22550237931

Committed 01 Mar 2026 06:56PM UTC coverage: 64.812% (-8.9%) from 73.687%

Build # 22550237931

Build Type

Pull #14920

github

Committed by

web-flow

Commit Message

Merge e05854a6d into 90823fa90

Pull Request Pull Request #14920: draft: rust based configuration file parser and loader - v4

Run Details

561 of 789 new or added lines in 4 files covered. (71.1%)

23225 existing lines in 498 files now uncovered.

131605 of 203055 relevant lines covered (64.81%)

2328818.84 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/util-lua-packetlib.c

/* Copyright (C) 2025 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
 * Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * version 2 along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301, USA.
 */

/**
 * \file
 *
 * Packet API for Lua.
 *
 * local packet = require("suricata.packet")
 */

#include "suricata-common.h"

#include "util-lua-packetlib.h"

#include "app-layer-protos.h" /* Required by util-lua-common. */
#include "util-lua-common.h"
#include "util-lua.h"
#include "util-debug.h"
#include "util-print.h"

/* key for p (packet) pointer */
extern const char lua_ext_key_p[];
static const char suricata_packet[] = "suricata:packet";

struct LuaPacket {
    Packet *p;
};

static int LuaPacketGC(lua_State *luastate)
{
    SCLogDebug("gc:start");
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s != NULL) {
        SCLogDebug("packet %p", s->p);
        s->p = NULL;
    }
    SCLogDebug("gc:done");
    return 0;
}

static int LuaPacketPayload(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }

    LuaPushStringBuffer(luastate, (const uint8_t *)s->p->payload, (size_t)s->p->payload_len);
    return 1;
}

static int LuaPacketPacket(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }

    LuaPushStringBuffer(luastate, (const uint8_t *)GET_PKT_DATA(s->p), (size_t)GET_PKT_LEN(s->p));
    return 1;
}

static int LuaPacketPcapCnt(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }

    lua_pushinteger(luastate, PcapPacketCntGet(s->p));
    return 1;
}

/** \internal
 *  \brief legacy format as used by fast.log, http.log, etc.
 */
static int LuaPacketTimestringLegacy(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }

    char timebuf[64];
    CreateTimeString(s->p->ts, timebuf, sizeof(timebuf));
    lua_pushstring(luastate, timebuf);
    return 1;
}

static int LuaPacketTimestringIso8601(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }

    char timebuf[64];
    CreateIsoTimeString(s->p->ts, timebuf, sizeof(timebuf));
    lua_pushstring(luastate, timebuf);
    return 1;
}

static int LuaPacketTimestamp(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }

    lua_pushnumber(luastate, (double)SCTIME_SECS(s->p->ts));
    lua_pushnumber(luastate, (double)SCTIME_USECS(s->p->ts));
    return 2;
}

/** \internal
 *  \brief fill lua stack with header info
 *  \param luastate the lua state
 *  \retval cnt number of data items placed on the stack
 *
 *  Places: ipver (number), src ip (string), dst ip (string), protocol (number),
 *          sp or icmp type (number), dp or icmp code (number).
 */
static int LuaPacketTuple(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }
    Packet *p = s->p;

    int ipver = 0;
    if (PacketIsIPv4(p)) {
        ipver = 4;
    } else if (PacketIsIPv6(p)) {
        ipver = 6;
    }
    lua_pushinteger(luastate, ipver);
    if (ipver == 0)
        return 1;

    char srcip[46] = "", dstip[46] = "";
    if (PacketIsIPv4(p)) {
        PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), srcip, sizeof(srcip));
        PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), dstip, sizeof(dstip));
    } else if (PacketIsIPv6(p)) {
        PrintInet(AF_INET6, (const void *)GET_IPV6_SRC_ADDR(p), srcip, sizeof(srcip));
        PrintInet(AF_INET6, (const void *)GET_IPV6_DST_ADDR(p), dstip, sizeof(dstip));
    }

    lua_pushstring(luastate, srcip);
    lua_pushstring(luastate, dstip);

    /* proto and ports (or type/code) */
    lua_pushinteger(luastate, p->proto);
    if (p->proto == IPPROTO_TCP || p->proto == IPPROTO_UDP) {
        lua_pushinteger(luastate, p->sp);
        lua_pushinteger(luastate, p->dp);

