-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
detect-rpc-v1 #5590
detect-rpc-v1 #5590
Conversation
- detect-rpc: convert unit tests to new FAIL/PASS API. - fix unused variable error.
Copying from previous, closed PR: I was wondering if some of the longer tests (like 3rd and 5th) shouldn't be split into smaller, more concise ones... |
if (de_ctx == NULL) { | ||
goto end; | ||
} | ||
FAIL_IF_NULL(de_ctx); | ||
|
||
de_ctx->flags |= DE_QUIET; | ||
|
||
s = de_ctx->sig_list = SigInit(de_ctx,"alert udp any any -> any any (msg:\"RPC Get Port Call\"; rpc:100000, 2, 3; sid:1;)"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you make an additional cleanup here?
s = de_ctx->sig_list = SigInit(
can be turned into s = DetectEngineAppendSig(
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(same for the others)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, done!
Closed with #5591 |
Make sure these boxes are signed before submitting your Pull Request -- thank you.
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/4056
Previous PR:
#5589
Describe changes:
PRScript output (if applicable):
#suricata-verify-pr:
#suricata-verify-repo:
#suricata-verify-branch:
#suricata-update-pr:
#suricata-update-repo:
#suricata-update-branch:
#libhtp-pr:
#libhtp-repo:
#libhtp-branch: