s, char *nul
{
DetectContentData *cd = (DetectContentData *)pm->ctx;
if (cd->flags & DETECT_CONTENT_RAWBYTES) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use multiple rawbytes modifiers for the same content. ");
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use multiple rawbytes modifiers for the same content. ");
SCReturnInt(-1);
}
cd->flags |= DETECT_CONTENT_RAWBYTES;

4
src/detect-replace.c
Unescape Escape View File

@ -116,12 +116,12 @@ int DetectReplaceSetup(DetectEngineCtx *de_ctx, Signature *s, char *replacestr)
return -1;
}
if (ud->flags & DETECT_CONTENT_NEGATED) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"negated keyword set along with a replacement");
goto error;
}
if (ud->content_len != len) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a content "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a content "
"length different from replace length");
goto error;
}

37
src/detect-within.c
Unescape Escape View File

@ -108,8 +108,8 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
pm1 = SigMatchGetLastSMFromLists(s, 2, DETECT_CONTENT, s->sm_lists_tail[DETECT_SM_LIST_PMATCH]);
if (dm == NULL && pm1 == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid signature. within "
"needs a preceding content keyword");
SCLogError(SC_ERR_INVALID_SIGNATURE, "\"within\" requires a "
"preceding content keyword");
goto error;
}
@ -176,7 +176,7 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
DETECT_CONTENT, s->sm_lists_tail[DETECT_SM_LIST_HSCDMATCH],
DETECT_CONTENT, s->sm_lists_tail[DETECT_SM_LIST_HRUDMATCH]);
if (pm == NULL) {
SCLogError(SC_ERR_WITHIN_MISSING_CONTENT, "within needs"
SCLogError(SC_ERR_WITHIN_MISSING_CONTENT, "\"within\" requires "
"preceeding content, uricontent, http_client_body, "
"http_server_body, http_header, http_raw_header, "
"http_method, http_cookie, http_raw_uri, "
@ -194,27 +194,27 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
case DETECT_CONTENT:
cd = (DetectContentData *)pm->ctx;
if (cd == NULL) {
SCLogError(SC_ERR_RULE_KEYWORD_UNKNOWN, "Unknown previous keyword!\n");
SCLogError(SC_ERR_INVALID_SIGNATURE, "content error");
goto error;
}
if (cd->flags & DETECT_CONTENT_NEGATED) {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"negated keyword set along with a fast_pattern");
goto error;
}
} else {
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't have a relative "
"keyword set along with a fast_pattern:only;");
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't have a relative "
"keyword set along with a fast_pattern:only");
goto error;
}
}
if (cd->flags & DETECT_CONTENT_DEPTH || cd->flags & DETECT_CONTENT_OFFSET) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "You can't use a relative keyword "
"with a non-relative keyword for the same content." );
SCLogError(SC_ERR_INVALID_SIGNATURE, "can't use a relative keyword "
"with a non-relative keyword for the same content" );
goto error;
}
@ -223,7 +223,7 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
DetectByteExtractRetrieveSMVar(str, s,
SigMatchListSMBelongsTo(s, pm));
if (bed_sm == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown byte_extract var "
SCLogError(SC_ERR_INVALID_SIGNATURE, "unknown byte_extract var "
"seen in within - %s\n", str);
goto error;
}
@ -249,7 +249,7 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
if (pm == NULL) {
if (s->alproto == ALPROTO_DCERPC) {
SCLogDebug("content relative without a previous content based "
"keyword. Holds good only in the case of DCERPC "
"keyword. Holds good only in the case of DCERPC "
"alproto like now.");
} else {
//SCLogError(SC_ERR_INVALID_SIGNATURE, "No related "
@ -263,15 +263,14 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
/* Set the relative next flag on the prev sigmatch */
cd = (DetectContentData *)pm->ctx;
if (cd == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown previous-"
"previous keyword!");
SCLogError(SC_ERR_INVALID_SIGNATURE, "content error");
goto error;
}
cd->flags |= DETECT_CONTENT_RELATIVE_NEXT;
if (cd->flags & DETECT_CONTENT_FAST_PATTERN_ONLY) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Previous keyword "
"has a fast_pattern:only; set. You can't "
SCLogError(SC_ERR_INVALID_SIGNATURE, "previous keyword "
"has a fast_pattern:only; set. Can't "
"have relative keywords around a fast_pattern "
"only content");
goto error;
@ -282,8 +281,7 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
case DETECT_PCRE:
pe = (DetectPcreData *) pm->ctx;
if (pe == NULL) {
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown previous-"
"previous keyword!");
SCLogError(SC_ERR_INVALID_SIGNATURE, "pcre error");
goto error;
}
pe->flags |= DETECT_PCRE_RELATIVE_NEXT;
@ -291,15 +289,14 @@ static int DetectWithinSetup (DetectEngineCtx *de_ctx, Signature *s, char *withi
break;
case DETECT_BYTEJUMP:
SCLogDebug("No setting relative_next for bytejump. We "
SCLogDebug("no setting relative_next for bytejump. We "
"have no use for it");
break;
default:
/* this will never hit */
SCLogError(SC_ERR_INVALID_SIGNATURE, "Unknown previous-"
"previous keyword!");
SCLogError(SC_ERR_INVALID_SIGNATURE, "unsupported type %d", pm->type);
break;
}
}

Write Preview
Loading…
Cancel
Save