    } else if (p->proto == IPPROTO_ICMP || p->proto == IPPROTO_ICMPV6) {
        lua_pushinteger(luastate, p->icmp_s.type);
        lua_pushinteger(luastate, p->icmp_s.code);
    } else {
        lua_pushinteger(luastate, 0);
        lua_pushinteger(luastate, 0);
    }

    return 6;
}

/** \internal
 *  \brief get tcp/udp/sctp source port
 *  \param luastate the lua state
 */
static int LuaPacketSport(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }
    Packet *p = s->p;

    switch (p->proto) {
        case IPPROTO_TCP:
        case IPPROTO_UDP:
        case IPPROTO_SCTP:
            lua_pushinteger(luastate, p->sp);
            break;
        default:
            LUA_ERROR("sp only available for tcp, udp and sctp");
    }

    return 1;
}

/** \internal
 *  \brief get tcp/udp/sctp dest port
 *  \param luastate the lua state
 */
static int LuaPacketDport(lua_State *luastate)
{
    struct LuaPacket *s = (struct LuaPacket *)lua_touserdata(luastate, 1);
    if (s == NULL || s->p == NULL) {
        LUA_ERROR("failed to get packet");
    }
    Packet *p = s->p;

    switch (p->proto) {
        case IPPROTO_TCP:
        case IPPROTO_UDP:
        case IPPROTO_SCTP:
            lua_pushinteger(luastate, p->dp);
            break;
        default:
            LUA_ERROR("dp only available for tcp, udp and sctp");
    }

    return 1;
}

static int LuaPacketGet(lua_State *luastate)
{
    Packet *p = LuaStateGetPacket(luastate);
    if (p == NULL) {
        LUA_ERROR("failed to get packet");
    }

    struct LuaPacket *s = (struct LuaPacket *)lua_newuserdata(luastate, sizeof(*s));
    if (s == NULL) {
        LUA_ERROR("failed to get userdata");
    }
    s->p = p;
    luaL_getmetatable(luastate, suricata_packet);
    lua_setmetatable(luastate, -2);
    return 1;
}

static const luaL_Reg packetlib[] = {
    // clang-format off
    { "get", LuaPacketGet },
    { NULL, NULL }
    // clang-format on
};

static const luaL_Reg packetlib_meta[] = {
    // clang-format off
    { "packet", LuaPacketPacket },
    { "payload", LuaPacketPayload },
    { "pcap_cnt", LuaPacketPcapCnt },
    { "timestring_legacy", LuaPacketTimestringLegacy },
    { "timestring_iso8601", LuaPacketTimestringIso8601 },
    { "timestamp", LuaPacketTimestamp },
    { "tuple", LuaPacketTuple },
    { "sp", LuaPacketSport },
    { "dp", LuaPacketDport },
    { "__gc", LuaPacketGC },
    { NULL, NULL }
    // clang-format on
};

int LuaLoadPacketLib(lua_State *luastate)
{
    luaL_newmetatable(luastate, suricata_packet);
    lua_pushvalue(luastate, -1);
    lua_setfield(luastate, -2, "__index");
    luaL_setfuncs(luastate, packetlib_meta, 0);

