rules: use primary default-rule-path if set on command line

When reloading rules, respect `--set default-rule-path=...` from the command line if set. Previously the rule reload would always take the default-rule-path from the configuration file, even if overrided on the command line. Issue: OISF#1911 (cherry picked from commit 3ea6572)
jlucovsky · Feb 5, 2024 · 39570d8 · 39570d8
1 parent a31ff84
commit 39570d8
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/src/detect-engine-loader.c b/src/detect-engine-loader.c
@@ -68,11 +68,17 @@ char *DetectLoadCompleteSigPath(const DetectEngineCtx *de_ctx, const char *sig_f
         return NULL;
     }
 
-    if (strlen(de_ctx->config_prefix) > 0) {
+    /* If we have a configuration prefix, only use it if the primary configuration node
+     * is not marked as final, as that means it was provided on the command line with
+     * a --set. */
+    ConfNode *default_rule_path = ConfGetNode("default-rule-path");
+    if ((!default_rule_path || !default_rule_path->final) && strlen(de_ctx->config_prefix) > 0) {
         snprintf(varname, sizeof(varname), "%s.default-rule-path",
                 de_ctx->config_prefix);
-    } else {
-        snprintf(varname, sizeof(varname), "default-rule-path");
+        default_rule_path = ConfGetNode(varname);
+    }
+    if (default_rule_path) {
+        defaultpath = default_rule_path->val;
     }
 
     /* Path not specified */