diff --git a/src/detect-engine-register.c b/src/detect-engine-register.c index bbf8b916ae93..59ec8dd0aa19 100644 --- a/src/detect-engine-register.c +++ b/src/detect-engine-register.c @@ -234,6 +234,7 @@ #include "detect-transform-casechange.h" #include "detect-transform-header-lowercase.h" #include "detect-transform-base64.h" +#include "detect-transform-luaxform.h" #include "util-rule-vars.h" @@ -695,6 +696,7 @@ void SigTableSetup(void) DetectTransformToUpperRegister(); DetectTransformHeaderLowercaseRegister(); DetectTransformFromBase64DecodeRegister(); + DetectTransformLuaxformRegister(); DetectFileHandlerRegister(); diff --git a/src/detect-engine-register.h b/src/detect-engine-register.h index 7c3b5b4514b0..24b5ed94b440 100644 --- a/src/detect-engine-register.h +++ b/src/detect-engine-register.h @@ -316,6 +316,7 @@ enum DetectKeywordId { DETECT_TRANSFORM_TOUPPER, DETECT_TRANSFORM_HEADER_LOWERCASE, DETECT_TRANSFORM_FROM_BASE64, + DETECT_TRANSFORM_LUAXFORM, DETECT_AL_IKE_EXCH_TYPE, DETECT_AL_IKE_SPI_INITIATOR, diff --git a/src/detect-lua.c b/src/detect-lua.c index 36f045f50394..f88c6657c9a0 100644 --- a/src/detect-lua.c +++ b/src/detect-lua.c @@ -57,6 +57,7 @@ #include "util-var-name.h" #include "util-lua.h" +#include "util-lua-common.h" #include "util-lua-sandbox.h" static int DetectLuaMatch (DetectEngineThreadCtx *, @@ -69,7 +70,6 @@ static int DetectLuaSetup (DetectEngineCtx *, Signature *, const char *); #ifdef UNITTESTS static void DetectLuaRegisterTests(void); #endif -static void DetectLuaFree(DetectEngineCtx *, void *); static int g_smtp_generic_list_id = 0; /** @@ -126,8 +126,6 @@ void DetectLuaRegister(void) #define FLAG_INSTRUCTION_LIMIT_LOGGED BIT_U32(25) #define FLAG_MEMORY_LIMIT_LOGGED BIT_U32(26) -#define DEFAULT_LUA_ALLOC_LIMIT 500000 -#define DEFAULT_LUA_INSTRUCTION_LIMIT 500000 #if 0 /** \brief dump stack from lua state to screen */ @@ -464,7 +462,7 @@ static int DetectLuaAppTxMatch (DetectEngineThreadCtx *det_ctx, static const char *ut_script = NULL; #endif -static void *DetectLuaThreadInit(void *data) +void *DetectLuaThreadInit(void *data) { int status; DetectLuaData *lua = (DetectLuaData *)data; @@ -534,7 +532,7 @@ static void *DetectLuaThreadInit(void *data) return NULL; } -static void DetectLuaThreadFree(void *ctx) +void DetectLuaThreadFree(void *ctx) { if (ctx != NULL) { DetectLuaThreadData *t = (DetectLuaThreadData *)ctx; @@ -553,7 +551,7 @@ static void DetectLuaThreadFree(void *ctx) * \retval lua pointer to DetectLuaData on success * \retval NULL on failure */ -static DetectLuaData *DetectLuaParse (DetectEngineCtx *de_ctx, const char *str) +DetectLuaData *DetectLuaParse (DetectEngineCtx *de_ctx, const char *str) { DetectLuaData *lua = NULL; @@ -1041,7 +1039,7 @@ void DetectLuaPostSetup(Signature *s) * * \param ptr pointer to DetectLuaData */ -static void DetectLuaFree(DetectEngineCtx *de_ctx, void *ptr) +void DetectLuaFree(DetectEngineCtx *de_ctx, void *ptr) { if (ptr != NULL) { DetectLuaData *lua = (DetectLuaData *)ptr; @@ -1058,7 +1056,8 @@ static void DetectLuaFree(DetectEngineCtx *de_ctx, void *ptr) VarNameStoreUnregister(lua->flowvar[i], VAR_TYPE_FLOW_VAR); } - DetectUnregisterThreadCtxFuncs(de_ctx, lua, "lua"); + if (lua->thread_ctx_id) + DetectUnregisterThreadCtxFuncs(de_ctx, lua, "lua"); SCFree(lua); } diff --git a/src/detect-lua.h b/src/detect-lua.h index b2ab6b9df579..b4342c02d78d 100644 --- a/src/detect-lua.h +++ b/src/detect-lua.h @@ -56,6 +56,7 @@ typedef struct DetectLuaData { uint64_t alloc_limit; uint64_t instruction_limit; int allow_restricted_functions; + lua_State *luastate; } DetectLuaData; /* prototypes */ @@ -65,6 +66,10 @@ int DetectLuaMatchBuffer(DetectEngineThreadCtx *det_ctx, const uint8_t *buffer, uint32_t buffer_len, uint32_t offset, Flow *f); +DetectLuaData *DetectLuaParse (DetectEngineCtx *de_ctx, const char *str); +void DetectLuaFree(DetectEngineCtx *de_ctx, void *ptr); void DetectLuaPostSetup(Signature *s); +void *DetectLuaThreadInit(void *data); +void DetectLuaThreadFree(void *ctx); #endif /* SURICATA_DETECT_LUA_H */ diff --git a/src/util-lua-common.h b/src/util-lua-common.h index 5d6ea41f4be4..4834f4fa7af9 100644 --- a/src/util-lua-common.h +++ b/src/util-lua-common.h @@ -24,6 +24,9 @@ #ifndef SURICATA_UTIL_LUA_COMMON_H #define SURICATA_UTIL_LUA_COMMON_H +#define DEFAULT_LUA_ALLOC_LIMIT 500000 +#define DEFAULT_LUA_INSTRUCTION_LIMIT 500000 + int LuaCallbackError(lua_State *luastate, const char *msg); const char *LuaGetStringArgument(lua_State *luastate, int argc);