Merge remote-tracking branch 'origin/topic/seth/unified2-analyzer'

BIT-1054 #merged * origin/topic/seth/unified2-analyzer: Fixes in case a packet isn't seen that matches an event. Finished work on unified2 analyzer. Fixed some tests. Working unified2 analyzer. Unified2 file analyzer updated to new plugin style. Adding the unified2 analyzer. Conflicts: testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
2025-10-13 03:58:20 +00:00 · 2013-08-13 18:36:53 -07:00 · 2013-08-13 18:36:53 -07:00 · 83eae53f54
commit 83eae53f54
parent d4820cd43b e0de1a2d00
25 changed files with 809 additions and 8 deletions
--- a/src/file_analysis/analyzer/unified2/Unified2.cc
+++ b/src/file_analysis/analyzer/unified2/Unified2.cc
@ -0,0 +1,38 @@
+// See the file "COPYING" in the main distribution directory for copyright.
+
+#include "Unified2.h"
+#include "file_analysis/Manager.h"
+
+using namespace file_analysis;
+
+Unified2::Unified2(RecordVal* args, File* file)
+    : file_analysis::Analyzer(file_mgr->GetComponentTag("UNIFIED2"), args, file)
+	{
+	interp = new binpac::Unified2::Unified2_Analyzer(this);
+	}
+
+Unified2::~Unified2()
+	{
+	delete interp;
+	}
+
+file_analysis::Analyzer* Unified2::Instantiate(RecordVal* args, File* file)
+	{
+	return new Unified2(args, file);
+	}
+
+bool Unified2::DeliverStream(const u_char* data, uint64 len)
+	{
+	try
+		{
+		interp->NewData(true, data, data + len);
+		}
+
+	catch ( const binpac::Exception& e )
+		{
+		printf("Binpac exception: %s\n", e.c_msg());
+		return false;
+		}
+
+	return true;
+	}