From 5695c1bee0a548506d761c1eb429fd5d9f2f2948 Mon Sep 17 00:00:00 2001 From: Jeff Lucovsky Date: Sat, 17 Oct 2020 10:54:51 -0400 Subject: [PATCH 1/2] detect/address: Improve support for large addrs This commit improves support for large address variables. Without this commit, address size was fixed at 8196 or less. This commit permits larger sized address variables. --- src/detect-engine-address.c | 242 ++++++++++++++++++++++++++++++++---- 1 file changed, 220 insertions(+), 22 deletions(-) diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c index d422ea60a3f9..7378967da192 100644 --- a/src/detect-engine-address.c +++ b/src/detect-engine-address.c @@ -54,6 +54,10 @@ static void DetectAddressPrint(DetectAddress *); static int DetectAddressCutNot(DetectAddress *, DetectAddress **); static int DetectAddressCut(DetectEngineCtx *, DetectAddress *, DetectAddress *, DetectAddress **); +static int DetectAddressParse2(const DetectEngineCtx *de_ctx, DetectAddressHead *gh, + DetectAddressHead *ghn, const char *s, int negate, ResolvedVariablesList *var_list, + int recur); + int DetectAddressMergeNot(DetectAddressHead *gh, DetectAddressHead *ghn); /** @@ -715,6 +719,10 @@ static int DetectAddressSetup(DetectAddressHead *gh, const char *s) * \brief Parses an address string and updates the 2 address heads with the * address data. * + * Note that this function should only be called by the wrapping function + * DetectAddressParse2. The wrapping function provides long address handling + * when the address size exceeds a threshold value. + * * \todo We don't seem to be handling negated cases, like [addr,![!addr,addr]], * since we pass around negate without keeping a count of ! with depth. * Can solve this by keeping a count of the negations with depth, so that @@ -733,17 +741,14 @@ static int DetectAddressSetup(DetectAddressHead *gh, const char *s) * \retval 0 On successfully parsing. * \retval -1 On failure. */ -static int DetectAddressParse2(const DetectEngineCtx *de_ctx, - DetectAddressHead *gh, DetectAddressHead *ghn, - const char *s, int negate, ResolvedVariablesList *var_list, - int recur) +static int DetectAddressParseInternal(const DetectEngineCtx *de_ctx, DetectAddressHead *gh, + DetectAddressHead *ghn, const char *s, int negate, ResolvedVariablesList *var_list, + int recur, char *address, size_t address_length) { size_t x = 0; size_t u = 0; int o_set = 0, n_set = 0, d_set = 0; int depth = 0; - size_t size = strlen(s); - char address[8196] = ""; const char *rule_var_address = NULL; char *temp_rule_var_address = NULL; @@ -755,11 +760,13 @@ static int DetectAddressParse2(const DetectEngineCtx *de_ctx, SCLogDebug("s %s negate %s", s, negate ? "true" : "false"); - for (u = 0, x = 0; u < size && x < sizeof(address); u++) { - if (x == (sizeof(address) - 1)) { - SCLogError(SC_ERR_ADDRESS_ENGINE_GENERIC, "Hit the address buffer" - " limit for the supplied address. Invalidating sig. " - "Please file a bug report on this."); + size_t size = strlen(s); + for (u = 0, x = 0; u < size && x < address_length; u++) { + if (x == (address_length - 1)) { + SCLogError(SC_ERR_ADDRESS_ENGINE_GENERIC, + "Hit the address buffer" + " limit for the supplied address. Invalidating sig. " + "Please file a bug report on this."); goto error; } address[x] = s[u]; @@ -894,10 +901,8 @@ static int DetectAddressParse2(const DetectEngineCtx *de_ctx, goto error; } - if (DetectAddressParse2(de_ctx, gh, ghn, temp_rule_var_address, - (negate + n_set) % 2, var_list, recur) < 0) - { + (negate + n_set) % 2, var_list, recur) < 0) { if (temp_rule_var_address != rule_var_address) SCFree(temp_rule_var_address); goto error; @@ -923,11 +928,7 @@ static int DetectAddressParse2(const DetectEngineCtx *de_ctx, } else if (depth == 0 && s[u] == '$') { d_set = 1; } else if (depth == 0 && u == size - 1) { - if (x == sizeof(address)) { - address[x - 1] = '\0'; - } else { - address[x] = '\0'; - } + address[x] = '\0'; x = 0; if (AddVariableToResolveList(var_list, address) == -1) { @@ -964,7 +965,7 @@ static int DetectAddressParse2(const DetectEngineCtx *de_ctx, } if (DetectAddressParse2(de_ctx, gh, ghn, temp_rule_var_address, - (negate + n_set) % 2, var_list, recur) < 0) { + (negate + n_set) % 2, var_list, recur) < 0) { SCLogDebug("DetectAddressParse2 hates us"); if (temp_rule_var_address != rule_var_address) SCFree(temp_rule_var_address); @@ -1009,6 +1010,38 @@ static int