From 94e850397b7fe2e2ef6f8548ac5e89c206371417 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 23 May 2012 16:34:03 -0500 Subject: [PATCH 01/19] Add tests for previously-untested strings BIFs --- testing/btest/Baseline/bifs.byte_len/out | 1 + .../btest/Baseline/bifs.cat_string_array/out | 3 + testing/btest/Baseline/bifs.edit/out | 1 + testing/btest/Baseline/bifs.escape_string/out | 10 ++++ testing/btest/Baseline/bifs.find_all/out | 4 ++ testing/btest/Baseline/bifs.find_last/out | 3 + testing/btest/Baseline/bifs.hexdump/out | 1 + testing/btest/Baseline/bifs.join_string/out | 1 + testing/btest/Baseline/bifs.lowerupper/out | 2 + .../btest/Baseline/bifs.sort_string_array/out | 4 ++ testing/btest/Baseline/bifs.split/out | 32 ++++++++++ .../btest/Baseline/bifs.str_shell_escape/out | 4 ++ testing/btest/Baseline/bifs.strcmp/out | 3 + testing/btest/Baseline/bifs.string_fill/out | 3 + .../btest/Baseline/bifs.string_splitting/out | 13 ---- testing/btest/Baseline/bifs.strip/out | 6 ++ testing/btest/Baseline/bifs.strstr/out | 2 + testing/btest/Baseline/bifs.sub/out | 2 + testing/btest/Baseline/bifs.subst_string/out | 1 + testing/btest/bifs/byte_len.bro | 10 ++++ testing/btest/bifs/cat_string_array.bro | 14 +++++ testing/btest/bifs/edit.bro | 10 ++++ testing/btest/bifs/escape_string.bro | 27 +++++++++ testing/btest/bifs/find_all.bro | 18 ++++++ testing/btest/bifs/find_last.bro | 17 ++++++ testing/btest/bifs/hexdump.bro | 10 ++++ testing/btest/bifs/join_string.bro | 14 +++++ testing/btest/bifs/lowerupper.bro | 11 ++++ testing/btest/bifs/sort_string_array.bro | 17 ++++++ testing/btest/bifs/split.bro | 59 +++++++++++++++++++ testing/btest/bifs/str_shell_escape.bro | 15 +++++ testing/btest/bifs/strcmp.bro | 13 ++++ testing/btest/bifs/string_fill.bro | 16 +++++ testing/btest/bifs/string_splitting.bro | 12 ---- testing/btest/bifs/strip.bro | 17 ++++++ testing/btest/bifs/strstr.bro | 13 ++++ testing/btest/bifs/sub.bro | 12 ++++ testing/btest/bifs/subst_string.bro | 12 ++++ 38 files changed, 388 insertions(+), 25 deletions(-) create mode 100644 testing/btest/Baseline/bifs.byte_len/out create mode 100644 testing/btest/Baseline/bifs.cat_string_array/out create mode 100644 testing/btest/Baseline/bifs.edit/out create mode 100644 testing/btest/Baseline/bifs.escape_string/out create mode 100644 testing/btest/Baseline/bifs.find_all/out create mode 100644 testing/btest/Baseline/bifs.find_last/out create mode 100644 testing/btest/Baseline/bifs.hexdump/out create mode 100644 testing/btest/Baseline/bifs.join_string/out create mode 100644 testing/btest/Baseline/bifs.lowerupper/out create mode 100644 testing/btest/Baseline/bifs.sort_string_array/out create mode 100644 testing/btest/Baseline/bifs.split/out create mode 100644 testing/btest/Baseline/bifs.str_shell_escape/out create mode 100644 testing/btest/Baseline/bifs.strcmp/out create mode 100644 testing/btest/Baseline/bifs.string_fill/out delete mode 100644 testing/btest/Baseline/bifs.string_splitting/out create mode 100644 testing/btest/Baseline/bifs.strip/out create mode 100644 testing/btest/Baseline/bifs.strstr/out create mode 100644 testing/btest/Baseline/bifs.sub/out create mode 100644 testing/btest/Baseline/bifs.subst_string/out create mode 100644 testing/btest/bifs/byte_len.bro create mode 100644 testing/btest/bifs/cat_string_array.bro create mode 100644 testing/btest/bifs/edit.bro create mode 100644 testing/btest/bifs/escape_string.bro create mode 100644 testing/btest/bifs/find_all.bro create mode 100644 testing/btest/bifs/find_last.bro create mode 100644 testing/btest/bifs/hexdump.bro create mode 100644 testing/btest/bifs/join_string.bro create mode 100644 testing/btest/bifs/lowerupper.bro create mode 100644 testing/btest/bifs/sort_string_array.bro create mode 100644 testing/btest/bifs/split.bro create mode 100644 testing/btest/bifs/str_shell_escape.bro create mode 100644 testing/btest/bifs/strcmp.bro create mode 100644 testing/btest/bifs/string_fill.bro delete mode 100644 testing/btest/bifs/string_splitting.bro create mode 100644 testing/btest/bifs/strip.bro create mode 100644 testing/btest/bifs/strstr.bro create mode 100644 testing/btest/bifs/sub.bro create mode 100644 testing/btest/bifs/subst_string.bro diff --git a/testing/btest/Baseline/bifs.byte_len/out b/testing/btest/Baseline/bifs.byte_len/out new file mode 100644 index 0000000000..b4de394767 --- /dev/null +++ b/testing/btest/Baseline/bifs.byte_len/out @@ -0,0 +1 @@ +11 diff --git a/testing/btest/Baseline/bifs.cat_string_array/out b/testing/btest/Baseline/bifs.cat_string_array/out new file mode 100644 index 0000000000..963f826db9 --- /dev/null +++ b/testing/btest/Baseline/bifs.cat_string_array/out @@ -0,0 +1,3 @@ +isatest +thisisatest +isa diff --git a/testing/btest/Baseline/bifs.edit/out b/testing/btest/Baseline/bifs.edit/out new file mode 100644 index 0000000000..d8582f9b20 --- /dev/null +++ b/testing/btest/Baseline/bifs.edit/out @@ -0,0 +1 @@ +llo t diff --git a/testing/btest/Baseline/bifs.escape_string/out b/testing/btest/Baseline/bifs.escape_string/out new file mode 100644 index 0000000000..6d79533c61 --- /dev/null +++ b/testing/btest/Baseline/bifs.escape_string/out @@ -0,0 +1,10 @@ +12 +Test \0string +13 +Test \0string +15 +Test \x00string +13 +Test \0string +24 +546573742000737472696e67 diff --git a/testing/btest/Baseline/bifs.find_all/out b/testing/btest/Baseline/bifs.find_all/out new file mode 100644 index 0000000000..17913c44ed --- /dev/null +++ b/testing/btest/Baseline/bifs.find_all/out @@ -0,0 +1,4 @@ +es +hi +------------------- +0 diff --git a/testing/btest/Baseline/bifs.find_last/out b/testing/btest/Baseline/bifs.find_last/out new file mode 100644 index 0000000000..13eabac948 --- /dev/null +++ b/testing/btest/Baseline/bifs.find_last/out @@ -0,0 +1,3 @@ +es +------------------- +0 diff --git a/testing/btest/Baseline/bifs.hexdump/out b/testing/btest/Baseline/bifs.hexdump/out new file mode 100644 index 0000000000..740435f7ea --- /dev/null +++ b/testing/btest/Baseline/bifs.hexdump/out @@ -0,0 +1 @@ +0000 61 62 63 ff 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f abc.defg hijklmno^J0010 70 71 72 73 74 75 76 77 78 79 7a pqrstuvw xyz^J diff --git a/testing/btest/Baseline/bifs.join_string/out b/testing/btest/Baseline/bifs.join_string/out new file mode 100644 index 0000000000..830c2dace5 --- /dev/null +++ b/testing/btest/Baseline/bifs.join_string/out @@ -0,0 +1 @@ +this * is * a * test diff --git a/testing/btest/Baseline/bifs.lowerupper/out b/testing/btest/Baseline/bifs.lowerupper/out new file mode 100644 index 0000000000..96b69a43c8 --- /dev/null +++ b/testing/btest/Baseline/bifs.lowerupper/out @@ -0,0 +1,2 @@ +this is a test +THIS IS A TEST diff --git a/testing/btest/Baseline/bifs.sort_string_array/out b/testing/btest/Baseline/bifs.sort_string_array/out new file mode 100644 index 0000000000..533844768d --- /dev/null +++ b/testing/btest/Baseline/bifs.sort_string_array/out @@ -0,0 +1,4 @@ +a +is +test +this diff --git a/testing/btest/Baseline/bifs.split/out b/testing/btest/Baseline/bifs.split/out new file mode 100644 index 0000000000..0ec2541f3d --- /dev/null +++ b/testing/btest/Baseline/bifs.split/out @@ -0,0 +1,32 @@ +t +s is a t +t +--------------------- +t +s is a test +--------------------- +t +hi +s is a t +es +t +--------------------- +t +s is a test +--------------------- +t +hi +s is a test +--------------------- +[, thi, s i, s a tes, t] +--------------------- +X-Mailer +Testing Test (http://www.example.com) +--------------------- +A += + B += + C += + D diff --git a/testing/btest/Baseline/bifs.str_shell_escape/out b/testing/btest/Baseline/bifs.str_shell_escape/out new file mode 100644 index 0000000000..1845fefa37 --- /dev/null +++ b/testing/btest/Baseline/bifs.str_shell_escape/out @@ -0,0 +1,4 @@ +24 +echo ${TEST} > "my file" +27 +echo \${TEST} > \"my file\" diff --git a/testing/btest/Baseline/bifs.strcmp/out b/testing/btest/Baseline/bifs.strcmp/out new file mode 100644 index 0000000000..d67491ed75 --- /dev/null +++ b/testing/btest/Baseline/bifs.strcmp/out @@ -0,0 +1,3 @@ +T +T +T diff --git a/testing/btest/Baseline/bifs.string_fill/out b/testing/btest/Baseline/bifs.string_fill/out new file mode 100644 index 0000000000..b15a2d1006 --- /dev/null +++ b/testing/btest/Baseline/bifs.string_fill/out @@ -0,0 +1,3 @@ +*\0* 1 +*t\0* 2 +*test test\0* 10 diff --git a/testing/btest/Baseline/bifs.string_splitting/out b/testing/btest/Baseline/bifs.string_splitting/out deleted file mode 100644 index 8514916834..0000000000 --- a/testing/btest/Baseline/bifs.string_splitting/out +++ /dev/null @@ -1,13 +0,0 @@ -{ -[2] = Testing Test (http://www.example.com), -[1] = X-Mailer -} -{ -[2] = =, -[4] = =, -[6] = =, -[7] = D, -[1] = A , -[5] = C , -[3] = B -} diff --git a/testing/btest/Baseline/bifs.strip/out b/testing/btest/Baseline/bifs.strip/out new file mode 100644 index 0000000000..dc1ca4204c --- /dev/null +++ b/testing/btest/Baseline/bifs.strip/out @@ -0,0 +1,6 @@ +* this is a test * +*this is a test* +** +** +* * +** diff --git a/testing/btest/Baseline/bifs.strstr/out b/testing/btest/Baseline/bifs.strstr/out new file mode 100644 index 0000000000..389e262145 --- /dev/null +++ b/testing/btest/Baseline/bifs.strstr/out @@ -0,0 +1,2 @@ +2 +0 diff --git a/testing/btest/Baseline/bifs.sub/out b/testing/btest/Baseline/bifs.sub/out new file mode 100644 index 0000000000..d8860ac5f8 --- /dev/null +++ b/testing/btest/Baseline/bifs.sub/out @@ -0,0 +1,2 @@ +that is a test +that at a test diff --git a/testing/btest/Baseline/bifs.subst_string/out b/testing/btest/Baseline/bifs.subst_string/out new file mode 100644 index 0000000000..be3c92a20b --- /dev/null +++ b/testing/btest/Baseline/bifs.subst_string/out @@ -0,0 +1 @@ +that at another test diff --git a/testing/btest/bifs/byte_len.bro b/testing/btest/bifs/byte_len.bro new file mode 100644 index 0000000000..25191fd173 --- /dev/null +++ b/testing/btest/bifs/byte_len.bro @@ -0,0 +1,10 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "hello\0there"; + + print byte_len(a); + } diff --git a/testing/btest/bifs/cat_string_array.bro b/testing/btest/bifs/cat_string_array.bro new file mode 100644 index 0000000000..d2c2242411 --- /dev/null +++ b/testing/btest/bifs/cat_string_array.bro @@ -0,0 +1,14 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a: string_array = { + [0] = "this", [1] = "is", [2] = "a", [3] = "test" + }; + + print cat_string_array(a); + print cat_string_array_n(a, 0, |a|-1); + print cat_string_array_n(a, 1, 2); + } diff --git a/testing/btest/bifs/edit.bro b/testing/btest/bifs/edit.bro new file mode 100644 index 0000000000..c9a73d17f1 --- /dev/null +++ b/testing/btest/bifs/edit.bro @@ -0,0 +1,10 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "hello there"; + + print edit(a, "e"); + } diff --git a/testing/btest/bifs/escape_string.bro b/testing/btest/bifs/escape_string.bro new file mode 100644 index 0000000000..92b7b535d8 --- /dev/null +++ b/testing/btest/bifs/escape_string.bro @@ -0,0 +1,27 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "Test \0string"; + + print |a|; + print a; + + local b = clean(a); + print |b|; + print b; + + local c = to_string_literal(a); + print |c|; + print c; + + local d = escape_string(a); + print |d|; + print d; + + local e = string_to_ascii_hex(a); + print |e|; + print e; + } diff --git a/testing/btest/bifs/find_all.bro b/testing/btest/bifs/find_all.bro new file mode 100644 index 0000000000..edf3530c8a --- /dev/null +++ b/testing/btest/bifs/find_all.bro @@ -0,0 +1,18 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is a test"; + local pat = /hi|es/; + local pat2 = /aa|bb/; + + local b = find_all(a, pat); + local b2 = find_all(a, pat2); + + for (i in b) + print i; + print "-------------------"; + print |b2|; + } diff --git a/testing/btest/bifs/find_last.bro b/testing/btest/bifs/find_last.bro new file mode 100644 index 0000000000..b1a567f73a --- /dev/null +++ b/testing/btest/bifs/find_last.bro @@ -0,0 +1,17 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is a test"; + local pat = /hi|es/; + local pat2 = /aa|bb/; + + local b = find_last(a, pat); + local b2 = find_last(a, pat2); + + print b; + print "-------------------"; + print |b2|; + } diff --git a/testing/btest/bifs/hexdump.bro b/testing/btest/bifs/hexdump.bro new file mode 100644 index 0000000000..4c248efb77 --- /dev/null +++ b/testing/btest/bifs/hexdump.bro @@ -0,0 +1,10 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "abc\xffdefghijklmnopqrstuvwxyz"; + + print hexdump(a); + } diff --git a/testing/btest/bifs/join_string.bro b/testing/btest/bifs/join_string.bro new file mode 100644 index 0000000000..df5f83449b --- /dev/null +++ b/testing/btest/bifs/join_string.bro @@ -0,0 +1,14 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a: string_array = { + [1] = "this", [2] = "is", [3] = "a", [4] = "test" + }; + local b: string_vec = vector( "this", "is", "another", "test" ); + + print join_string_array(" * ", a); + print join_string_vec(b, "__"); + } diff --git a/testing/btest/bifs/lowerupper.bro b/testing/btest/bifs/lowerupper.bro new file mode 100644 index 0000000000..fcfdcde319 --- /dev/null +++ b/testing/btest/bifs/lowerupper.bro @@ -0,0 +1,11 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is a Test"; + + print to_lower(a); + print to_upper(a); + } diff --git a/testing/btest/bifs/sort_string_array.bro b/testing/btest/bifs/sort_string_array.bro new file mode 100644 index 0000000000..23c4f55848 --- /dev/null +++ b/testing/btest/bifs/sort_string_array.bro @@ -0,0 +1,17 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a: string_array = { + [1] = "this", [2] = "is", [3] = "a", [4] = "test" + }; + + local b = sort_string_array(a); + + print b[1]; + print b[2]; + print b[3]; + print b[4]; + } diff --git a/testing/btest/bifs/split.bro b/testing/btest/bifs/split.bro new file mode 100644 index 0000000000..fc1b5e96a0 --- /dev/null +++ b/testing/btest/bifs/split.bro @@ -0,0 +1,59 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is a test"; + local pat = /hi|es/; + local idx = vector( 3, 6, 13); + + local b = split(a, pat); + local c = split1(a, pat); + local d = split_all(a, pat); + local e1 = split_n(a, pat, F, 1); + local e2 = split_n(a, pat, T, 1); + + print b[1]; + print b[2]; + print b[3]; + print b[4]; + print "---------------------"; + print c[1]; + print c[2]; + print "---------------------"; + print d[1]; + print d[2]; + print d[3]; + print d[4]; + print d[5]; + print "---------------------"; + print e1[1]; + print e1[2]; + print "---------------------"; + print e2[1]; + print e2[2]; + print e2[3]; + print "---------------------"; + print str_split(a, idx); + print "---------------------"; + + a = "X-Mailer: Testing Test (http://www.example.com)"; + pat = /:[[:blank:]]*/; + local f = split1(a, pat); + + print f[1]; + print f[2]; + print "---------------------"; + + a = "A = B = C = D"; + pat = /=/; + local g = split_all(a, pat); + print g[1]; + print g[2]; + print g[3]; + print g[4]; + print g[5]; + print g[6]; + print g[7]; + } diff --git a/testing/btest/bifs/str_shell_escape.bro b/testing/btest/bifs/str_shell_escape.bro new file mode 100644 index 0000000000..a71cb4dcf6 --- /dev/null +++ b/testing/btest/bifs/str_shell_escape.bro @@ -0,0 +1,15 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "echo ${TEST} > \"my file\""; + + print |a|; + print a; + + local b = str_shell_escape(a); + print |b|; + print b; + } diff --git a/testing/btest/bifs/strcmp.bro b/testing/btest/bifs/strcmp.bro new file mode 100644 index 0000000000..af46c7fa96 --- /dev/null +++ b/testing/btest/bifs/strcmp.bro @@ -0,0 +1,13 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this"; + local b = "testing"; + + print strcmp(a, b) > 0; + print strcmp(b, a) < 0; + print strcmp(a, a) == 0; + } diff --git a/testing/btest/bifs/string_fill.bro b/testing/btest/bifs/string_fill.bro new file mode 100644 index 0000000000..c47f1916cc --- /dev/null +++ b/testing/btest/bifs/string_fill.bro @@ -0,0 +1,16 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "test "; + + local b = string_fill(1, a); + local c = string_fill(2, a); + local d = string_fill(10, a); + + print fmt("*%s* %d", b, |b|); + print fmt("*%s* %d", c, |c|); + print fmt("*%s* %d", d, |d|); + } diff --git a/testing/btest/bifs/string_splitting.bro b/testing/btest/bifs/string_splitting.bro deleted file mode 100644 index 44068fe510..0000000000 --- a/testing/btest/bifs/string_splitting.bro +++ /dev/null @@ -1,12 +0,0 @@ -# -# @TEST-EXEC: bro %INPUT >out -# @TEST-EXEC: btest-diff out - -event bro_init() - { - local a = "X-Mailer: Testing Test (http://www.example.com)"; - print split1(a, /:[[:blank:]]*/); - - a = "A = B = C = D"; - print split_all(a, /=/); - } diff --git a/testing/btest/bifs/strip.bro b/testing/btest/bifs/strip.bro new file mode 100644 index 0000000000..de6601b83c --- /dev/null +++ b/testing/btest/bifs/strip.bro @@ -0,0 +1,17 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = " this is a test "; + local b = ""; + local c = " "; + + print fmt("*%s*", a); + print fmt("*%s*", strip(a)); + print fmt("*%s*", b); + print fmt("*%s*", strip(b)); + print fmt("*%s*", c); + print fmt("*%s*", strip(c)); + } diff --git a/testing/btest/bifs/strstr.bro b/testing/btest/bifs/strstr.bro new file mode 100644 index 0000000000..58f79d593b --- /dev/null +++ b/testing/btest/bifs/strstr.bro @@ -0,0 +1,13 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is a test"; + local b = "his"; + local c = "are"; + + print strstr(a, b); + print strstr(a, c); + } diff --git a/testing/btest/bifs/sub.bro b/testing/btest/bifs/sub.bro new file mode 100644 index 0000000000..f6a956f26a --- /dev/null +++ b/testing/btest/bifs/sub.bro @@ -0,0 +1,12 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is a test"; + local pat = /is|ss/; + + print sub(a, pat, "at"); + print gsub(a, pat, "at"); + } diff --git a/testing/btest/bifs/subst_string.bro b/testing/btest/bifs/subst_string.bro new file mode 100644 index 0000000000..81a3f89424 --- /dev/null +++ b/testing/btest/bifs/subst_string.bro @@ -0,0 +1,12 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is another test"; + local b = "is"; + local c = "at"; + + print subst_string(a, b, c); + } From 03aee9197d68e9dd10440937fa209b35a20dafa2 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Thu, 24 May 2012 16:33:19 -0500 Subject: [PATCH 02/19] Add more tests for previously-untested BIFs --- testing/btest/Baseline/bifs.all_set/out | 3 +++ testing/btest/Baseline/bifs.any_set/out | 3 +++ testing/btest/Baseline/bifs.clear_table/out | 2 ++ testing/btest/Baseline/bifs.exit/out | 1 + testing/btest/Baseline/bifs.getsetenv/out | 3 +++ testing/btest/Baseline/bifs.length/out | 6 +++++ testing/btest/Baseline/bifs.md5/output | 2 ++ testing/btest/Baseline/bifs.rand/out | 6 +++++ testing/btest/Baseline/bifs.resize/out | 4 ++++ testing/btest/Baseline/bifs.sort/out | 2 ++ testing/btest/Baseline/bifs.system/out | 1 + testing/btest/Baseline/bifs.system_env/out | 1 + testing/btest/Baseline/bifs.val_size/out | 2 ++ testing/btest/bifs/all_set.bro | 15 ++++++++++++ testing/btest/bifs/any_set.bro | 15 ++++++++++++ testing/btest/bifs/clear_table.bro | 14 +++++++++++ testing/btest/bifs/exit.bro | 9 +++++++ testing/btest/bifs/getsetenv.bro | 20 ++++++++++++++++ testing/btest/bifs/length.bro | 22 +++++++++++++++++ testing/btest/bifs/md5.test | 3 +++ testing/btest/bifs/order.bro | 18 ++++++++++++++ testing/btest/bifs/piped_exec.bro | 6 +++-- testing/btest/bifs/rand.bro | 24 +++++++++++++++++++ testing/btest/bifs/resize.bro | 26 +++++++++++++++++++++ testing/btest/bifs/sort.bro | 18 ++++++++++++++ testing/btest/bifs/system.bro | 15 ++++++++++++ testing/btest/bifs/system_env.bro | 21 +++++++++++++++++ testing/btest/bifs/val_size.bro | 12 ++++++++++ 28 files changed, 272 insertions(+), 2 deletions(-) create mode 100644 testing/btest/Baseline/bifs.all_set/out create mode 100644 testing/btest/Baseline/bifs.any_set/out create mode 100644 testing/btest/Baseline/bifs.clear_table/out create mode 100644 testing/btest/Baseline/bifs.exit/out create mode 100644 testing/btest/Baseline/bifs.getsetenv/out create mode 100644 testing/btest/Baseline/bifs.length/out create mode 100644 testing/btest/Baseline/bifs.rand/out create mode 100644 testing/btest/Baseline/bifs.resize/out create mode 100644 testing/btest/Baseline/bifs.sort/out create mode 100644 testing/btest/Baseline/bifs.system/out create mode 100644 testing/btest/Baseline/bifs.system_env/out create mode 100644 testing/btest/Baseline/bifs.val_size/out create mode 100644 testing/btest/bifs/all_set.bro create mode 100644 testing/btest/bifs/any_set.bro create mode 100644 testing/btest/bifs/clear_table.bro create mode 100644 testing/btest/bifs/exit.bro create mode 100644 testing/btest/bifs/getsetenv.bro create mode 100644 testing/btest/bifs/length.bro create mode 100644 testing/btest/bifs/order.bro create mode 100644 testing/btest/bifs/rand.bro create mode 100644 testing/btest/bifs/resize.bro create mode 100644 testing/btest/bifs/sort.bro create mode 100644 testing/btest/bifs/system.bro create mode 100644 testing/btest/bifs/system_env.bro create mode 100644 testing/btest/bifs/val_size.bro diff --git a/testing/btest/Baseline/bifs.all_set/out b/testing/btest/Baseline/bifs.all_set/out new file mode 100644 index 0000000000..ed4964b655 --- /dev/null +++ b/testing/btest/Baseline/bifs.all_set/out @@ -0,0 +1,3 @@ +F +F +T diff --git a/testing/btest/Baseline/bifs.any_set/out b/testing/btest/Baseline/bifs.any_set/out new file mode 100644 index 0000000000..3ea3c39b0d --- /dev/null +++ b/testing/btest/Baseline/bifs.any_set/out @@ -0,0 +1,3 @@ +T +F +F diff --git a/testing/btest/Baseline/bifs.clear_table/out b/testing/btest/Baseline/bifs.clear_table/out new file mode 100644 index 0000000000..b261da18d5 --- /dev/null +++ b/testing/btest/Baseline/bifs.clear_table/out @@ -0,0 +1,2 @@ +1 +0 diff --git a/testing/btest/Baseline/bifs.exit/out b/testing/btest/Baseline/bifs.exit/out new file mode 100644 index 0000000000..ce01362503 --- /dev/null +++ b/testing/btest/Baseline/bifs.exit/out @@ -0,0 +1 @@ +hello diff --git a/testing/btest/Baseline/bifs.getsetenv/out b/testing/btest/Baseline/bifs.getsetenv/out new file mode 100644 index 0000000000..0eabe36713 --- /dev/null +++ b/testing/btest/Baseline/bifs.getsetenv/out @@ -0,0 +1,3 @@ +OK +OK +OK diff --git a/testing/btest/Baseline/bifs.length/out b/testing/btest/Baseline/bifs.length/out new file mode 100644 index 0000000000..ad43182650 --- /dev/null +++ b/testing/btest/Baseline/bifs.length/out @@ -0,0 +1,6 @@ +1 +4 +2 +0 +0 +0 diff --git a/testing/btest/Baseline/bifs.md5/output b/testing/btest/Baseline/bifs.md5/output index 71c0fbfcb8..a560286854 100644 --- a/testing/btest/Baseline/bifs.md5/output +++ b/testing/btest/Baseline/bifs.md5/output @@ -2,3 +2,5 @@ f97c5d29941bfb1b2fdab0874906ab82 7b0391feb2e0cd271f1cf39aafb4376f f97c5d29941bfb1b2fdab0874906ab82 7b0391feb2e0cd271f1cf39aafb4376f +571c0a35c7858ad5a0e16b8fdb41adcd +1751cbd623726f423f734e23a8c7ec06 diff --git a/testing/btest/Baseline/bifs.rand/out b/testing/btest/Baseline/bifs.rand/out new file mode 100644 index 0000000000..367833f80a --- /dev/null +++ b/testing/btest/Baseline/bifs.rand/out @@ -0,0 +1,6 @@ +185 +236 +805 +47 +996 +498 diff --git a/testing/btest/Baseline/bifs.resize/out b/testing/btest/Baseline/bifs.resize/out new file mode 100644 index 0000000000..fcefeaf4df --- /dev/null +++ b/testing/btest/Baseline/bifs.resize/out @@ -0,0 +1,4 @@ +3 +5 +0 +7 diff --git a/testing/btest/Baseline/bifs.sort/out b/testing/btest/Baseline/bifs.sort/out new file mode 100644 index 0000000000..21d24208fb --- /dev/null +++ b/testing/btest/Baseline/bifs.sort/out @@ -0,0 +1,2 @@ +[5, 3, 8] +[3, 5, 8] diff --git a/testing/btest/Baseline/bifs.system/out b/testing/btest/Baseline/bifs.system/out new file mode 100644 index 0000000000..ae782e3280 --- /dev/null +++ b/testing/btest/Baseline/bifs.system/out @@ -0,0 +1 @@ +thistest diff --git a/testing/btest/Baseline/bifs.system_env/out b/testing/btest/Baseline/bifs.system_env/out new file mode 100644 index 0000000000..31e0fce560 --- /dev/null +++ b/testing/btest/Baseline/bifs.system_env/out @@ -0,0 +1 @@ +helloworld diff --git a/testing/btest/Baseline/bifs.val_size/out b/testing/btest/Baseline/bifs.val_size/out new file mode 100644 index 0000000000..16b548f269 --- /dev/null +++ b/testing/btest/Baseline/bifs.val_size/out @@ -0,0 +1,2 @@ +72 +72 diff --git a/testing/btest/bifs/all_set.bro b/testing/btest/bifs/all_set.bro new file mode 100644 index 0000000000..31544eb31e --- /dev/null +++ b/testing/btest/bifs/all_set.bro @@ -0,0 +1,15 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = vector( T, F, T ); + print all_set(a); + + local b = vector(); + print all_set(b); + + local c = vector( T ); + print all_set(c); + } diff --git a/testing/btest/bifs/any_set.bro b/testing/btest/bifs/any_set.bro new file mode 100644 index 0000000000..5fe046cdf4 --- /dev/null +++ b/testing/btest/bifs/any_set.bro @@ -0,0 +1,15 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = vector( F, T, F ); + print any_set(a); + + local b = vector(); + print any_set(b); + + local c = vector( F ); + print any_set(c); + } diff --git a/testing/btest/bifs/clear_table.bro b/testing/btest/bifs/clear_table.bro new file mode 100644 index 0000000000..94779285af --- /dev/null +++ b/testing/btest/bifs/clear_table.bro @@ -0,0 +1,14 @@ +# +# @TEST-EXEC: bro %INPUT > out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local mytable: table[string] of string = { ["key1"] = "val1" }; + + print |mytable|; + + clear_table(mytable); + + print |mytable|; + } diff --git a/testing/btest/bifs/exit.bro b/testing/btest/bifs/exit.bro new file mode 100644 index 0000000000..e551144caa --- /dev/null +++ b/testing/btest/bifs/exit.bro @@ -0,0 +1,9 @@ +# +# @TEST-EXEC: bro %INPUT >out || test $? -eq 7 +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print "hello"; + exit(7); + } diff --git a/testing/btest/bifs/getsetenv.bro b/testing/btest/bifs/getsetenv.bro new file mode 100644 index 0000000000..b4ee9a0931 --- /dev/null +++ b/testing/btest/bifs/getsetenv.bro @@ -0,0 +1,20 @@ +# +# @TEST-EXEC: TESTBRO=testvalue bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = getenv("NOTDEFINED"); + local b = getenv("TESTBRO"); + if ( |a| == 0 ) + print "OK"; + if ( b == "testvalue" ) + print "OK"; + + if ( setenv("NOTDEFINED", "now defined" ) == T ) + { + if ( getenv("NOTDEFINED") == "now defined" ) + print "OK"; + } + + } diff --git a/testing/btest/bifs/length.bro b/testing/btest/bifs/length.bro new file mode 100644 index 0000000000..335223c124 --- /dev/null +++ b/testing/btest/bifs/length.bro @@ -0,0 +1,22 @@ +# +# @TEST-EXEC: bro %INPUT > out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local mytable: table[string] of string = { ["key1"] = "val1" }; + local myset: set[count] = set( 3, 6, 2, 7 ); + local myvec: vector of string = vector( "value1", "value2" ); + + print length(mytable); + print length(myset); + print length(myvec); + + mytable = table(); + myset = set(); + myvec = vector(); + + print length(mytable); + print length(myset); + print length(myvec); + } diff --git a/testing/btest/bifs/md5.test b/testing/btest/bifs/md5.test index 2632d76cb4..5a9715edf1 100644 --- a/testing/btest/bifs/md5.test +++ b/testing/btest/bifs/md5.test @@ -14,3 +14,6 @@ md5_hash_update("b", "three"); print md5_hash_finish("a"); print md5_hash_finish("b"); + +print md5_hmac("one"); +print md5_hmac("one", "two", "three"); diff --git a/testing/btest/bifs/order.bro b/testing/btest/bifs/order.bro new file mode 100644 index 0000000000..176e733cfe --- /dev/null +++ b/testing/btest/bifs/order.bro @@ -0,0 +1,18 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +function myfunc(a: count, b: count): bool + { + return a < b; + } + +event bro_init() + { + local a = vector( 5, 3, 8 ); + + print order(a, myfunc); + + print a; + + } diff --git a/testing/btest/bifs/piped_exec.bro b/testing/btest/bifs/piped_exec.bro index 32fd5c5f80..3a76eba8f5 100644 --- a/testing/btest/bifs/piped_exec.bro +++ b/testing/btest/bifs/piped_exec.bro @@ -5,8 +5,10 @@ global cmds = "print \"hello world\";"; cmds = string_cat(cmds, "\nprint \"foobar\";"); -piped_exec("bro", cmds); +if ( piped_exec("bro", cmds) != T ) + exit(1); # Test null output. -piped_exec("cat > test.txt", "\x00\x00hello\x00\x00"); +if ( piped_exec("cat > test.txt", "\x00\x00hello\x00\x00") != T ) + exit(1); diff --git a/testing/btest/bifs/rand.bro b/testing/btest/bifs/rand.bro new file mode 100644 index 0000000000..229645944e --- /dev/null +++ b/testing/btest/bifs/rand.bro @@ -0,0 +1,24 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = rand(1000); + local b = rand(1000); + local c = rand(1000); + + print a; + print b; + print c; + + srand(575); + + local d = rand(1000); + local e = rand(1000); + local f = rand(1000); + + print d; + print e; + print f; + } diff --git a/testing/btest/bifs/resize.bro b/testing/btest/bifs/resize.bro new file mode 100644 index 0000000000..37e4ac38d9 --- /dev/null +++ b/testing/btest/bifs/resize.bro @@ -0,0 +1,26 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = vector( 5, 3, 8 ); + + print |a|; + + if ( resize(a, 5) != 3 ) + exit(1); + + print |a|; + + if ( resize(a, 0) != 5 ) + exit(1); + + print |a|; + + if ( resize(a, 7) != 0 ) + exit(1); + + print |a|; + + } diff --git a/testing/btest/bifs/sort.bro b/testing/btest/bifs/sort.bro new file mode 100644 index 0000000000..2d6d82129f --- /dev/null +++ b/testing/btest/bifs/sort.bro @@ -0,0 +1,18 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +function myfunc(a: count, b: count): bool + { + return a < b; + } + +event bro_init() + { + local a = vector( 5, 3, 8 ); + + print sort(a, myfunc); + + print a; + + } diff --git a/testing/btest/bifs/system.bro b/testing/btest/bifs/system.bro new file mode 100644 index 0000000000..b73aed4d79 --- /dev/null +++ b/testing/btest/bifs/system.bro @@ -0,0 +1,15 @@ +# +# @TEST-EXEC: bro %INPUT +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = system("echo thistest > out"); + if ( a != 0 ) + exit(1); + + local b = system(""); + if ( b == 0 ) + exit(1); + + } diff --git a/testing/btest/bifs/system_env.bro b/testing/btest/bifs/system_env.bro new file mode 100644 index 0000000000..d8e54a8709 --- /dev/null +++ b/testing/btest/bifs/system_env.bro @@ -0,0 +1,21 @@ +# +# @TEST-EXEC: bro %INPUT +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local vars: table[string] of string = { ["TESTBRO"] = "helloworld" }; + + # make sure the env. variable is not set + local myvar = getenv("TESTBRO"); + if ( |myvar| != 0 ) + exit(1); + + local a = system_env("echo $TESTBRO > out", vars); + if ( a != 0 ) + exit(1); + + myvar = getenv("TESTBRO"); + if ( |myvar| != 0 ) + exit(1); + } diff --git a/testing/btest/bifs/val_size.bro b/testing/btest/bifs/val_size.bro new file mode 100644 index 0000000000..b779460b9b --- /dev/null +++ b/testing/btest/bifs/val_size.bro @@ -0,0 +1,12 @@ +# +# @TEST-EXEC: bro %INPUT > out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 1; + local b = T; + + print val_size(a); + print val_size(b); + } From 1059d9aa75f9b9dd7f6081f4de77b9ea73734b3a Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Fri, 25 May 2012 17:15:29 -0500 Subject: [PATCH 03/19] Add more tests for previously-untested BIFs --- testing/btest/Baseline/bifs.cat/out | 6 ++ testing/btest/Baseline/bifs.fmt/out | 48 ++++++++++++ testing/btest/Baseline/bifs.lookup_ID/out | 5 ++ testing/btest/Baseline/bifs.math/out | 8 ++ .../Baseline/bifs.record_type_to_vector/out | 1 + testing/btest/Baseline/bifs.to_count/out | 9 +++ testing/btest/Baseline/bifs.to_double/out | 6 ++ testing/btest/Baseline/bifs.to_int/out | 3 + testing/btest/Baseline/bifs.to_interval/out | 2 + testing/btest/Baseline/bifs.to_port/out | 6 ++ testing/btest/Baseline/bifs.to_time/out | 2 + testing/btest/Baseline/bifs.type_name/out | 20 +++++ testing/btest/bifs/cat.bro | 22 ++++++ testing/btest/bifs/fmt.bro | 78 +++++++++++++++++++ testing/btest/bifs/lookup_ID.bro | 16 ++++ testing/btest/bifs/math.bro | 24 ++++++ testing/btest/bifs/record_type_to_vector.bro | 13 ++++ testing/btest/bifs/to_count.bro | 27 +++++++ testing/btest/bifs/to_double.bro | 20 +++++ testing/btest/bifs/to_int.bro | 10 +++ testing/btest/bifs/to_interval.bro | 11 +++ testing/btest/bifs/to_port.bro | 17 ++++ testing/btest/bifs/to_time.bro | 11 +++ testing/btest/bifs/type_name.bro | 56 +++++++++++++ 24 files changed, 421 insertions(+) create mode 100644 testing/btest/Baseline/bifs.cat/out create mode 100644 testing/btest/Baseline/bifs.fmt/out create mode 100644 testing/btest/Baseline/bifs.lookup_ID/out create mode 100644 testing/btest/Baseline/bifs.math/out create mode 100644 testing/btest/Baseline/bifs.record_type_to_vector/out create mode 100644 testing/btest/Baseline/bifs.to_count/out create mode 100644 testing/btest/Baseline/bifs.to_double/out create mode 100644 testing/btest/Baseline/bifs.to_int/out create mode 100644 testing/btest/Baseline/bifs.to_interval/out create mode 100644 testing/btest/Baseline/bifs.to_port/out create mode 100644 testing/btest/Baseline/bifs.to_time/out create mode 100644 testing/btest/Baseline/bifs.type_name/out create mode 100644 testing/btest/bifs/cat.bro create mode 100644 testing/btest/bifs/fmt.bro create mode 100644 testing/btest/bifs/lookup_ID.bro create mode 100644 testing/btest/bifs/math.bro create mode 100644 testing/btest/bifs/record_type_to_vector.bro create mode 100644 testing/btest/bifs/to_count.bro create mode 100644 testing/btest/bifs/to_double.bro create mode 100644 testing/btest/bifs/to_int.bro create mode 100644 testing/btest/bifs/to_interval.bro create mode 100644 testing/btest/bifs/to_port.bro create mode 100644 testing/btest/bifs/to_time.bro create mode 100644 testing/btest/bifs/type_name.bro diff --git a/testing/btest/Baseline/bifs.cat/out b/testing/btest/Baseline/bifs.cat/out new file mode 100644 index 0000000000..cf73512b88 --- /dev/null +++ b/testing/btest/Baseline/bifs.cat/out @@ -0,0 +1,6 @@ +foo3T + +3T +foo|3|T + +|3|T diff --git a/testing/btest/Baseline/bifs.fmt/out b/testing/btest/Baseline/bifs.fmt/out new file mode 100644 index 0000000000..6422294a39 --- /dev/null +++ b/testing/btest/Baseline/bifs.fmt/out @@ -0,0 +1,48 @@ +test +% + +*test * +* test* +* T* +*T * +* 3.14e+00* +*3.14e+00 * +* 3.14* +* 3.1* +* -3.14e+00* +* -3.14* +* -3.1* +*-3.14e+00 * +*-3.14 * +*-3.1 * +* -128* +*-128 * +* 128* +*0000000128* +*128 * +* a0* +*00000000a0* +* a0* +* 160/tcp* +* 127.0.0.1* +* 7f000001* +*192.168.0.0/16* +* ::1* +*fe000000000000000000000000000001* +*fe80:1234::1* +*fe80:1234::/32* +* 3.0 hrs* +*/^?(^foo|bar)$?/* +* Blue* +* [1, 2, 3]* +*{^J^I2,^J^I1,^J^I3^J}* +*{^J^I[2] = bro,^J^I[1] = test^J}* +3.100000e+02 +310.000000 +310 +3.100e+02 +310.000 +310 +310 +this\0test +this\0test diff --git a/testing/btest/Baseline/bifs.lookup_ID/out b/testing/btest/Baseline/bifs.lookup_ID/out new file mode 100644 index 0000000000..64b6379deb --- /dev/null +++ b/testing/btest/Baseline/bifs.lookup_ID/out @@ -0,0 +1,5 @@ +bro test + + + +event() diff --git a/testing/btest/Baseline/bifs.math/out b/testing/btest/Baseline/bifs.math/out new file mode 100644 index 0000000000..40131d2528 --- /dev/null +++ b/testing/btest/Baseline/bifs.math/out @@ -0,0 +1,8 @@ +3.0 +2.0 +-4.0 +-3.0 +1.772005 +23.103867 +1.144223 +0.49693 diff --git a/testing/btest/Baseline/bifs.record_type_to_vector/out b/testing/btest/Baseline/bifs.record_type_to_vector/out new file mode 100644 index 0000000000..1b4fa4baf1 --- /dev/null +++ b/testing/btest/Baseline/bifs.record_type_to_vector/out @@ -0,0 +1 @@ +[, ct, str1] diff --git a/testing/btest/Baseline/bifs.to_count/out b/testing/btest/Baseline/bifs.to_count/out new file mode 100644 index 0000000000..a283cbaed3 --- /dev/null +++ b/testing/btest/Baseline/bifs.to_count/out @@ -0,0 +1,9 @@ +0 +2 +3 +4 +7 +0 +18446744073709551611 +0 +123 diff --git a/testing/btest/Baseline/bifs.to_double/out b/testing/btest/Baseline/bifs.to_double/out new file mode 100644 index 0000000000..8c2fef496a --- /dev/null +++ b/testing/btest/Baseline/bifs.to_double/out @@ -0,0 +1,6 @@ +0.000001 +1.0 +-60.0 +3600.0 +86400.0 +1337982322.762159 diff --git a/testing/btest/Baseline/bifs.to_int/out b/testing/btest/Baseline/bifs.to_int/out new file mode 100644 index 0000000000..cde0c82987 --- /dev/null +++ b/testing/btest/Baseline/bifs.to_int/out @@ -0,0 +1,3 @@ +1 +-1 +0 diff --git a/testing/btest/Baseline/bifs.to_interval/out b/testing/btest/Baseline/bifs.to_interval/out new file mode 100644 index 0000000000..d841f8d99a --- /dev/null +++ b/testing/btest/Baseline/bifs.to_interval/out @@ -0,0 +1,2 @@ +1234563.14 +-1234563.14 diff --git a/testing/btest/Baseline/bifs.to_port/out b/testing/btest/Baseline/bifs.to_port/out new file mode 100644 index 0000000000..fb8a536abb --- /dev/null +++ b/testing/btest/Baseline/bifs.to_port/out @@ -0,0 +1,6 @@ +123/tcp +123/udp +123/icmp +256/tcp +256/udp +256/icmp diff --git a/testing/btest/Baseline/bifs.to_time/out b/testing/btest/Baseline/bifs.to_time/out new file mode 100644 index 0000000000..d841f8d99a --- /dev/null +++ b/testing/btest/Baseline/bifs.to_time/out @@ -0,0 +1,2 @@ +1234563.14 +-1234563.14 diff --git a/testing/btest/Baseline/bifs.type_name/out b/testing/btest/Baseline/bifs.type_name/out new file mode 100644 index 0000000000..610ee304fd --- /dev/null +++ b/testing/btest/Baseline/bifs.type_name/out @@ -0,0 +1,20 @@ +string +count +double +bool +time +interval +pattern +enum +port +addr +addr +subnet +subnet +vector +vector +set[count] +set[string] +table[count] of string +table[string] of count +record { c:count; s:string; } diff --git a/testing/btest/bifs/cat.bro b/testing/btest/bifs/cat.bro new file mode 100644 index 0000000000..b85b3af550 --- /dev/null +++ b/testing/btest/bifs/cat.bro @@ -0,0 +1,22 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "foo"; + local b = 3; + local c = T; + + print cat(a, b, c); + + print cat(); + + print cat("", 3, T); + + print cat_sep("|", "", a, b, c); + + print cat_sep("|", ""); + + print cat_sep("|", "", "", b, c); + } diff --git a/testing/btest/bifs/fmt.bro b/testing/btest/bifs/fmt.bro new file mode 100644 index 0000000000..bb2740d127 --- /dev/null +++ b/testing/btest/bifs/fmt.bro @@ -0,0 +1,78 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +type color: enum { Red, Blue }; + +event bro_init() + { + local a = "foo"; + local b = 3; + local c = T; + local d = Blue; + local e = vector( 1, 2, 3); + local f = set( 1, 2, 3); + local g: table[count] of string = { [1] = "test", [2] = "bro" }; + local h = "this\0test"; + + #print fmt(c, b, a); # this should work, according to doc comments + + # tests with only a format string (no additional args) + print fmt("test"); + print fmt("%%"); + + # no arguments + print fmt(); + + # tests of various data types with field width specified + print fmt("*%-10s*", "test"); + print fmt("*%10s*", "test"); + print fmt("*%10s*", T); + print fmt("*%-10s*", T); + print fmt("*%10.2e*", 3.14159265); + print fmt("*%-10.2e*", 3.14159265); + print fmt("*%10.2f*", 3.14159265); + print fmt("*%10.2g*", 3.14159265); + print fmt("*%10.2e*", -3.14159265); + print fmt("*%10.2f*", -3.14159265); + print fmt("*%10.2g*", -3.14159265); + print fmt("*%-10.2e*", -3.14159265); + print fmt("*%-10.2f*", -3.14159265); + print fmt("*%-10.2g*", -3.14159265); + print fmt("*%10d*", -128); + print fmt("*%-10d*", -128); + print fmt("*%10d*", 128); + print fmt("*%010d*", 128); + print fmt("*%-10d*", 128); + print fmt("*%10x*", 160); + print fmt("*%010x*", 160); + print fmt("*%10x*", 160/tcp); + print fmt("*%10s*", 160/tcp); + print fmt("*%10s*", 127.0.0.1); + print fmt("*%10x*", 127.0.0.1); + print fmt("*%10s*", 192.168.0.0/16); + print fmt("*%10s*", [::1]); + print fmt("*%10x*", [fe00::1]); + print fmt("*%10s*", [fe80:1234::1]); + print fmt("*%10s*", [fe80:1234::]/32); + print fmt("*%10s*", 3hr); + print fmt("*%10s*", /^foo|bar/); + print fmt("*%10s*", d); + print fmt("*%10s*", e); + print fmt("*%10s*", f); + print fmt("*%10s*", g); + + # tests of various data types without field width + print fmt("%e", 3.1e+2); + print fmt("%f", 3.1e+2); + print fmt("%g", 3.1e+2); + print fmt("%.3e", 3.1e+2); + print fmt("%.3f", 3.1e+2); + print fmt("%.3g", 3.1e+2); + print fmt("%.7g", 3.1e+2); + + # these produce same result + print fmt("%As", h); + print fmt("%s", h); + + } diff --git a/testing/btest/bifs/lookup_ID.bro b/testing/btest/bifs/lookup_ID.bro new file mode 100644 index 0000000000..b8a29ef41f --- /dev/null +++ b/testing/btest/bifs/lookup_ID.bro @@ -0,0 +1,16 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +global a = "bro test"; + +event bro_init() + { + local b = "local value"; + + print lookup_ID("a"); + print lookup_ID(""); + print lookup_ID("xyz"); + print lookup_ID("b"); + print type_name( lookup_ID("bro_init") ); + } diff --git a/testing/btest/bifs/math.bro b/testing/btest/bifs/math.bro new file mode 100644 index 0000000000..90aed5b4e6 --- /dev/null +++ b/testing/btest/bifs/math.bro @@ -0,0 +1,24 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 3.14; + local b = 2.71; + local c = -3.14; + local d = -2.71; + + print floor(a); + print floor(b); + print floor(c); + print floor(d); + + print sqrt(a); + + print exp(a); + + print ln(a); + + print log10(a); + } diff --git a/testing/btest/bifs/record_type_to_vector.bro b/testing/btest/bifs/record_type_to_vector.bro new file mode 100644 index 0000000000..18ddf35022 --- /dev/null +++ b/testing/btest/bifs/record_type_to_vector.bro @@ -0,0 +1,13 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +type myrecord: record { + ct: count; + str1: string; +}; + +event bro_init() + { + print record_type_to_vector("myrecord"); + } diff --git a/testing/btest/bifs/to_count.bro b/testing/btest/bifs/to_count.bro new file mode 100644 index 0000000000..c1fe72ce52 --- /dev/null +++ b/testing/btest/bifs/to_count.bro @@ -0,0 +1,27 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a: int = -2; + print int_to_count(a); + + local b: int = 2; + print int_to_count(b); + + local c: double = 3.14; + print double_to_count(c); + + local d: double = 3.9; + print double_to_count(d); + + print to_count("7"); + print to_count(""); + print to_count("-5"); + print to_count("not a count"); + + local e: port = 123/tcp; + print port_to_count(e); + + } diff --git a/testing/btest/bifs/to_double.bro b/testing/btest/bifs/to_double.bro new file mode 100644 index 0000000000..f13d34f69a --- /dev/null +++ b/testing/btest/bifs/to_double.bro @@ -0,0 +1,20 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 1 usec; + print interval_to_double(a); + local b = 1sec; + print interval_to_double(b); + local c = -1min; + print interval_to_double(c); + local d = 1hrs; + print interval_to_double(d); + local e = 1 day; + print interval_to_double(e); + + local f = current_time(); + print time_to_double(f); + } diff --git a/testing/btest/bifs/to_int.bro b/testing/btest/bifs/to_int.bro new file mode 100644 index 0000000000..9d108a9da7 --- /dev/null +++ b/testing/btest/bifs/to_int.bro @@ -0,0 +1,10 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print to_int("1"); + print to_int("-1"); + print to_int("not an int"); + } diff --git a/testing/btest/bifs/to_interval.bro b/testing/btest/bifs/to_interval.bro new file mode 100644 index 0000000000..8fded315d2 --- /dev/null +++ b/testing/btest/bifs/to_interval.bro @@ -0,0 +1,11 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 1234563.14; + print double_to_interval(a); + local b = -1234563.14; + print double_to_interval(b); + } diff --git a/testing/btest/bifs/to_port.bro b/testing/btest/bifs/to_port.bro new file mode 100644 index 0000000000..39a0cbed6b --- /dev/null +++ b/testing/btest/bifs/to_port.bro @@ -0,0 +1,17 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print to_port("123/tcp"); + print to_port("123/udp"); + print to_port("123/icmp"); + + local a: transport_proto = tcp; + local b: transport_proto = udp; + local c: transport_proto = icmp; + print count_to_port(256, a); + print count_to_port(256, b); + print count_to_port(256, c); + } diff --git a/testing/btest/bifs/to_time.bro b/testing/btest/bifs/to_time.bro new file mode 100644 index 0000000000..97b109e647 --- /dev/null +++ b/testing/btest/bifs/to_time.bro @@ -0,0 +1,11 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 1234563.14; + print double_to_time(a); + local b = -1234563.14; + print double_to_time(b); + } diff --git a/testing/btest/bifs/type_name.bro b/testing/btest/bifs/type_name.bro new file mode 100644 index 0000000000..a8c51ef69d --- /dev/null +++ b/testing/btest/bifs/type_name.bro @@ -0,0 +1,56 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +type color: enum { Red, Blue }; + +type myrecord: record { + c: count; + s: string; +}; + +event bro_init() + { + local a = "foo"; + local b = 3; + local c = 3.14; + local d = T; + local e = current_time(); + local f = 5hr; + local g = /^foo|bar/; + local h = Blue; + local i = 123/tcp; + local j = 192.168.0.2; + local k = [fe80::1]; + local l = 192.168.0.0/16; + local m = [fe80:1234::]/32; + local n = vector( 1, 2, 3); + local o = vector( "bro", "test"); + local p = set( 1, 2, 3); + local q = set( "this", "test"); + local r: table[count] of string = { [1] = "test", [2] = "bro" }; + local s: table[string] of count = { ["a"] = 5, ["b"] = 3 }; + local t: myrecord = [ $c = 2, $s = "another test" ]; + + print type_name(a); + print type_name(b); + print type_name(c); + print type_name(d); + print type_name(e); + print type_name(f); + print type_name(g); + print type_name(h); + print type_name(i); + print type_name(j); + print type_name(k); + print type_name(l); + print type_name(m); + print type_name(n); + print type_name(o); + print type_name(p); + print type_name(q); + print type_name(r); + print type_name(s); + print type_name(t); + + } From 15689ce005d8c7c4428df62d3ae89d2c90f5609f Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Tue, 29 May 2012 14:04:36 -0500 Subject: [PATCH 04/19] Add more tests for previously-untested BIFs --- .../Baseline/bifs.bytestring_to_hexstr/out | 3 ++ .../Baseline/bifs.convert_for_pattern/out | 3 ++ testing/btest/Baseline/bifs.file_mode/out | 10 ++++++ testing/btest/Baseline/bifs.is_port/out | 9 +++++ testing/btest/Baseline/bifs.merge_pattern/out | 2 ++ .../btest/Baseline/bifs.parse_dotted_addr/out | 2 ++ testing/btest/Baseline/bifs.parse_ftp/out | 5 +++ .../Baseline/bifs.raw_bytes_to_v4_addr/out | 2 ++ .../btest/Baseline/bifs.string_to_pattern/out | 6 ++++ testing/btest/bifs/bytestring_to_hexstr.bro | 10 ++++++ testing/btest/bifs/convert_for_pattern.bro | 10 ++++++ testing/btest/bifs/file_mode.bro | 36 +++++++++++++++++++ testing/btest/bifs/is_port.bro | 22 ++++++++++++ testing/btest/bifs/merge_pattern.bro | 17 +++++++++ testing/btest/bifs/parse_dotted_addr.bro | 9 +++++ testing/btest/bifs/parse_ftp.bro | 15 ++++++++ testing/btest/bifs/raw_bytes_to_v4_addr.bro | 9 +++++ testing/btest/bifs/string_to_pattern.bro | 14 ++++++++ 18 files changed, 184 insertions(+) create mode 100644 testing/btest/Baseline/bifs.bytestring_to_hexstr/out create mode 100644 testing/btest/Baseline/bifs.convert_for_pattern/out create mode 100644 testing/btest/Baseline/bifs.file_mode/out create mode 100644 testing/btest/Baseline/bifs.is_port/out create mode 100644 testing/btest/Baseline/bifs.merge_pattern/out create mode 100644 testing/btest/Baseline/bifs.parse_dotted_addr/out create mode 100644 testing/btest/Baseline/bifs.parse_ftp/out create mode 100644 testing/btest/Baseline/bifs.raw_bytes_to_v4_addr/out create mode 100644 testing/btest/Baseline/bifs.string_to_pattern/out create mode 100644 testing/btest/bifs/bytestring_to_hexstr.bro create mode 100644 testing/btest/bifs/convert_for_pattern.bro create mode 100644 testing/btest/bifs/file_mode.bro create mode 100644 testing/btest/bifs/is_port.bro create mode 100644 testing/btest/bifs/merge_pattern.bro create mode 100644 testing/btest/bifs/parse_dotted_addr.bro create mode 100644 testing/btest/bifs/parse_ftp.bro create mode 100644 testing/btest/bifs/raw_bytes_to_v4_addr.bro create mode 100644 testing/btest/bifs/string_to_pattern.bro diff --git a/testing/btest/Baseline/bifs.bytestring_to_hexstr/out b/testing/btest/Baseline/bifs.bytestring_to_hexstr/out new file mode 100644 index 0000000000..241fa43ec3 --- /dev/null +++ b/testing/btest/Baseline/bifs.bytestring_to_hexstr/out @@ -0,0 +1,3 @@ +3034 + +00 diff --git a/testing/btest/Baseline/bifs.convert_for_pattern/out b/testing/btest/Baseline/bifs.convert_for_pattern/out new file mode 100644 index 0000000000..0de79c0927 --- /dev/null +++ b/testing/btest/Baseline/bifs.convert_for_pattern/out @@ -0,0 +1,3 @@ +foo + +b\[a\-z\]\+ diff --git a/testing/btest/Baseline/bifs.file_mode/out b/testing/btest/Baseline/bifs.file_mode/out new file mode 100644 index 0000000000..0c7b672b5b --- /dev/null +++ b/testing/btest/Baseline/bifs.file_mode/out @@ -0,0 +1,10 @@ +rw-r--r-- +rwxrwxrwx +rwxrwxrwt +rwxr-x--T +rwsr-xr-x +r-S------ +rwxr-sr-x +r--r-S--- +--xr-xrwx +--------- diff --git a/testing/btest/Baseline/bifs.is_port/out b/testing/btest/Baseline/bifs.is_port/out new file mode 100644 index 0000000000..0a7c80fc6e --- /dev/null +++ b/testing/btest/Baseline/bifs.is_port/out @@ -0,0 +1,9 @@ +T +F +F +F +T +F +F +F +T diff --git a/testing/btest/Baseline/bifs.merge_pattern/out b/testing/btest/Baseline/bifs.merge_pattern/out new file mode 100644 index 0000000000..fe8ebc3c01 --- /dev/null +++ b/testing/btest/Baseline/bifs.merge_pattern/out @@ -0,0 +1,2 @@ +match +match diff --git a/testing/btest/Baseline/bifs.parse_dotted_addr/out b/testing/btest/Baseline/bifs.parse_dotted_addr/out new file mode 100644 index 0000000000..1a09fd45a5 --- /dev/null +++ b/testing/btest/Baseline/bifs.parse_dotted_addr/out @@ -0,0 +1,2 @@ +192.168.0.2 +1234::1 diff --git a/testing/btest/Baseline/bifs.parse_ftp/out b/testing/btest/Baseline/bifs.parse_ftp/out new file mode 100644 index 0000000000..c080d56bdf --- /dev/null +++ b/testing/btest/Baseline/bifs.parse_ftp/out @@ -0,0 +1,5 @@ +[h=192.168.0.2, p=257/tcp, valid=T] +[h=192.168.0.2, p=257/tcp, valid=T] +[h=fe80::12, p=1234/tcp, valid=T] +[h=192.168.0.2, p=257/tcp, valid=T] +[h=::, p=1234/tcp, valid=T] diff --git a/testing/btest/Baseline/bifs.raw_bytes_to_v4_addr/out b/testing/btest/Baseline/bifs.raw_bytes_to_v4_addr/out new file mode 100644 index 0000000000..e0424e0e07 --- /dev/null +++ b/testing/btest/Baseline/bifs.raw_bytes_to_v4_addr/out @@ -0,0 +1,2 @@ +65.66.67.68 +0.0.0.0 diff --git a/testing/btest/Baseline/bifs.string_to_pattern/out b/testing/btest/Baseline/bifs.string_to_pattern/out new file mode 100644 index 0000000000..2492fbade2 --- /dev/null +++ b/testing/btest/Baseline/bifs.string_to_pattern/out @@ -0,0 +1,6 @@ +/^?(foo)$?/ +/^?()$?/ +/^?(b[a-z]+)$?/ +/^?(foo)$?/ +/^?()$?/ +/^?(b\[a\-z\]\+)$?/ diff --git a/testing/btest/bifs/bytestring_to_hexstr.bro b/testing/btest/bifs/bytestring_to_hexstr.bro new file mode 100644 index 0000000000..976a4ccf71 --- /dev/null +++ b/testing/btest/bifs/bytestring_to_hexstr.bro @@ -0,0 +1,10 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print bytestring_to_hexstr("04"); + print bytestring_to_hexstr(""); + print bytestring_to_hexstr("\0"); + } diff --git a/testing/btest/bifs/convert_for_pattern.bro b/testing/btest/bifs/convert_for_pattern.bro new file mode 100644 index 0000000000..11533cd49b --- /dev/null +++ b/testing/btest/bifs/convert_for_pattern.bro @@ -0,0 +1,10 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print convert_for_pattern("foo"); + print convert_for_pattern(""); + print convert_for_pattern("b[a-z]+"); + } diff --git a/testing/btest/bifs/file_mode.bro b/testing/btest/bifs/file_mode.bro new file mode 100644 index 0000000000..c63a2fa188 --- /dev/null +++ b/testing/btest/bifs/file_mode.bro @@ -0,0 +1,36 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 420; # octal: 0644 + print file_mode(a); + + a = 511; # octal: 0777 + print file_mode(a); + + a = 1023; # octal: 01777 + print file_mode(a); + + a = 1000; # octal: 01750 + print file_mode(a); + + a = 2541; # octal: 04755 + print file_mode(a); + + a = 2304; # octal: 04400 + print file_mode(a); + + a = 1517; # octal: 02755 + print file_mode(a); + + a = 1312; # octal: 02440 + print file_mode(a); + + a = 111; # octal: 0157 + print file_mode(a); + + a = 0; + print file_mode(a); + } diff --git a/testing/btest/bifs/is_port.bro b/testing/btest/bifs/is_port.bro new file mode 100644 index 0000000000..fe2c3f7c35 --- /dev/null +++ b/testing/btest/bifs/is_port.bro @@ -0,0 +1,22 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 123/tcp; + local b = 123/udp; + local c = 123/icmp; + + print is_tcp_port(a); + print is_tcp_port(b); + print is_tcp_port(c); + + print is_udp_port(a); + print is_udp_port(b); + print is_udp_port(c); + + print is_icmp_port(a); + print is_icmp_port(b); + print is_icmp_port(c); + } diff --git a/testing/btest/bifs/merge_pattern.bro b/testing/btest/bifs/merge_pattern.bro new file mode 100644 index 0000000000..b447f9a15b --- /dev/null +++ b/testing/btest/bifs/merge_pattern.bro @@ -0,0 +1,17 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = /foo/; + local b = /b[a-z]+/; + local c = merge_pattern(a, b); + + if ( "bar" == c ) + print "match"; + + if ( "foo" == c ) + print "match"; + + } diff --git a/testing/btest/bifs/parse_dotted_addr.bro b/testing/btest/bifs/parse_dotted_addr.bro new file mode 100644 index 0000000000..6fdba26452 --- /dev/null +++ b/testing/btest/bifs/parse_dotted_addr.bro @@ -0,0 +1,9 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print parse_dotted_addr("192.168.0.2"); + print parse_dotted_addr("1234::1"); + } diff --git a/testing/btest/bifs/parse_ftp.bro b/testing/btest/bifs/parse_ftp.bro new file mode 100644 index 0000000000..ffdc941b4b --- /dev/null +++ b/testing/btest/bifs/parse_ftp.bro @@ -0,0 +1,15 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print parse_ftp_port("192,168,0,2,1,1"); + + print parse_eftp_port("|1|192.168.0.2|257|"); + print parse_eftp_port("|2|fe80::12|1234|"); + + print