Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect integers 6644 v2 #10105

Closed
wants to merge 4 commits into from
Closed

Detect integers 6644 v2 #10105

wants to merge 4 commits into from

Conversation

catenacyber
Copy link
Contributor

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/6645
https://redmine.openinfosecfoundation.org/issues/6646
https://redmine.openinfosecfoundation.org/issues/6647
https://redmine.openinfosecfoundation.org/issues/6648

All in tracking ticket https://redmine.openinfosecfoundation.org/issues/6644 for integers as first-class detection

Describe changes:

  • detect/integers: support hexadecimal notation for parsing
  • detect/integers: add mode for negated range
  • detect/integers: rust derive for enumerations
  • detect/integers: keywords now accept bitmasks

#10089 with newer commits

catenacyber and others added 4 commits December 22, 2023 09:11
@catenacyber
detect: integer keywords now support hexadecimal
f01161f 
So that we can write enip.revision: 0x203

Ticket: 6645
@catenacyber
detect: integer keywords now accept negated ranges
aa0d56e 
Ticket: 6646
@catenacyber
detect/integer: rust derive for enumerations
0d4667d 
Ticket: 6647

Allows keywords using integers to use strings in signature
parsing based on a rust enumeration with a derive.
@catenacyber
detect: integer keywords now accept bitmasks
c644772 
Ticket: 6648

Like &0x40=0x40 to test for a specific bit set
@catenacyber catenacyber mentioned this pull request Jan 2, 2024
Closed
@codecov Codecov
Copy link

codecov bot commented Jan 2, 2024

Codecov Report

Attention: 8 lines in your changes are missing coverage. Please review.

Comparison is base (5cc872f) 82.19% compared to head (c644772) 82.06%.
Report is 2 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #10105      +/-   ##
==========================================
- Coverage   82.19%   82.06%   -0.13%     
==========================================
  Files         975      974       -1     
  Lines      271940   272020      +80     
==========================================
- Hits       223523   223240     -283     
- Misses      48417    48780     +363
Flag Coverage Δ
fuzzcorpus 62.54% <51.72%> (-0.38%) ⬇️
suricata-verify 61.41% <51.72%> (-0.02%) ⬇️
unittests 62.85% <92.23%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link

WARNING:

field baseline test %
SURI_TLPW2_autofp_stats_chk
.uptime 181 195 107.73%
.flow.spare 1961331 2134032 108.81%

Pipeline 17319

@catenacyber catenacyber mentioned this pull request Jan 4, 2024
Closed
@catenacyber
Copy link
Contributor Author

Replaced by #10110

@catenacyber catenacyber closed this Jan 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
2 participants
@catenacyber @suricata-qa