    luaL_newlib(luastate, packetlib);
    return 1;
}

1	/* Copyright (C) 2025 Open Information Security Foundation
2	*
3	* You can copy, redistribute or modify this Program under the terms of
4	* the GNU General Public License version 2 as published by the Free
5	* Software Foundation.
6	*
7	* This program is distributed in the hope that it will be useful,
8	* but WITHOUT ANY WARRANTY; without even the implied warranty of
9	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10	* GNU General Public License for more details.
11	*
12	* You should have received a copy of the GNU General Public License
13	* version 2 along with this program; if not, write to the Free Software
14	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15	* 02110-1301, USA.
16	*/
17
18	/**
19	* \file
20	*
21	* Packet API for Lua.
22	*
23	* local packet = require("suricata.packet")
24	*/
25
26	#include "suricata-common.h"
27
28	#include "util-lua-packetlib.h"
29
30	#include "app-layer-protos.h" /* Required by util-lua-common. */
31	#include "util-lua-common.h"
32	#include "util-lua.h"
33	#include "util-debug.h"
34	#include "util-print.h"
35
36	/* key for p (packet) pointer */
37	extern const char lua_ext_key_p[];
38	static const char suricata_packet[] = "suricata:packet";
39
40	struct LuaPacket {
41	Packet *p;
42	};
43
44	static int LuaPacketGC(lua_State *luastate)
UNCOV 45	{	×
UNCOV 46	SCLogDebug("gc:start");	×
UNCOV 47	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 48	if (s != NULL) {	×
UNCOV 49	SCLogDebug("packet %p", s->p);	×
UNCOV 50	s->p = NULL;	×
UNCOV 51	}	×
UNCOV 52	SCLogDebug("gc:done");	×
UNCOV 53	return 0;	×
UNCOV 54	}	×
55
56	static int LuaPacketPayload(lua_State *luastate)
UNCOV 57	{	×
UNCOV 58	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 59	if (s == NULL \|\| s->p == NULL) {	×
60	LUA_ERROR("failed to get packet");	×
61	}	×
62
UNCOV 63	LuaPushStringBuffer(luastate, (const uint8_t *)s->p->payload, (size_t)s->p->payload_len);	×
UNCOV 64	return 1;	×
UNCOV 65	}	×
66
67	static int LuaPacketPacket(lua_State *luastate)
68	{	×
69	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
70	if (s == NULL \|\| s->p == NULL) {	×
71	LUA_ERROR("failed to get packet");	×
72	}	×
73
74	LuaPushStringBuffer(luastate, (const uint8_t *)GET_PKT_DATA(s->p), (size_t)GET_PKT_LEN(s->p));	×
75	return 1;	×
76	}	×
77
78	static int LuaPacketPcapCnt(lua_State *luastate)
UNCOV 79	{	×
UNCOV 80	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 81	if (s == NULL \|\| s->p == NULL) {	×
82	LUA_ERROR("failed to get packet");	×
83	}	×
84
UNCOV 85	lua_pushinteger(luastate, PcapPacketCntGet(s->p));	×
UNCOV 86	return 1;	×
UNCOV 87	}	×
88
89	/** \internal
90	* \brief legacy format as used by fast.log, http.log, etc.
91	*/
92	static int LuaPacketTimestringLegacy(lua_State *luastate)
UNCOV 93	{	×
UNCOV 94	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 95	if (s == NULL \|\| s->p == NULL) {	×
96	LUA_ERROR("failed to get packet");	×
97	}	×
98
UNCOV 99	char timebuf[64];	×
UNCOV 100	CreateTimeString(s->p->ts, timebuf, sizeof(timebuf));	×
UNCOV 101	lua_pushstring(luastate, timebuf);	×
UNCOV 102	return 1;	×
UNCOV 103	}	×
104
105	static int LuaPacketTimestringIso8601(lua_State *luastate)
UNCOV 106	{	×
UNCOV 107	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 108	if (s == NULL \|\| s->p == NULL) {	×
109	LUA_ERROR("failed to get packet");	×
110	}	×
111
UNCOV 112	char timebuf[64];	×
UNCOV 113	CreateIsoTimeString(s->p->ts, timebuf, sizeof(timebuf));	×
UNCOV 114	lua_pushstring(luastate, timebuf);	×
UNCOV 115	return 1;	×
UNCOV 116	}	×
117
118	static int LuaPacketTimestamp(lua_State *luastate)
119	{	×
120	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
121	if (s == NULL \|\| s->p == NULL) {	×
122	LUA_ERROR("failed to get packet");	×
123	}	×
124
125	lua_pushnumber(luastate, (double)SCTIME_SECS(s->p->ts));	×
126	lua_pushnumber(luastate, (double)SCTIME_USECS(s->p->ts));	×
127	return 2;	×
128	}	×
129
130	/** \internal
131	* \brief fill lua stack with header info
132	* \param luastate the lua state
133	* \retval cnt number of data items placed on the stack
134	*
135	* Places: ipver (number), src ip (string), dst ip (string), protocol (number),
136	* sp or icmp type (number), dp or icmp code (number).
137	*/
138	static int LuaPacketTuple(lua_State *luastate)
UNCOV 139	{	×
UNCOV 140	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 141	if (s == NULL \|\| s->p == NULL) {	×
142	LUA_ERROR("failed to get packet");	×
143	}	×