parse_ftp_pasv("227 Entering Passive Mode (192,168,0,2,1,1)"); + + print parse_ftp_epsv("229 Entering Extended Passive Mode (|||1234|)"); + } diff --git a/testing/btest/bifs/raw_bytes_to_v4_addr.bro b/testing/btest/bifs/raw_bytes_to_v4_addr.bro new file mode 100644 index 0000000000..754580a5b0 --- /dev/null +++ b/testing/btest/bifs/raw_bytes_to_v4_addr.bro @@ -0,0 +1,9 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print raw_bytes_to_v4_addr("ABCD"); + print raw_bytes_to_v4_addr("ABC"); + } diff --git a/testing/btest/bifs/string_to_pattern.bro b/testing/btest/bifs/string_to_pattern.bro new file mode 100644 index 0000000000..5164c4576f --- /dev/null +++ b/testing/btest/bifs/string_to_pattern.bro @@ -0,0 +1,14 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + print string_to_pattern("foo", F); + print string_to_pattern("", F); + print string_to_pattern("b[a-z]+", F); + + print string_to_pattern("foo", T); + print string_to_pattern("", T); + print string_to_pattern("b[a-z]+", T); + } From 6869e1aadc9f9f16a1a8f1b938f53c921a5131bc Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 30 May 2012 16:30:50 -0500 Subject: [PATCH 05/19] Add more tests for previously-untested BIFs --- testing/btest/Baseline/bifs.create_file/out | 15 +++++ .../btest/Baseline/bifs.create_file/testfile | 2 + .../btest/Baseline/bifs.create_file/testfile2 | 1 + testing/btest/Baseline/bifs.find_entropy/out | 2 + testing/btest/Baseline/bifs.fmt_ftp_port/out | 2 + .../bifs.get_port_transport_proto/out | 3 + testing/btest/Baseline/bifs.global_ids/out | 1 + testing/btest/Baseline/bifs.is_ascii/out | 2 + testing/btest/Baseline/bifs.rotate_file/out | 3 + .../Baseline/bifs.rotate_file_by_name/out | 3 + testing/btest/Baseline/bifs.same_object/out | 3 + .../btest/Baseline/bifs.uuid_to_string/out | 2 + testing/btest/bifs/create_file.bro | 65 +++++++++++++++++++ testing/btest/bifs/find_entropy.bro | 13 ++++ testing/btest/bifs/fmt_ftp_port.bro | 13 ++++ .../btest/bifs/get_port_transport_proto.bro | 13 ++++ testing/btest/bifs/global_ids.bro | 16 +++++ testing/btest/bifs/is_ascii.bro | 12 ++++ testing/btest/bifs/rotate_file.bro | 15 +++++ testing/btest/bifs/rotate_file_by_name.bro | 16 +++++ testing/btest/bifs/same_object.bro | 16 +++++ testing/btest/bifs/uuid_to_string.bro | 10 +++ 22 files changed, 228 insertions(+) create mode 100644 testing/btest/Baseline/bifs.create_file/out create mode 100644 testing/btest/Baseline/bifs.create_file/testfile create mode 100644 testing/btest/Baseline/bifs.create_file/testfile2 create mode 100644 testing/btest/Baseline/bifs.find_entropy/out create mode 100644 testing/btest/Baseline/bifs.fmt_ftp_port/out create mode 100644 testing/btest/Baseline/bifs.get_port_transport_proto/out create mode 100644 testing/btest/Baseline/bifs.global_ids/out create mode 100644 testing/btest/Baseline/bifs.is_ascii/out create mode 100644 testing/btest/Baseline/bifs.rotate_file/out create mode 100644 testing/btest/Baseline/bifs.rotate_file_by_name/out create mode 100644 testing/btest/Baseline/bifs.same_object/out create mode 100644 testing/btest/Baseline/bifs.uuid_to_string/out create mode 100644 testing/btest/bifs/create_file.bro create mode 100644 testing/btest/bifs/find_entropy.bro create mode 100644 testing/btest/bifs/fmt_ftp_port.bro create mode 100644 testing/btest/bifs/get_port_transport_proto.bro create mode 100644 testing/btest/bifs/global_ids.bro create mode 100644 testing/btest/bifs/is_ascii.bro create mode 100644 testing/btest/bifs/rotate_file.bro create mode 100644 testing/btest/bifs/rotate_file_by_name.bro create mode 100644 testing/btest/bifs/same_object.bro create mode 100644 testing/btest/bifs/uuid_to_string.bro diff --git a/testing/btest/Baseline/bifs.create_file/out b/testing/btest/Baseline/bifs.create_file/out new file mode 100644 index 0000000000..330268ec59 --- /dev/null +++ b/testing/btest/Baseline/bifs.create_file/out @@ -0,0 +1,15 @@ +T +testfile +F +15.0 +T +F +28.0 +-1.0 +15.0 +0.0 +T +15.0 +T +testdir/testfile4 +F diff --git a/testing/btest/Baseline/bifs.create_file/testfile b/testing/btest/Baseline/bifs.create_file/testfile new file mode 100644 index 0000000000..a29421755d --- /dev/null +++ b/testing/btest/Baseline/bifs.create_file/testfile @@ -0,0 +1,2 @@ +This is a test +another test diff --git a/testing/btest/Baseline/bifs.create_file/testfile2 b/testing/btest/Baseline/bifs.create_file/testfile2 new file mode 100644 index 0000000000..eee417f1b9 --- /dev/null +++ b/testing/btest/Baseline/bifs.create_file/testfile2 @@ -0,0 +1 @@ +new text diff --git a/testing/btest/Baseline/bifs.find_entropy/out b/testing/btest/Baseline/bifs.find_entropy/out new file mode 100644 index 0000000000..08a09de4e4 --- /dev/null +++ b/testing/btest/Baseline/bifs.find_entropy/out @@ -0,0 +1,2 @@ +[entropy=4.715374, chi_square=591.981818, mean=75.472727, monte_carlo_pi=4.0, serial_correlation=-0.11027] +[entropy=2.083189, chi_square=3906.018182, mean=69.054545, monte_carlo_pi=4.0, serial_correlation=0.849402] diff --git a/testing/btest/Baseline/bifs.fmt_ftp_port/out b/testing/btest/Baseline/bifs.fmt_ftp_port/out new file mode 100644 index 0000000000..124878dd48 --- /dev/null +++ b/testing/btest/Baseline/bifs.fmt_ftp_port/out @@ -0,0 +1,2 @@ +192,168,0,2,1,1 + diff --git a/testing/btest/Baseline/bifs.get_port_transport_proto/out b/testing/btest/Baseline/bifs.get_port_transport_proto/out new file mode 100644 index 0000000000..dceddbc0f3 --- /dev/null +++ b/testing/btest/Baseline/bifs.get_port_transport_proto/out @@ -0,0 +1,3 @@ +tcp +udp +icmp diff --git a/testing/btest/Baseline/bifs.global_ids/out b/testing/btest/Baseline/bifs.global_ids/out new file mode 100644 index 0000000000..415b9ac63d --- /dev/null +++ b/testing/btest/Baseline/bifs.global_ids/out @@ -0,0 +1 @@ +func diff --git a/testing/btest/Baseline/bifs.is_ascii/out b/testing/btest/Baseline/bifs.is_ascii/out new file mode 100644 index 0000000000..82d2bc093e --- /dev/null +++ b/testing/btest/Baseline/bifs.is_ascii/out @@ -0,0 +1,2 @@ +F +T diff --git a/testing/btest/Baseline/bifs.rotate_file/out b/testing/btest/Baseline/bifs.rotate_file/out new file mode 100644 index 0000000000..1e833bbae4 --- /dev/null +++ b/testing/btest/Baseline/bifs.rotate_file/out @@ -0,0 +1,3 @@ +file rotated +15.0 +0.0 diff --git a/testing/btest/Baseline/bifs.rotate_file_by_name/out b/testing/btest/Baseline/bifs.rotate_file_by_name/out new file mode 100644 index 0000000000..1e833bbae4 --- /dev/null +++ b/testing/btest/Baseline/bifs.rotate_file_by_name/out @@ -0,0 +1,3 @@ +file rotated +15.0 +0.0 diff --git a/testing/btest/Baseline/bifs.same_object/out b/testing/btest/Baseline/bifs.same_object/out new file mode 100644 index 0000000000..3ea3c39b0d --- /dev/null +++ b/testing/btest/Baseline/bifs.same_object/out @@ -0,0 +1,3 @@ +T +F +F diff --git a/testing/btest/Baseline/bifs.uuid_to_string/out b/testing/btest/Baseline/bifs.uuid_to_string/out new file mode 100644 index 0000000000..8ea4f86dae --- /dev/null +++ b/testing/btest/Baseline/bifs.uuid_to_string/out @@ -0,0 +1,2 @@ +626180fe-6463-6665-6730-313233343536 + diff --git a/testing/btest/bifs/create_file.bro b/testing/btest/bifs/create_file.bro new file mode 100644 index 0000000000..8f3d6cfdcd --- /dev/null +++ b/testing/btest/bifs/create_file.bro @@ -0,0 +1,65 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out +# @TEST-EXEC: btest-diff testfile +# @TEST-EXEC: btest-diff testfile2 +# @TEST-EXEC: test -f testdir/testfile4 + +event bro_init() + { + # Test that creating a file works as expected + local a = open("testfile"); + print active_file(a); + print get_file_name(a); + write_file(a, "This is a test\n"); + close(a); + + print active_file(a); + print file_size("testfile"); + + # Test that "open_for_append" doesn't overwrite an existing file + a = open_for_append("testfile"); + print active_file(a); + write_file(a, "another test\n"); + close(a); + + print active_file(a); + print file_size("testfile"); + + # This should fail + print file_size("doesnotexist"); + + # Test that "open" overwrites existing file + a = open("testfile2"); + write_file(a, "this will be overwritten\n"); + close(a); + a = open("testfile2"); + write_file(a, "new text\n"); + close(a); + + # Test that set_buf and flush_all work correctly + a = open("testfile3"); + set_buf(a, F); + write_file(a, "This is a test\n"); + print file_size("testfile3"); + close(a); + a = open("testfile3"); + set_buf(a, T); + write_file(a, "This is a test\n"); + print file_size("testfile3"); + print flush_all(); + print file_size("testfile3"); + close(a); + + # Create a new directory + print mkdir("testdir"); + + # Create a file in the new directory + a = open("testdir/testfile4"); + print get_file_name(a); + write_file(a, "This is a test\n"); + close(a); + + # This should fail + print mkdir("/thisdoesnotexist/dir"); + } diff --git a/testing/btest/bifs/find_entropy.bro b/testing/btest/bifs/find_entropy.bro new file mode 100644 index 0000000000..24f1c0ed84 --- /dev/null +++ b/testing/btest/bifs/find_entropy.bro @@ -0,0 +1,13 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "dh3Hie02uh^s#Sdf9L3frd243h$d78r2G4cM6*Q05d(7rh46f!0|4-f"; + local b = "0011000aaabbbbcccc000011111000000000aaaabbbbcccc0000000"; + + print find_entropy(a); + + print find_entropy(b); + } diff --git a/testing/btest/bifs/fmt_ftp_port.bro b/testing/btest/bifs/fmt_ftp_port.bro new file mode 100644 index 0000000000..09ec5369e2 --- /dev/null +++ b/testing/btest/bifs/fmt_ftp_port.bro @@ -0,0 +1,13 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 192.168.0.2; + local b = 257/tcp; + print fmt_ftp_port(a, b); + + a = [fe80::1234]; + print fmt_ftp_port(a, b); + } diff --git a/testing/btest/bifs/get_port_transport_proto.bro b/testing/btest/bifs/get_port_transport_proto.bro new file mode 100644 index 0000000000..c9b5e626ec --- /dev/null +++ b/testing/btest/bifs/get_port_transport_proto.bro @@ -0,0 +1,13 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = 123/tcp; + local b = 123/udp; + local c = 123/icmp; + print get_port_transport_proto(a); + print get_port_transport_proto(b); + print get_port_transport_proto(c); + } diff --git a/testing/btest/bifs/global_ids.bro b/testing/btest/bifs/global_ids.bro new file mode 100644 index 0000000000..65f8944ed4 --- /dev/null +++ b/testing/btest/bifs/global_ids.bro @@ -0,0 +1,16 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = global_ids(); + for ( i in a ) + { + # the table is quite large, so just print one item we expect + if ( i == "bro_init" ) + print a[i]$type_name; + + } + + } diff --git a/testing/btest/bifs/is_ascii.bro b/testing/btest/bifs/is_ascii.bro new file mode 100644 index 0000000000..4d1daf96b4 --- /dev/null +++ b/testing/btest/bifs/is_ascii.bro @@ -0,0 +1,12 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "this is a test\xfe"; + local b = "this is a test\x7f"; + + print is_ascii(a); + print is_ascii(b); + } diff --git a/testing/btest/bifs/rotate_file.bro b/testing/btest/bifs/rotate_file.bro new file mode 100644 index 0000000000..7132b0aaa8 --- /dev/null +++ b/testing/btest/bifs/rotate_file.bro @@ -0,0 +1,15 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = open("testfile"); + write_file(a, "this is a test\n"); + + local b = rotate_file(a); + if ( b$new_name != "testfile" ) + print "file rotated"; + print file_size(b$new_name); + print file_size("testfile"); + } diff --git a/testing/btest/bifs/rotate_file_by_name.bro b/testing/btest/bifs/rotate_file_by_name.bro new file mode 100644 index 0000000000..952b09aff3 --- /dev/null +++ b/testing/btest/bifs/rotate_file_by_name.bro @@ -0,0 +1,16 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = open("testfile"); + write_file(a, "this is a test\n"); + close(a); + + local b = rotate_file_by_name("testfile"); + if ( b$new_name != "testfile" ) + print "file rotated"; + print file_size(b$new_name); + print file_size("testfile"); + } diff --git a/testing/btest/bifs/same_object.bro b/testing/btest/bifs/same_object.bro new file mode 100644 index 0000000000..eee8b1621d --- /dev/null +++ b/testing/btest/bifs/same_object.bro @@ -0,0 +1,16 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "This is a test"; + local b: string; + local c = "This is a test"; + b = a; + print same_object(a, b); + print same_object(a, c); + + local d = vector(1, 2, 3); + print same_object(a, d); + } diff --git a/testing/btest/bifs/uuid_to_string.bro b/testing/btest/bifs/uuid_to_string.bro new file mode 100644 index 0000000000..a64e81d783 --- /dev/null +++ b/testing/btest/bifs/uuid_to_string.bro @@ -0,0 +1,10 @@ +# +# @TEST-EXEC: bro %INPUT >out +# @TEST-EXEC: btest-diff out + +event bro_init() + { + local a = "\xfe\x80abcdefg0123456"; + print uuid_to_string(a); + print uuid_to_string(""); + } From 17155a103ddbcfeb05a272e7e44717d4baa56dd6 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 30 May 2012 16:50:43 -0500 Subject: [PATCH 06/19] Fix the join_string_vec BIF and add more tests --- src/strings.bif | 2 +- testing/btest/Baseline/bifs.join_string/out | 5 +++++ testing/btest/bifs/join_string.bro | 11 +++++++++-- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/src/strings.bif b/src/strings.bif index 27c11b4013..5b04ec41cb 100644 --- a/src/strings.bif +++ b/src/strings.bif @@ -175,7 +175,7 @@ function join_string_vec%(vec: string_vec, sep: string%): string if ( i > 0 ) d.Add(sep->CheckString(), 0); - v->Lookup(i+1)->Describe(&d); + v->Lookup(i)->Describe(&d); } BroString* s = new BroString(1, d.TakeBytes(), d.Len()); diff --git