Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect unify multi-buffer code #10462

Closed
wants to merge 2 commits into from
Closed

Detect unify multi-buffer code #10462

wants to merge 2 commits into from

Conversation

catenacyber
Copy link
Contributor

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/6575

Describe changes:

  • detect: unify multi-buffer code

#10425 with

  • longer commit message
  • style fixup

Preliminary work for #10334

@catenacyber
detect/template: make template use DetectEngineInspectBufferGeneric
83e418c
@catenacyber
detect: unify functions for multi-buffer
ea61117 
Ticket: 6575

Multi buffers keywords now use a single registration function
DetectAppLayerMultiRegister with a GetBuffer argument.

This GetBuffer function pointer is similar to the ones used by
single-buffer keyword, except that it takes an additional
parameter which is the index of the buffer to get.
Under the hood, an anonymous union between these 2 functions
pointers types is used.

In the end, this deduplicates code, especially the calls to
DetectEngineContentInspection
@catenacyber catenacyber mentioned this pull request Feb 19, 2024
Closed
@suricata-qa
Copy link

Information:

ERROR: QA failed on SURI_TLPW2_autofp_suri_time.

field baseline test %
SURI_TLPW2_autofp_stats_chk
.uptime 101 111 109.9%

Pipeline 18633

@catenacyber catenacyber mentioned this pull request Mar 1, 2024
Draft
@catenacyber catenacyber changed the title Detect negated content absent buffer 2224 v12.5 Detect unify multi-buffer code Mar 21, 2024
@catenacyber catenacyber mentioned this pull request Apr 3, 2024
Closed
@catenacyber
Copy link
Contributor Author

I notice that DetectEngineInspectBufferHttpHeader could be replaced with a DetectEngineInspectBufferGeneric + GetData

Other usages of DetectEngineContentInspection are files, and detect-http-client-body

@catenacyber catenacyber mentioned this pull request Apr 12, 2024
Closed
@jufajardini jufajardini added the needs rebase Needs rebase to master label Apr 18, 2024
This was referenced Apr 18, 2024
Closed
Closed
@catenacyber
Copy link
Contributor Author

Rebased in #10897

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

Assignees
No one assigned
Labels
needs rebase Needs rebase to master
Milestone
No milestone
3 participants
@catenacyber @suricata-qa @jufajardini