mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
124 lines
3.2 KiB
C
124 lines
3.2 KiB
C
/* Copyright (C) 2007-2022 Open Information Security Foundation
|
|
*
|
|
* You can copy, redistribute or modify this Program under the terms of
|
|
* the GNU General Public License version 2 as published by the Free
|
|
* Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* version 2 along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
* 02110-1301, USA.
|
|
*/
|
|
|
|
/**
|
|
* \file
|
|
*
|
|
* \author Victor Julien <victor@inliniac.net>
|
|
*
|
|
* Functions to expose to the lua scripts.
|
|
*/
|
|
|
|
#include "suricata-common.h"
|
|
|
|
#include "decode.h"
|
|
#include "detect.h"
|
|
|
|
#include "flow.h"
|
|
|
|
#include "util-debug.h"
|
|
|
|
#include "detect-lua.h"
|
|
|
|
#include "app-layer-parser.h"
|
|
|
|
#include "util-lua.h"
|
|
#include "util-lua-common.h"
|
|
#include "util-lua-smtp.h"
|
|
#include "util-lua-dnp3.h"
|
|
#include "detect-lua-extensions.h"
|
|
|
|
/* Lua registry key for DetectLuaData. */
|
|
const char luaext_key_ld[] = "suricata:luadata";
|
|
|
|
static int GetLuaData(lua_State *luastate, DetectLuaData **ret_ld)
|
|
{
|
|
*ret_ld = NULL;
|
|
|
|
DetectLuaData *ld;
|
|
lua_pushlightuserdata(luastate, (void *)&luaext_key_ld);
|
|
lua_gettable(luastate, LUA_REGISTRYINDEX);
|
|
ld = lua_touserdata(luastate, -1);
|
|
if (ld == NULL) {
|
|
LUA_ERROR("internal error: no ld");
|
|
}
|
|
*ret_ld = ld;
|
|
return 0;
|
|
}
|
|
|
|
static int LuaGetByteVar(lua_State *luastate)
|
|
{
|
|
DetectLuaData *ld = NULL;
|
|
DetectEngineThreadCtx *det_ctx = LuaStateGetDetCtx(luastate);
|
|
|
|
if (det_ctx == NULL)
|
|
return LuaCallbackError(luastate, "internal error: no ldet_ctx");
|
|
|
|
int ret = GetLuaData(luastate, &ld);
|
|
if (ret != 0)
|
|
return ret;
|
|
|
|
if (!lua_isnumber(luastate, 1)) {
|
|
LUA_ERROR("bytevar id not a number");
|
|
}
|
|
int id = lua_tonumber(luastate, 1);
|
|
if (id < 0 || id >= DETECT_LUA_MAX_BYTEVARS) {
|
|
LUA_ERROR("bytevar id out of range");
|
|
}
|
|
uint32_t idx = ld->bytevar[id];
|
|
|
|
lua_pushinteger(luastate, det_ctx->byte_values[idx]);
|
|
|
|
return 1;
|
|
}
|
|
|
|
void LuaExtensionsMatchSetup(lua_State *lua_state, DetectLuaData *ld,
|
|
DetectEngineThreadCtx *det_ctx, Flow *f, Packet *p, const Signature *s, uint8_t flags)
|
|
{
|
|
SCLogDebug("det_ctx %p, f %p", det_ctx, f);
|
|
|
|
LuaStateSetSignature(lua_state, s);
|
|
LuaStateSetFlow(lua_state, f);
|
|
LuaStateSetDetCtx(lua_state, det_ctx);
|
|
|
|
if (det_ctx->tx_id_set) {
|
|
if (f && f->alstate) {
|
|
void *txptr = AppLayerParserGetTx(f->proto, f->alproto, f->alstate, det_ctx->tx_id);
|
|
if (txptr) {
|
|
LuaStateSetTX(lua_state, txptr, det_ctx->tx_id);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (p != NULL)
|
|
LuaStateSetPacket(lua_state, p);
|
|
|
|
LuaStateSetDirection(lua_state, (flags & STREAM_TOSERVER));
|
|
}
|
|
|
|
/**
|
|
* \brief Register Suricata Lua functions
|
|
*/
|
|
int LuaRegisterExtensions(lua_State *lua_state)
|
|
{
|
|
lua_pushcfunction(lua_state, LuaGetByteVar);
|
|
lua_setglobal(lua_state, "SCByteVarGet");
|
|
|
|
LuaRegisterFunctions(lua_state);
|
|
return 0;
|
|
}
|