a/testing/btest/Baseline/bifs.join_string/out b/testing/btest/Baseline/bifs.join_string/out index 830c2dace5..f1640a57ee 100644 --- a/testing/btest/Baseline/bifs.join_string/out +++ b/testing/btest/Baseline/bifs.join_string/out @@ -1 +1,6 @@ this * is * a * test +thisisatest +mytest +this__is__another__test +thisisanothertest +Test diff --git a/testing/btest/bifs/join_string.bro b/testing/btest/bifs/join_string.bro index df5f83449b..16222d6303 100644 --- a/testing/btest/bifs/join_string.bro +++ b/testing/btest/bifs/join_string.bro @@ -7,8 +7,15 @@ event bro_init() local a: string_array = { [1] = "this", [2] = "is", [3] = "a", [4] = "test" }; - local b: string_vec = vector( "this", "is", "another", "test" ); + local b: string_array = { [1] = "mytest" }; + local c: string_vec = vector( "this", "is", "another", "test" ); + local d: string_vec = vector( "Test" ); print join_string_array(" * ", a); - print join_string_vec(b, "__"); + print join_string_array("", a); + print join_string_array("x", b); + + print join_string_vec(c, "__"); + print join_string_vec(c, ""); + print join_string_vec(d, "-"); } From 5f16a29aea24f54b9c10ff4f0f0cf143a682d184 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Thu, 31 May 2012 12:49:59 -0500 Subject: [PATCH 07/19] Improve tests for sort, order, and system_env BIFs --- testing/btest/Baseline/bifs.order/out | 2 ++ testing/btest/Baseline/bifs.sort/out | 4 ++-- testing/btest/Baseline/bifs.system_env/out | 1 - testing/btest/Baseline/bifs.system_env/testfile | 1 + testing/btest/bifs/order.bro | 13 ++++++------- testing/btest/bifs/sort.bro | 13 ++++++------- testing/btest/bifs/system_env.bro | 6 ++++-- 7 files changed, 21 insertions(+), 19 deletions(-) create mode 100644 testing/btest/Baseline/bifs.order/out delete mode 100644 testing/btest/Baseline/bifs.system_env/out create mode 100644 testing/btest/Baseline/bifs.system_env/testfile diff --git a/testing/btest/Baseline/bifs.order/out b/testing/btest/Baseline/bifs.order/out new file mode 100644 index 0000000000..65e5adb492 --- /dev/null +++ b/testing/btest/Baseline/bifs.order/out @@ -0,0 +1,2 @@ +[1, 3, 0, 2] +[5.0 hrs, 1.0 sec, 7.0 mins] diff --git a/testing/btest/Baseline/bifs.sort/out b/testing/btest/Baseline/bifs.sort/out index 21d24208fb..de4baf1254 100644 --- a/testing/btest/Baseline/bifs.sort/out +++ b/testing/btest/Baseline/bifs.sort/out @@ -1,2 +1,2 @@ -[5, 3, 8] -[3, 5, 8] +[2, 3, 5, 8] +[5.0 hrs, 1.0 sec, 7.0 mins] diff --git a/testing/btest/Baseline/bifs.system_env/out b/testing/btest/Baseline/bifs.system_env/out deleted file mode 100644 index 31e0fce560..0000000000 --- a/testing/btest/Baseline/bifs.system_env/out +++ /dev/null @@ -1 +0,0 @@ -helloworld diff --git a/testing/btest/Baseline/bifs.system_env/testfile b/testing/btest/Baseline/bifs.system_env/testfile new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/testing/btest/Baseline/bifs.system_env/testfile @@ -0,0 +1 @@ + diff --git a/testing/btest/bifs/order.bro b/testing/btest/bifs/order.bro index 176e733cfe..a39a64e6a3 100644 --- a/testing/btest/bifs/order.bro +++ b/testing/btest/bifs/order.bro @@ -2,17 +2,16 @@ # @TEST-EXEC: bro %INPUT >out # @TEST-EXEC: btest-diff out -function myfunc(a: count, b: count): bool +function myfunc(aa: interval, bb: interval): bool { - return a < b; + return aa < bb; } event bro_init() { - local a = vector( 5, 3, 8 ); - - print order(a, myfunc); - - print a; + local a = vector( 5, 2, 8, 3 ); + print order(a); + local b = vector( 5hr, 1sec, 7min ); + print order(b, myfunc); } diff --git a/testing/btest/bifs/sort.bro b/testing/btest/bifs/sort.bro index 2d6d82129f..162e4a4504 100644 --- a/testing/btest/bifs/sort.bro +++ b/testing/btest/bifs/sort.bro @@ -2,17 +2,16 @@ # @TEST-EXEC: bro %INPUT >out # @TEST-EXEC: btest-diff out -function myfunc(a: count, b: count): bool +function myfunc(aa: interval, bb: interval): bool { - return a < b; + return aa < bb; } event bro_init() { - local a = vector( 5, 3, 8 ); - - print sort(a, myfunc); - - print a; + local a = vector( 5, 2, 8, 3 ); + print sort(a); + local b = vector( 5hr, 1sec, 7min ); + print sort(b, myfunc); } diff --git a/testing/btest/bifs/system_env.bro b/testing/btest/bifs/system_env.bro index d8e54a8709..26e40b883f 100644 --- a/testing/btest/bifs/system_env.bro +++ b/testing/btest/bifs/system_env.bro @@ -1,6 +1,6 @@ # # @TEST-EXEC: bro %INPUT -# @TEST-EXEC: btest-diff out +# @TEST-EXEC: btest-diff testfile event bro_init() { @@ -11,10 +11,12 @@ event bro_init() if ( |myvar| != 0 ) exit(1); - local a = system_env("echo $TESTBRO > out", vars); + # check if command runs with the env. variable defined + local a = system_env("echo $TESTBRO > testfile", vars); if ( a != 0 ) exit(1); + # make sure the env. variable is still not set myvar = getenv("TESTBRO"); if ( |myvar| != 0 ) exit(1); From 2c62b98b5bbf2621abfd85cfdc02c3b5a2ef193f Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Thu, 31 May 2012 15:19:11 -0500 Subject: [PATCH 08/19] Improve tests for to_port and type_name BIFs --- testing/btest/Baseline/bifs.to_port/out | 1 + testing/btest/Baseline/bifs.type_name/out | 6 +++ testing/btest/bifs/to_port.bro | 1 + testing/btest/bifs/type_name.bro | 48 ++++++++++++++--------- 4 files changed, 37 insertions(+), 19 deletions(-) diff --git a/testing/btest/Baseline/bifs.to_port/out b/testing/btest/Baseline/bifs.to_port/out index fb8a536abb..79796d605e 100644 --- a/testing/btest/Baseline/bifs.to_port/out +++ b/testing/btest/Baseline/bifs.to_port/out @@ -1,6 +1,7 @@ 123/tcp 123/udp 123/icmp +0/unknown 256/tcp 256/udp 256/icmp diff --git a/testing/btest/Baseline/bifs.type_name/out b/testing/btest/Baseline/bifs.type_name/out index 610ee304fd..2c5cb408f9 100644 --- a/testing/btest/Baseline/bifs.type_name/out +++ b/testing/btest/Baseline/bifs.type_name/out @@ -1,5 +1,6 @@ string count +int double bool time @@ -18,3 +19,8 @@ set[string] table[count] of string table[string] of count record { c:count; s:string; } +function(aa:int; bb:int;) : bool +function() : any +function() : void +file of string +event() diff --git a/testing/btest/bifs/to_port.bro b/testing/btest/bifs/to_port.bro index 39a0cbed6b..382bf5d333 100644 --- a/testing/btest/bifs/to_port.bro +++ b/testing/btest/bifs/to_port.bro @@ -7,6 +7,7 @@ event bro_init() print to_port("123/tcp"); print to_port("123/udp"); print to_port("123/icmp"); + print to_port("not a port"); local a: transport_proto = tcp; local b: transport_proto = udp; diff --git a/testing/btest/bifs/type_name.bro b/testing/btest/bifs/type_name.bro index a8c51ef69d..531962e3f5 100644 --- a/testing/btest/bifs/type_name.bro +++ b/testing/btest/bifs/type_name.bro @@ -13,24 +13,29 @@ event bro_init() { local a = "foo"; local b = 3; - local c = 3.14; - local d = T; - local e = current_time(); - local f = 5hr; - local g = /^foo|bar/; - local h = Blue; - local i = 123/tcp; - local j = 192.168.0.2; - local k = [fe80::1]; - local l = 192.168.0.0/16; - local m = [fe80:1234::]/32; - local n = vector( 1, 2, 3); - local o = vector( "bro", "test"); - local p = set( 1, 2, 3); - local q = set( "this", "test"); - local r: table[count] of string = { [1] = "test", [2] = "bro" }; - local s: table[string] of count = { ["a"] = 5, ["b"] = 3 }; - local t: myrecord = [ $c = 2, $s = "another test" ]; + local c = -3; + local d = 3.14; + local e = T; + local f = current_time(); + local g = 5hr; + local h = /^foo|bar/; + local i = Blue; + local j = 123/tcp; + local k = 192.168.0.2; + local l = [fe80::1]; + local m = 192.168.0.0/16; + local n = [fe80:1234::]/32; + local o = vector( 1, 2, 3); + local p: vector of string = vector( "bro", "test" ); + local q = set( 1, 2, 3); + local r = set( "this", "test"); + local s: table[count] of string = { [1] = "test", [2] = "bro" }; + local t: table[string] of count = { ["a"] = 5, ["b"] = 3 }; + local u: myrecord = [ $c = 2, $s = "another test" ]; + local v = function(aa: int, bb: int): bool { return aa < bb; }; + local w = function(): any { }; + local x = function() { }; + local y = open("deleteme"); print type_name(a); print type_name(b); @@ -52,5 +57,10 @@ event bro_init() print type_name(r); print type_name(s); print type_name(t); - + print type_name(u); + print type_name(v); + print type_name(w); + print type_name(x); + print type_name(y); + print type_name(bro_init); } From 3b2ac75e913b9db75c2308c4f00f1b784df43091 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Fri, 1 Jun 2012 12:36:30 -0500 Subject: [PATCH 09/19] Deprecate the parse_dotted_addr BIF (use to_addr instead) --- src/bro.bif | 27 +++++++------------ .../btest/Baseline/bifs.parse_dotted_addr/out | 2 -- testing/btest/bifs/parse_dotted_addr.bro | 9 ------- 3 files changed, 10 insertions(+), 28 deletions(-) delete mode 100644 testing/btest/Baseline/bifs.parse_dotted_addr/out delete mode 100644 testing/btest/bifs/parse_dotted_addr.bro diff --git a/src/bro.bif b/src/bro.bif index e1521adee8..6a79a1ac9d 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -2670,7 +2670,7 @@ function to_port%(s: string%): port ## ## Returns: The IP address corresponding to *s*. ## -## .. bro:see:: addr_to_ptr_name parse_dotted_addr +## .. bro:see:: addr_to_ptr_name to_addr function ptr_name_to_addr%(s: string%): addr %{ if ( s->Len() != 72 ) @@ -2734,27 +2734,12 @@ function ptr_name_to_addr%(s: string%): addr ## ## Returns: The reverse pointer representation of *a*. ## -## .. bro:see:: ptr_name_to_addr parse_dotted_addr +## .. bro:see:: ptr_name_to_addr to_addr function addr_to_ptr_name%(a: addr%): string %{ return new StringVal(a->AsAddr().PtrName().c_str()); %} -# Transforms n0.n1.n2.n3 -> addr. - -## Converts a decimal dotted IP address in a :bro:type:`string` to an -## :bro:type:`addr` type. -## -## s: The IP address in the form ``n0.n1.n2.n3``. -## -## Returns: The IP address as type :bro:type:`addr`. -## -## .. bro:see:: addr_to_ptr_name parse_dotted_addr -function parse_dotted_addr%(s: string%): addr - %{ - IPAddr a(s->CheckString()); - return new AddrVal(a); - %} %%{ static Val* parse_port(const char* line) @@ -5659,6 +5644,14 @@ function match_signatures%(c: connection, pattern_type: int, s: string, # # =========================================================================== +## Deprecated. Will be removed. +function parse_dotted_addr%(s: string%): addr + %{ + IPAddr a(s->CheckString()); + return new AddrVal(a); + %} + + %%{ #include "Anon.h" %%} diff --git a/testing/btest/Baseline/bifs.parse_dotted_addr/out b/testing/btest/Baseline/bifs.parse_dotted_addr/out deleted file mode 100644 index 1a09fd45a5..0000000000 --- a/testing/btest/Baseline/bifs.parse_dotted_addr/out +++ /dev/null @@ -1,2 +0,0 @@ -192.168.0.2 -1234::1 diff --git a/testing/btest/bifs/parse_dotted_addr.bro b/testing/btest/bifs/parse_dotted_addr.bro deleted file mode 100644 index 6fdba26452..0000000000 --- a/testing/btest/bifs/parse_dotted_addr.bro +++ /dev/null @@ -1,9 +0,0 @@ -# -# @TEST-EXEC: bro %INPUT >out -# @TEST-EXEC: btest-diff out - -event bro_init() - { - print parse_dotted_addr("192.168.0.2"); - print parse_dotted_addr("1234::1"); - } From 19e3f2ee56d9987ee9996a1ab1936d97aee5b731 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Fri, 1 Jun 2012 13:12:55 -0500 Subject: [PATCH 10/19] Fix documentation for system_env BIF --- src/bro.bif | 9 +++++---- testing/btest/Baseline/bifs.system_env/testfile | 2 +- testing/btest/bifs/system_env.bro | 6 +++--- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/src/bro.bif b/src/bro.bif index 6a79a1ac9d..0b880de379 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -466,17 +466,18 @@ function system%(str: string%): int ## ## str: The command to execute. ## -## env: A :bro:type:`set` or :bro:type:`table` with the environment variables -## in the form of key-value pairs (where the value is optional). +## env: A :bro:type:`table` with the environment variables in the form +## of key-value pairs. Each specified environment variable name +## will be automatically prepended with ``BRO_ARG_``. ## ## Returns: The return value from the OS ``system`` function. ## ## .. bro:see:: system str_shell_escape piped_exec -function system_env%(str: string, env: any%): int +function system_env%(str: string, env: table_string_of_string%): int %{ if ( env->Type()->Tag() != TYPE_TABLE ) { - builtin_error("system_env() requires a table/set argument"); + builtin_error("system_env() requires a table argument"); return new Val(-1, TYPE_INT); } diff --git a/testing/btest/Baseline/bifs.system_env/testfile b/testing/btest/Baseline/bifs.system_env/testfile index 8b13789179..31e0fce560 100644 --- a/testing/btest/Baseline/bifs.system_env/testfile +++ b/testing/btest/Baseline/bifs.system_env/testfile @@ -1 +1 @@ - +helloworld diff --git a/testing/btest/bifs/system_env.bro b/testing/btest/bifs/system_env.bro index 26e40b883f..23928e9b10 100644 --- a/testing/btest/bifs/system_env.bro +++ b/testing/btest/bifs/system_env.bro @@ -7,17 +7,17 @@ event bro_init() local vars: table[string] of string = { ["TESTBRO"] = "helloworld" }; # make sure the env. variable is not set - local myvar = getenv("TESTBRO"); + local myvar = getenv("BRO_ARG_TESTBRO"); if ( |myvar| != 0 ) exit(1); # check if command runs with the env. variable defined - local a = system_env("echo $TESTBRO > testfile", vars); + local a = system_env("echo $BRO_ARG_TESTBRO > testfile", vars); if ( a != 0 ) exit(1); # make sure the env. variable is still not set - myvar = getenv("TESTBRO"); + myvar = getenv("BRO_ARG_TESTBRO"); if ( |myvar| != 0 ) exit(1); } From dd4dd0ca6ea0adf94a9cbc87de6e322c34365508 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Fri, 1 Jun 2012 14:10:23 -0500 Subject: [PATCH 11/19] Add @load-sigs directive for loading signature files (addresses #551). --- doc/signatures.rst | 19 ++++++++++------- scripts/base/frameworks/dpd/main.bro | 3 +-- scripts/base/init-bare.bro | 4 +++- scripts/base/protocols/http/file-ident.bro | 3 ++- .../policy/protocols/http/detect-webapps.bro | 3 ++- scripts/site/local.bro | 2 +- src/Net.cc | 1 + src/Net.h | 1 + src/main.cc | 4 ++++ src/scan.l | 16 ++++++++++++++ testing/btest/Baseline/core.load-sigs/output | 3 +++ testing/btest/core/load-sigs.bro | 21 +++++++++++++++++++ 12 files changed, 67 insertions(+), 13 deletions(-) create mode 100644 testing/btest/Baseline/core.load-sigs/output create mode 100644 testing/btest/core/load-sigs.bro diff --git a/doc/signatures.rst b/doc/signatures.rst index 7a1b164dbb..f65215eceb 100644 --- a/doc/signatures.rst +++ b/doc/signatures.rst @@ -51,13 +51,18 @@ This script contains a default event handler that raises :bro:enum:`Signatures::Sensitive_Signature` :doc:`Notices ` (as well as others; see the beginning of the script). -As signatures are independent of Bro's policy scripts, they are put -into their own file(s). There are two ways to specify which files -contain signatures: By using the ``-s`` flag when you invoke Bro, or -by extending the Bro variable :bro:id:`signature_files` using the ``+=`` -operator. If a signature file is given without a path, it is searched -along the normal ``BROPATH``. The default extension of the file name -is ``.sig``, and Bro appends that automatically when necessary. +As signatures are independent of Bro's policy scripts, they are put into +their own file(s). There are three ways to specify which files contain +signatures: By using the ``-s`` flag when you invoke Bro, or by +extending the Bro variable :bro:id:`signature_files` using the ``+=`` +operator, or by using the ``@load-sigs`` directive inside a Bro script. +If a signature file is given without a full path, it is searched for +along the normal ``BROPATH``. Additionally, the ``@load-sigs`` +directive can be used to load signature files in a path relative to the +Bro script in which it's placed, e.g. ``@load-sigs ./mysigs.sig`` will +expect that signature file in the same directory as the Bro script. The +default extension of the file name is ``.sig``, and Bro appends that +automatically when necessary. Signature language ================== diff --git a/scripts/base/frameworks/dpd/main.bro b/scripts/base/frameworks/dpd/main.bro index 9eb0b467f8..a5349b6cfb 100644 --- a/scripts/base/frameworks/dpd/main.bro +++ b/scripts/base/frameworks/dpd/main.bro @@ -3,8 +3,7 @@ module DPD; -## Add the DPD signatures to the signature framework. -redef signature_files += "base/frameworks/dpd/dpd.sig"; +@load-sigs ./dpd.sig export { ## Add the DPD logging stream identifier. diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro index da2b742725..c35acd525d 100644 --- a/scripts/base/init-bare.bro +++ b/scripts/base/init-bare.bro @@ -615,7 +615,9 @@ function add_signature_file(sold: string, snew: string): string } ## Signature files to read. Use ``redef signature_files += "foo.sig"`` to -## extend. Signature files will be searched relative to ``BROPATH``. +## extend. Signature files added this way will be searched relative to +## ``BROPATH``. Using the ``@load-sigs`` directive instead is preferred +## since that can search paths relative to the current script. global signature_files = "" &add_func = add_signature_file; ## ``p0f`` fingerprint file to use. Will be searched relative to ``BROPATH``. diff --git a/scripts/base/protocols/http/file-ident.bro b/scripts/base/protocols/http/file-ident.bro index f2cb9d19ac..b493f02bf0 100644 --- a/scripts/base/protocols/http/file-ident.bro +++ b/scripts/base/protocols/http/file-ident.bro @@ -6,7 +6,8 @@ @load ./utils # Add the magic number signatures to the core signature set. -redef signature_files += "base/protocols/http/file-ident.sig"; +@load-sigs ./file-ident.sig + # Ignore the signatures used to match files redef Signatures::ignored_ids += /^matchfile-/; diff --git a/scripts/policy/protocols/http/detect-webapps.bro b/scripts/policy/protocols/http/detect-webapps.bro index 796da5c29a..fb805bfd33 100644 --- a/scripts/policy/protocols/http/detect-webapps.bro +++ b/scripts/policy/protocols/http/detect-webapps.bro @@ -4,9 +4,10 @@ @load base/frameworks/software @load base/protocols/http +@load-sigs ./detect-webapps.sig + module HTTP; -redef signature_files += "protocols/http/detect-webapps.sig"; # Ignore the signatures used to match webapps redef Signatures::ignored_ids += /^webapp-/; diff --git a/scripts/site/local.bro b/scripts/site/local.bro index 9681f7a75c..db1a786839 100644 --- a/scripts/site/local.bro +++ b/scripts/site/local.bro @@ -25,7 +25,7 @@ redef Software::vulnerable_versions += { @load frameworks/software/version-changes # This adds signatures to detect cleartext forward and reverse windows shells. -redef signature_files += "frameworks/signatures/detect-windows-shells.sig"; +@load-sigs frameworks/signatures/detect-windows-shells # Uncomment the following line to begin receiving (by default hourly) emails # containing all of your notices. diff --git a/src/Net.cc b/src/Net.cc index 5bfae2275b..328998b011 100644 --- a/src/Net.cc +++ b/src/Net.cc @@ -69,6 +69,7 @@ PktSrc* current_pktsrc = 0; IOSource* current_iosrc; std::list files_scanned; +std::vector sig_files; RETSIGTYPE watchdog(int /* signo */) { diff --git a/src/Net.h b/src/Net.h index 9e68cc025b..5b959d1688 100644 --- a/src/Net.h +++ b/src/Net.h @@ -111,5 +111,6 @@ struct ScannedFile { }; extern std::list files_scanned; +extern std::vector sig_files; #endif diff --git a/src/main.cc b/src/main.cc index 9e9c867714..b1d0a4d723 100644 --- a/src/main.cc +++ b/src/main.cc @@ -838,6 +838,10 @@ int main(int argc, char** argv) if ( *s ) rule_files.append(s); + // Append signature files defined in @load-sigs + for ( size_t i = 0; i < sig_files.size(); ++i ) + rule_files.append(copy_string(sig_files[i].c_str())); + if ( rule_files.length() > 0 ) { rule_matcher = new RuleMatcher(RE_level); diff --git a/src/scan.l b/src/scan.l index 30d521c6bd..645ce659cd 100644 --- a/src/scan.l +++ b/src/scan.l @@ -358,6 +358,22 @@ when return TOK_WHEN; (void) load_files(new_file); } +@load-sigs{WS}{FILE} { + const char* new_sig_file = skip_whitespace(yytext + 10); + const char* full_filename = 0; + FILE* f = search_for_file(new_sig_file, "sig", &full_filename, false, 0); + + if ( f ) + { + sig_files.push_back(full_filename); + fclose(f); + delete [] full_filename; + } + else + reporter->Error("failed to find file associated with @load-sigs %s", + new_sig_file); + } + @unload{WS}{FILE} { // Skip "@unload". const char* new_file = skip_whitespace(yytext + 7); diff --git a/testing/btest/Baseline/core.load-sigs/output b/testing/btest/Baseline/core.load-sigs/output new file mode 100644 index 0000000000..2a22b47ad4 --- /dev/null +++ b/testing/btest/Baseline/core.load-sigs/output @@ -0,0 +1,3 @@ +[orig_h=141.142.220.118, orig_p=35642/tcp, resp_h=208.80.152.2, resp_p=80/tcp] +works +GET /images/wikimedia-button.png HTTP/1.1^M^JHost: meta.wikimedia.org^M^JUser-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Geck... diff --git a/testing/btest/core/load-sigs.bro b/testing/btest/core/load-sigs.bro new file mode 100644 index 0000000000..3e08338f2c --- /dev/null +++ b/testing/btest/core/load-sigs.bro @@ -0,0 +1,21 @@ +# A test of signature loading using @load-sigs. + +# @TEST-EXEC: bro -C -r $TRACES/wikipedia.trace %INPUT >output +# @TEST-EXEC: btest-diff output + +@load-sigs ./subdir/mysigs.sig + +event signature_match(state: signature_state, msg: string, data: string) + { + print state$conn$id; + print msg; + print data; + } + +@TEST-START-FILE subdir/mysigs.sig +signature my-sig { +ip-proto == tcp +payload /GET \/images/ +event "works" +} +@TEST-END-FILE From 2eddaffc9020ffd8e692aaf7099ae9afb97cb699 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Fri, 1 Jun 2012 14:24:42 -0500 Subject: [PATCH 12/19] Fix documentation of sort BIF and add more tests --- src/bro.bif | 9 ++-- testing/btest/Baseline/bifs.sort/out | 16 ++++++- testing/btest/bifs/sort.bro | 65 +++++++++++++++++++++++++--- 3 files changed, 80 insertions(+), 10 deletions(-) diff --git a/src/bro.bif b/src/bro.bif index 0b880de379..1ecfbb0e10 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -1423,12 +1423,15 @@ bool indirect_int_sort_function(int a, int b) ## Sorts a vector in place. The second argument is a comparison function that ## takes two arguments: if the vector type is ``vector of T``, then the -## comparison function must be ``function(a: T, b: T): bool``, which returns -## ``a < b`` for some type-specific notion of the less-than operator. +## comparison function must be ``function(a: T, b: T): int``, which returns +## a value less than zero if ``a < b`` for some type-specific notion of the +## less-than operator. The comparison function is optional if the type +## is an integral type (int, count, etc.). ## ## v: The vector instance to sort. ## -## Returns: The original vector. +## Returns: The vector, sorted from minimum to maximum value. If the vector +## could not be sorted, then the original vector is returned instead. ## ## .. bro:see:: order function sort%(v: any, ...%) : any diff --git a/testing/btest/Baseline/bifs.sort/out b/testing/btest/Baseline/bifs.sort/out index de4baf1254..fed75265b9 100644 --- a/testing/btest/Baseline/bifs.sort/out +++ b/testing/btest/Baseline/bifs.sort/out @@ -1,2 +1,16 @@ [2, 3, 5, 8] -[5.0 hrs, 1.0 sec, 7.0 mins] +[2, 3, 5, 8] +[-7.0 mins, 1.0 sec, 5.0 hrs, 2.0 days] +[-7.0 mins, 1.0 sec, 5.0 hrs, 2.0 days] +[F, F, T, T] +[F, F, T, T] +[57/tcp, 123/tcp, 7/udp, 500/udp, 12/icmp] +[57/tcp, 123/tcp, 7/udp, 500/udp, 12/icmp] +[3.03, 3.01, 3.02, 3.015] +[3.03, 3.01, 3.02, 3.015] +[192.168.123.200, 10.0.0.157, 192.168.0.3] +[192.168.123.200, 10.0.0.157, 192.168.0.3] +[10.0.0.157, 192.168.0.3, 192.168.123.200] +[10.0.0.157, 192.168.0.3, 192.168.123.200] +[3.01, 3.015, 3.02, 3.03] +[3.01, 3.015, 3.02, 3.03] diff --git a/testing/btest/bifs/sort.bro b/testing/btest/bifs/sort.bro index 162e4a4504..14aa286021 100644 --- a/testing/btest/bifs/sort.bro +++ b/testing/btest/bifs/sort.bro @@ -2,16 +2,69 @@ # @TEST-EXEC: bro %INPUT >out # @TEST-EXEC: btest-diff out -function myfunc(aa: interval, bb: interval): bool +function myfunc1(a: addr, b: addr): int { - return aa < bb; + local x = addr_to_counts(a); + local y = addr_to_counts(b); + if (x[0] < y[0]) + return -1; + else + return 1; + } + +function myfunc2(a: double, b: double): int + { + if (a < b) + return -1; + else + return 1; } event bro_init() { - local a = vector( 5, 2, 8, 3 ); - print sort(a); + # Tests without supplying a comparison function - local b = vector( 5hr, 1sec, 7min ); - print sort(b, myfunc); + local a1 = vector( 5, 2, 8, 3 ); + local b1 = sort(a1); + print a1; + print b1; + + local a2: vector of interval = vector( 5hr, 2days, 1sec, -7min ); + local b2 = sort(a2); + print a2; + print b2; + + local a3: vector of bool = vector( T, F, F, T ); + local b3 = sort(a3); + print a3; + print b3; + + local a4: vector of port = vector( 12/icmp, 123/tcp, 500/udp, 7/udp, 57/tcp ); + local b4 = sort(a4); + print a4; + print b4; + + # this one is expected to fail (i.e., "sort" doesn't sort the vector) + local a5: vector of double = vector( 3.03, 3.01, 3.02, 3.015 ); + local b5 = sort(a5); + print a5; + print b5; + + # this one is expected to fail (i.e., "sort" doesn't sort the vector) + local a6: vector of addr = vector( 192.168.123.200, 10.0.0.157, 192.168.0.3 ); + local b6 = sort(a6); + print a6; + print b6; + + # Tests with a comparison function + + local c1: vector of addr = vector( 192.168.123.200, 10.0.0.157, 192.168.0.3 ); + local d1 = sort(c1, myfunc1); + print c1; + print d1; + + local c2: vector of double = vector( 3.03, 3.01, 3.02, 3.015 ); + local d2 = sort(c2, myfunc2); + print c2; + print d2; } From 2b0db0187442bddbb7b5ee0262e2d27142103aa1 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Fri, 1 Jun 2012 15:50:49 -0500 Subject: [PATCH 13/19] Improve test cases for "order" BIF Also fixed some comments and error messages in the "order" BIF. --- src/bro.bif | 9 +++--- testing/btest/Baseline/bifs.order/out | 8 ++++- testing/btest/bifs/order.bro | 45 +++++++++++++++++++++++---- 3 files changed, 50 insertions(+), 12 deletions(-) diff --git a/src/bro.bif b/src/bro.bif index 1ecfbb0e10..3df4430746 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -1526,13 +1526,13 @@ function order%(v: any, ...%) : index_vec } if ( ! comp && ! IsIntegral(elt_type->Tag()) ) - builtin_error("comparison function required for sort() with non-integral types"); + builtin_error("comparison function required for order() with non-integral types"); vector& vv = *v->AsVector(); int n = vv.size(); // Set up initial mapping of indices directly to corresponding - // elements. We stay zero-based until after the sorting. + // elements. vector ind_vv(n); index_map = new Val*[n]; int i; @@ -1548,7 +1548,7 @@ function order%(v: any, ...%) : index_vec if ( comp_type->YieldType()->Tag() != TYPE_INT || ! comp_type->ArgTypes()->AllMatch(elt_type, 0) ) { - builtin_error("invalid comparison function in call to sort()"); + builtin_error("invalid comparison function in call to order()"); return v; } @@ -1562,8 +1562,7 @@ function order%(v: any, ...