UNCOV 144	Packet *p = s->p;	×
145
UNCOV 146	int ipver = 0;	×
UNCOV 147	if (PacketIsIPv4(p)) {	×
UNCOV 148	ipver = 4;	×
UNCOV 149	} else if (PacketIsIPv6(p)) {	×
150	ipver = 6;	×
151	}	×
UNCOV 152	lua_pushinteger(luastate, ipver);	×
UNCOV 153	if (ipver == 0)	×
154	return 1;	×
155
UNCOV 156	char srcip[46] = "", dstip[46] = "";	×
UNCOV 157	if (PacketIsIPv4(p)) {	×
UNCOV 158	PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), srcip, sizeof(srcip));	×
UNCOV 159	PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), dstip, sizeof(dstip));	×
UNCOV 160	} else if (PacketIsIPv6(p)) {	×
161	PrintInet(AF_INET6, (const void *)GET_IPV6_SRC_ADDR(p), srcip, sizeof(srcip));	×
162	PrintInet(AF_INET6, (const void *)GET_IPV6_DST_ADDR(p), dstip, sizeof(dstip));	×
163	}	×
164
UNCOV 165	lua_pushstring(luastate, srcip);	×
UNCOV 166	lua_pushstring(luastate, dstip);	×
167
168	/* proto and ports (or type/code) */
UNCOV 169	lua_pushinteger(luastate, p->proto);	×
UNCOV 170	if (p->proto == IPPROTO_TCP \|\| p->proto == IPPROTO_UDP) {	×
UNCOV 171	lua_pushinteger(luastate, p->sp);	×
UNCOV 172	lua_pushinteger(luastate, p->dp);	×
173
UNCOV 174	} else if (p->proto == IPPROTO_ICMP \|\| p->proto == IPPROTO_ICMPV6) {	×
175	lua_pushinteger(luastate, p->icmp_s.type);	×
176	lua_pushinteger(luastate, p->icmp_s.code);	×
177	} else {	×
178	lua_pushinteger(luastate, 0);	×
179	lua_pushinteger(luastate, 0);	×
180	}	×
181
UNCOV 182	return 6;	×
UNCOV 183	}	×
184
185	/** \internal
186	* \brief get tcp/udp/sctp source port
187	* \param luastate the lua state
188	*/
189	static int LuaPacketSport(lua_State *luastate)
UNCOV 190	{	×
UNCOV 191	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 192	if (s == NULL \|\| s->p == NULL) {	×
193	LUA_ERROR("failed to get packet");	×
194	}	×
UNCOV 195	Packet *p = s->p;	×
196
UNCOV 197	switch (p->proto) {	×
UNCOV 198	case IPPROTO_TCP:	×
UNCOV 199	case IPPROTO_UDP:	×
UNCOV 200	case IPPROTO_SCTP:	×
UNCOV 201	lua_pushinteger(luastate, p->sp);	×
UNCOV 202	break;	×
UNCOV 203	default:	×
UNCOV 204	LUA_ERROR("sp only available for tcp, udp and sctp");	×
UNCOV 205	}	×
206
UNCOV 207	return 1;	×
UNCOV 208	}	×
209
210	/** \internal
211	* \brief get tcp/udp/sctp dest port
212	* \param luastate the lua state
213	*/
214	static int LuaPacketDport(lua_State *luastate)
UNCOV 215	{	×
UNCOV 216	struct LuaPacket s = (struct LuaPacket )lua_touserdata(luastate, 1);	×
UNCOV 217	if (s == NULL \|\| s->p == NULL) {	×
218	LUA_ERROR("failed to get packet");	×
219	}	×
UNCOV 220	Packet *p = s->p;	×
221
UNCOV 222	switch (p->proto) {	×
UNCOV 223	case IPPROTO_TCP:	×
UNCOV 224	case IPPROTO_UDP:	×
UNCOV 225	case IPPROTO_SCTP:	×
UNCOV 226	lua_pushinteger(luastate, p->dp);	×
UNCOV 227	break;	×
228	default:	×
229	LUA_ERROR("dp only available for tcp, udp and sctp");	×
UNCOV 230	}	×
231
UNCOV 232	return 1;	×
UNCOV 233	}	×
234
235	static int LuaPacketGet(lua_State *luastate)
UNCOV 236	{	×
UNCOV 237	Packet *p = LuaStateGetPacket(luastate);	×
UNCOV 238	if (p == NULL) {	×
239	LUA_ERROR("failed to get packet");	×
240	}	×
241
UNCOV 242	struct LuaPacket s = (struct LuaPacket )lua_newuserdata(luastate, sizeof(*s));	×
UNCOV 243	if (s == NULL) {	×
244	LUA_ERROR("failed to get userdata");	×
245	}	×
UNCOV 246	s->p = p;	×
UNCOV 247	luaL_getmetatable(luastate, suricata_packet);	×
UNCOV 248	lua_setmetatable(luastate, -2);	×
UNCOV 249	return 1;	×
UNCOV 250	}	×
251
252	static const luaL_Reg packetlib[] = {
253	// clang-format off
254	{ "get", LuaPacketGet },
255	{ NULL, NULL }
256	// clang-format on
257	};
258
259	static const luaL_Reg packetlib_meta[] = {
260	// clang-format off
261	{ "packet", LuaPacketPacket },
262	{ "payload", LuaPacketPayload },
263	{ "pcap_cnt", LuaPacketPcapCnt },
264	{ "timestring_legacy", LuaPacketTimestringLegacy },
265	{ "timestring_iso8601", LuaPacketTimestringIso8601 },
266	{ "timestamp", LuaPacketTimestamp },
267	{ "tuple", LuaPacketTuple },
268	{ "sp", LuaPacketSport },
269	{ "dp", LuaPacketDport },
270	{ "__gc", LuaPacketGC },
271	{ NULL, NULL }
272	// clang-format on
273	};
274
275	int LuaLoadPacketLib(lua_State *luastate)
UNCOV 276	{	×
UNCOV 277	luaL_newmetatable(luastate, suricata_packet);	×
UNCOV 278	lua_pushvalue(luastate, -1);	×
UNCOV 279	lua_setfield(luastate, -2, "__index");	×
UNCOV 280	luaL_setfuncs(luastate, packetlib_meta, 0);	×
281
UNCOV 282	luaL_newlib(luastate, packetlib);	×
UNCOV 283	return 1;	×
UNCOV 284	}	×

OISF / suricata / 22550237931

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous