Skip to content

Commit

Permalink
detect/requires: reset sigerror flags for each rule
Browse files Browse the repository at this point in the history 
"sigerror_ok" and "sigerror_requires" were not being reset after each
rule which could lead to a rule load error being incorrectly tracked
as skipped rather than failed.

Also initialize "skippedsigs" to 0 along with "goodsigs" and
"badsigs", while not directly related to this issue, could also throw
off some stats.

Ticket: OISF#6710
  • Loading branch information
@jasonish
jasonish committed Jan 24, 2024
1 parent 3cb7112 commit de3cbe4
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 0 deletions.
1 change: 1 addition & 0 deletions src/detect-engine-loader.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,7 @@ static int DetectLoadSigFile(

(*goodsigs) = 0;
(*badsigs) = 0;
(*skippedsigs) = 0;

FILE *fp = fopen(sig_file, "r");
if (fp == NULL) {
Expand Down
2 changes: 2 additions & 0 deletions src/detect-parse.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2315,7 +2315,9 @@ Signature *SigInit(DetectEngineCtx *de_ctx, const char *sigstr)
SCEnter();

uint32_t oldsignum = de_ctx->signum;
de_ctx->sigerror_ok = false;
de_ctx->sigerror_silent = false;
de_ctx->sigerror_requires = false;

Signature *sig;

Expand Down

0 comments on commit de3cbe4

Please sign in to comment.