DetectAddressParse2(const DetectEngineCtx *de_ctx, return -1; } +/** + * \internal + * \brief Wrapper function for address parsing to minimize heap allocs during address parsing. + * + * \retval Return value from DetectAddressParse2 + */ +static int DetectAddressParse2(const DetectEngineCtx *de_ctx, DetectAddressHead *gh, + DetectAddressHead *ghn, const char *s, int negate, ResolvedVariablesList *var_list, + int recur) +{ + int rc; +#define MAX_ADDRESS_LENGTH 8192 + + size_t address_length = strlen(s); + if (address_length > (MAX_ADDRESS_LENGTH - 1)) { + char *address = SCCalloc(1, address_length); + if (address == NULL) { + SCLogError(SC_ERR_ADDRESS_ENGINE_GENERIC, "Unable to allocate" + " memory for address parsing."); + return -1; + } + rc = DetectAddressParseInternal( + de_ctx, gh, ghn, s, negate, var_list, recur, address, address_length); + SCFree(address); + } else { + char address[MAX_ADDRESS_LENGTH] = ""; + rc = DetectAddressParseInternal( + de_ctx, gh, ghn, s, negate, var_list, recur, address, MAX_ADDRESS_LENGTH); + } + return rc; +} + /** * \internal * \brief See if the addresses and ranges in an address head cover the @@ -1258,7 +1291,8 @@ int DetectAddressTestConfVars(void) goto error; } - int r = DetectAddressParse2(NULL, gh, ghn, seq_node->val, /* start with negate no */0, &var_list, 0); + int r = DetectAddressParse2( + NULL, gh, ghn, seq_node->val, /* start with negate no */ 0, &var_list, 0); CleanVariableResolveList(&var_list); @@ -1419,7 +1453,7 @@ int DetectAddressParse(const DetectEngineCtx *de_ctx, return -1; } - int r = DetectAddressParse2(de_ctx, gh, ghn, str, /* start with negate no */0, NULL, 0); + int r = DetectAddressParse2(de_ctx, gh, ghn, str, /* start with negate no */ 0, NULL, 0); if (r < 0) { SCLogDebug("DetectAddressParse2 returned %d", r); DetectAddressHeadFree(ghn); @@ -4830,6 +4864,169 @@ static int AddressConfVarsTest05(void) return result; } +static int AddressConfVarsTest06(void) +{ + // HOME_NET value size = 10261 bytes + static const char *dummy_conf_string = + "%YAML 1.1\n" + "---\n" + "\n" + "vars:\n" + "\n" + " address-groups:\n" + "\n" + " HOME_NET: " + "\"[2002:0000:3238:DFE1:63:0000:0000:FEFB,2002:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2004:0000:3238:DFE1:63:0000:0000:FEFB,2005:0000:3238:DFE1:63:0000:0000:FEFB," + "2006:0000:3238:DFE1:63:0000:0000:FEFB,2007:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB," + "2002:0000:3238:DFE1:63:0000:0000:FEFB,2003:0000:3238:DFE1:63:0000:0000:FEFB]\"\n" + "\n" + " EXTERNAL_NET: \"any\"\n" + "\n"; + + ConfCreateContextBackup(); + ConfInit(); + ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string)); + + FAIL_IF(0 != DetectAddressTestConfVars()); + + ConfDeInit(); + ConfRestoreContextBackup(); + + PASS; +} + #endif /* UNITTESTS */ void DetectAddressTests(void) @@ -5032,5 +5229,6 @@ void DetectAddressTests(void) UtRegisterTest("AddressConfVarsTest03 ", AddressConfVarsTest03); UtRegisterTest("AddressConfVarsTest04 ", AddressConfVarsTest04); UtRegisterTest("AddressConfVarsTest05 ", AddressConfVarsTest05); + UtRegisterTest("AddressConfVarsTest06 ", AddressConfVarsTest06); #endif /* UNITTESTS */ } From 350c51aa167c714860120be6fac5a652c564770d Mon Sep 17 00:00:00 2001 From: Jeff Lucovsky Date: Sat, 17 Oct 2020 10:56:23 -0400 Subject: [PATCH 2/2] general: Typo cleanup --- src/detect-engine-address.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c index 7378967da192..e904c83e3b54 100644 --- a/src/detect-engine-address.c +++ b/src/detect-engine-address.c @@ -1538,7 +1538,7 @@ void DetectAddressHeadCleanup(DetectAddressHead *gh) * explanations on what these functions do. * * \param de_ctx Pointer to the DetectEngineCtx. - * \param a Pointer the the first address to be cut. + * \param a Pointer the first address to be cut. * \param b Pointer to the second address to be cut. * \param c Pointer to a pointer to a third DetectAddressData, in case the * ranges from a and b, demand a third address range. @@ -1742,7 +1742,7 @@ int DetectAddressMatchIPv6(const DetectMatchAddressIPv6 *addrs, * \brief Check if a particular address(ipv4 or ipv6) matches the address * range in the DetectAddress instance. * - * We basically check that the address falls inbetween the address + * We basically check that the address falls in between the address * range in DetectAddress. * * \param dd Pointer to the DetectAddress instance.