%) : index_vec delete [] index_map; index_map = 0; - // Now spin through ind_vv to read out the rearrangement, - // adjusting indices as we do so. + // Now spin through ind_vv to read out the rearrangement. for ( i = 0; i < n; ++i ) { int ind = ind_vv[i]; diff --git a/testing/btest/Baseline/bifs.order/out b/testing/btest/Baseline/bifs.order/out index 65e5adb492..e77fbd310c 100644 --- a/testing/btest/Baseline/bifs.order/out +++ b/testing/btest/Baseline/bifs.order/out @@ -1,2 +1,8 @@ +[5, 2, 8, 3] [1, 3, 0, 2] -[5.0 hrs, 1.0 sec, 7.0 mins] +[5.0 hrs, 2.0 days, 1.0 sec, -7.0 mins] +[3, 2, 0, 1] +[192.168.123.200, 10.0.0.157, 192.168.0.3] +[1, 2, 0] +[3.03, 3.01, 3.02, 3.015] +[1, 3, 2, 0] diff --git a/testing/btest/bifs/order.bro b/testing/btest/bifs/order.bro index a39a64e6a3..5f3260ee3f 100644 --- a/testing/btest/bifs/order.bro +++ b/testing/btest/bifs/order.bro @@ -2,16 +2,49 @@ # @TEST-EXEC: bro %INPUT >out # @TEST-EXEC: btest-diff out -function myfunc(aa: interval, bb: interval): bool +function myfunc1(a: addr, b: addr): int { - return aa < bb; + local x = addr_to_counts(a); + local y = addr_to_counts(b); + if (x[0] < y[0]) + return -1; + else + return 1; + } + +function myfunc2(a: double, b: double): int + { + if (a < b) + return -1; + else + return 1; } event bro_init() { - local a = vector( 5, 2, 8, 3 ); - print order(a); + # TODO: these results don't make sense + + # Tests without supplying a comparison function - local b = vector( 5hr, 1sec, 7min ); - print order(b, myfunc); + local a1 = vector( 5, 2, 8, 3 ); + local b1 = order(a1); + print a1; + print b1; + + local a2: vector of interval = vector( 5hr, 2days, 1sec, -7min ); + local b2 = order(a2); + print a2; + print b2; + + # Tests with a comparison function + + local c1: vector of addr = vector( 192.168.123.200, 10.0.0.157, 192.168.0.3 ); + local d1 = order(c1, myfunc1); + print c1; + print d1; + + local c2: vector of double = vector( 3.03, 3.01, 3.02, 3.015 ); + local d2 = order(c2, myfunc2); + print c2; + print d2; } From 6292083b743b9dc34086abb3e2e0991c2d292acd Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Fri, 1 Jun 2012 16:23:40 -0500 Subject: [PATCH 14/19] Improve tests of the type_name BIF --- testing/btest/Baseline/bifs.type_name/out | 4 ++-- testing/btest/bifs/type_name.bro | 17 +++++++++++------ 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/testing/btest/Baseline/bifs.type_name/out b/testing/btest/Baseline/bifs.type_name/out index 2c5cb408f9..901dca227d 100644 --- a/testing/btest/Baseline/bifs.type_name/out +++ b/testing/btest/Baseline/bifs.type_name/out @@ -15,9 +15,9 @@ subnet vector vector set[count] -set[string] +set[port,string] table[count] of string -table[string] of count +table[string] of table[addr,port] of string record { c:count; s:string; } function(aa:int; bb:int;) : bool function() : any diff --git a/testing/btest/bifs/type_name.bro b/testing/btest/bifs/type_name.bro index 531962e3f5..162d4825f5 100644 --- a/testing/btest/bifs/type_name.bro +++ b/testing/btest/bifs/type_name.bro @@ -26,11 +26,16 @@ event bro_init() local m = 192.168.0.0/16; local n = [fe80:1234::]/32; local o = vector( 1, 2, 3); - local p: vector of string = vector( "bro", "test" ); + local p: vector of table[count] of string = vector( + table( [1] = "test", [2] = "bro" ), + table( [1] = "another", [2] = "test" ) ); local q = set( 1, 2, 3); - local r = set( "this", "test"); + local r: set[port, string] = set( [21/tcp, "ftp"], [23/tcp, "telnet"] ); local s: table[count] of string = { [1] = "test", [2] = "bro" }; - local t: table[string] of count = { ["a"] = 5, ["b"] = 3 }; + local t: table[string] of table[addr, port] of string = { + ["a"] = table( [192.168.0.2, 21/tcp] = "ftp", + [192.168.0.3, 80/tcp] = "http" ), + ["b"] = table( [192.168.0.2, 22/tcp] = "ssh" ) }; local u: myrecord = [ $c = 2, $s = "another test" ]; local v = function(aa: int, bb: int): bool { return aa < bb; }; local w = function(): any { }; @@ -51,8 +56,8 @@ event bro_init() print type_name(l); print type_name(m); print type_name(n); - print type_name(o); - print type_name(p); + print type_name(o); # TODO: result is just "vector" + print type_name(p); # TODO: result is just "vector" print type_name(q); print type_name(r); print type_name(s); @@ -61,6 +66,6 @@ event bro_init() print type_name(v); print type_name(w); print type_name(x); - print type_name(y); + print type_name(y); # TODO: result is "file of string" print type_name(bro_init); } From 6e5eb187dd722429c191ebb394d5816e59dca34b Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Fri, 1 Jun 2012 18:11:46 -0500 Subject: [PATCH 15/19] Improve "fmt" BIF documentation comment Also update test cases for fmt. --- src/bro.bif | 5 ++-- testing/btest/Baseline/bifs.fmt/out | 11 +++++-- testing/btest/bifs/fmt.bro | 45 +++++++++++++++++++---------- 3 files changed, 42 insertions(+), 19 deletions(-) diff --git a/src/bro.bif b/src/bro.bif index 3df4430746..f154fd0f86 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -1652,7 +1652,7 @@ function cat_sep%(sep: string, def: string, ...%): string ## ## - ``.``: Precision of floating point specifiers ``[efg]`` (< 128) ## -## - ``A``: Escape NUL bytes, i.e., replace ``0`` with ``\0`` +## - ``A``: Escape only NUL bytes (each one replaced with ``\0``) in a string ## ## - ``[DTdxsefg]``: Format specifier ## @@ -1664,7 +1664,8 @@ function cat_sep%(sep: string, def: string, ...%): string ## - ``x``: Unsigned hexadecimal (using C-style ``%llx``); ## addresses/ports are converted to host-byte order ## -## - ``s``: Escaped string +## - ``s``: String (byte values less than 32 or greater than 126 +## will be escaped) ## ## - ``[efg]``: Double ## diff --git a/testing/btest/Baseline/bifs.fmt/out b/testing/btest/Baseline/bifs.fmt/out index 6422294a39..2a28bf333a 100644 --- a/testing/btest/Baseline/bifs.fmt/out +++ b/testing/btest/Baseline/bifs.fmt/out @@ -44,5 +44,12 @@ test 310.000 310 310 -this\0test -this\0test +2 +3 +4 +2 +2 +6 +2 +2 +6 diff --git a/testing/btest/bifs/fmt.bro b/testing/btest/bifs/fmt.bro index bb2740d127..8a30abd199 100644 --- a/testing/btest/bifs/fmt.bro +++ b/testing/btest/bifs/fmt.bro @@ -6,16 +6,13 @@ type color: enum { Red, Blue }; event bro_init() { - local a = "foo"; - local b = 3; - local c = T; - local d = Blue; - local e = vector( 1, 2, 3); - local f = set( 1, 2, 3); - local g: table[count] of string = { [1] = "test", [2] = "bro" }; - local h = "this\0test"; + local a = Blue; + local b = vector( 1, 2, 3); + local c = set( 1, 2, 3); + local d: table[count] of string = { [1] = "test", [2] = "bro" }; - #print fmt(c, b, a); # this should work, according to doc comments + # TODO: this should work, according to doc comments + #print fmt(T, 3, "foo"); # tests with only a format string (no additional args) print fmt("test"); @@ -57,10 +54,10 @@ event bro_init() print fmt("*%10s*", [fe80:1234::]/32); print fmt("*%10s*", 3hr); print fmt("*%10s*", /^foo|bar/); + print fmt("*%10s*", a); + print fmt("*%10s*", b); + print fmt("*%10s*", c); print fmt("*%10s*", d); - print fmt("*%10s*", e); - print fmt("*%10s*", f); - print fmt("*%10s*", g); # tests of various data types without field width print fmt("%e", 3.1e+2); @@ -71,8 +68,26 @@ event bro_init() print fmt("%.3g", 3.1e+2); print fmt("%.7g", 3.1e+2); - # these produce same result - print fmt("%As", h); - print fmt("%s", h); + # Tests comparing "%As" and "%s" (the string length is printed instead + # of the string itself because the print command does its own escaping) + local s0 = "\x00\x07"; + local s1 = fmt("%As", s0); # expands \x00 to "\0" + local s2 = fmt("%s", s0); # expands \x00 to "\0", and \x07 to "^G" + print |s0|; + print |s1|; + print |s2|; + s0 = "\x07\x1f"; + s1 = fmt("%As", s0); + s2 = fmt("%s", s0); # expands \x07 to "^G", and \x1f to "\x1f" + print |s0|; + print |s1|; + print |s2|; + + s0 = "\x7f\xff"; + s1 = fmt("%As", s0); + s2 = fmt("%s", s0); # expands \x7f to "^?", and \xff to "\xff" + print |s0|; + print |s1|; + print |s2|; } From 89cb103a2c07aede9969ee586225c4d7b0411a29 Mon Sep 17 00:00:00 2001 From: Seth Hall Date: Tue, 5 Jun 2012 11:25:10 -0400 Subject: [PATCH 16/19] Fixed a bug with the MIME analyzer not removing whitespace on wrapped headers. - No test due to lack of tracefile with wrapped header. --- src/MIME.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/MIME.cc b/src/MIME.cc index 4a7c0268b0..11f764266d 100644 --- a/src/MIME.cc +++ b/src/MIME.cc @@ -426,7 +426,8 @@ void MIME_Entity::ContHeader(int len, const char* data) return; } - current_header_line->append(len, data); + int ws = MIME_count_leading_lws(len, data); + current_header_line->append(len - ws, data + ws); } void MIME_Entity::FinishHeader() From 7599ac8f31fa9a4b0943408c3041be9ba7ece3d3 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Wed, 6 Jun 2012 11:50:15 -0500 Subject: [PATCH 17/19] Memory leak fixes for bad usages of VectorVal ctor. Many usages of the VectorVal ctor didn't account for the fact that it automatically Ref's the VectorType argument and end up leaking it. --- scripts/base/init-bare.bro | 12 ++++-- src/IP.cc | 12 +++--- src/bro.bif | 8 ++-- src/strings.bif | 4 +- .../core.leaks.ipv6_ext_headers/output | 4 ++ .../core.leaks.vector-val-bifs/output | 10 +++++ .../btest/core/leaks/ipv6_ext_headers.test | 37 +++++++++++++++++++ testing/btest/core/leaks/vector-val-bifs.test | 28 ++++++++++++++ 8 files changed, 100 insertions(+), 15 deletions(-) create mode 100644 testing/btest/Baseline/core.leaks.ipv6_ext_headers/output create mode 100644 testing/btest/Baseline/core.leaks.vector-val-bifs/output create mode 100644 testing/btest/core/leaks/ipv6_ext_headers.test create mode 100644 testing/btest/core/leaks/vector-val-bifs.test diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro index da2b742725..515cbde6cb 100644 --- a/scripts/base/init-bare.bro +++ b/scripts/base/init-bare.bro @@ -977,6 +977,9 @@ type ip6_option: record { data: string; ##< Option data. }; +## A type alias for a vector of IPv6 options. +type ip6_options: vector of ip6_option; + ## Values extracted from an IPv6 Hop-by-Hop options extension header. ## ## .. bro:see:: pkt_hdr ip4_hdr ip6_hdr ip6_ext_hdr ip6_option @@ -987,7 +990,7 @@ type ip6_hopopts: record { ## Length of header in 8-octet units, excluding first unit. len: count; ## The TLV encoded options; - options: vector of ip6_option; + options: ip6_options; }; ## Values extracted from an IPv6 Destination options extension header. @@ -1000,7 +1003,7 @@ type ip6_dstopts: record { ## Length of header in 8-octet units, excluding first unit. len: count; ## The TLV encoded options; - options: vector of ip6_option; + options: ip6_options; }; ## Values extracted from an IPv6 Routing extension header. @@ -1245,6 +1248,9 @@ type ip6_ext_hdr: record { mobility: ip6_mobility_hdr &optional; }; +## A type alias for a vector of IPv6 extension headers +type ip6_ext_hdr_chain: vector of ip6_ext_hdr; + ## Values extracted from an IPv6 header. ## ## .. bro:see:: pkt_hdr ip4_hdr ip6_ext_hdr ip6_hopopts ip6_dstopts @@ -1259,7 +1265,7 @@ type ip6_hdr: record { hlim: count; ##< Hop limit. src: addr; ##< Source address. dst: addr; ##< Destination address. - exts: vector of ip6_ext_hdr; ##< Extension header chain. + exts: ip6_ext_hdr_chain; ##< Extension header chain. }; ## Values extracted from an IPv4 header. diff --git a/src/IP.cc b/src/IP.cc index f5598600d5..45afd593a9 100644 --- a/src/IP.cc +++ b/src/IP.cc @@ -36,13 +36,12 @@ static inline RecordType* hdrType(RecordType*& type, const char* name) static VectorVal* BuildOptionsVal(const u_char* data, int len) { - VectorVal* vv = new VectorVal(new VectorType( - hdrType(ip6_option_type, "ip6_option")->Ref())); + VectorVal* vv = new VectorVal(internal_type("ip6_options")->AsVectorType()); while ( len > 0 ) { const struct ip6_opt* opt = (const struct ip6_opt*) data; - RecordVal* rv = new RecordVal(ip6_option_type); + RecordVal* rv = new RecordVal(hdrType(ip6_option_type, "ip6_option")); rv->Assign(0, new Val(opt->ip6o_type, TYPE_COUNT)); if ( opt->ip6o_type == 0 ) @@ -87,8 +86,8 @@ RecordVal* IPv6_Hdr::BuildRecordVal(VectorVal* chain) const rv->Assign(5, new AddrVal(IPAddr(ip6->ip6_src))); rv->Assign(6, new AddrVal(IPAddr(ip6->ip6_dst))); if ( ! chain ) - chain = new VectorVal(new VectorType( - hdrType(ip6_ext_hdr_type, "ip6_ext_hdr")->Ref())); + chain = new VectorVal( + internal_type("ip6_ext_hdr_chain")->AsVectorType()); rv->Assign(7, chain); } break; @@ -583,7 +582,8 @@ VectorVal* IPv6_Hdr_Chain::BuildVal() const ip6_mob_type = internal_type("ip6_mobility_hdr")->AsRecordType(); } - VectorVal* rval = new VectorVal(new VectorType(ip6_ext_hdr_type->Ref())); + VectorVal* rval = new VectorVal( + internal_type("ip6_ext_hdr_chain")->AsVectorType()); for ( size_t i = 1; i < chain.size(); ++i ) { diff --git a/src/bro.bif b/src/bro.bif index e1521adee8..5417ba3591 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -1494,8 +1494,8 @@ function sort%(v: any, ...%) : any ## .. bro:see:: sort function order%(v: any, ...%) : index_vec %{ - VectorVal* result_v = - new VectorVal(new VectorType(base_type(TYPE_COUNT))); + VectorVal* result_v = new VectorVal( + internal_type("index_vec")->AsVectorType()); if ( v->Type()->Tag() != TYPE_VECTOR ) { @@ -2331,7 +2331,7 @@ function is_v6_addr%(a: addr%): bool ## Returns: The vector of addresses contained in the routing header data. function routing0_data_to_addrs%(s: string%): addr_vec %{ - VectorVal* rval = new VectorVal(new VectorType(base_type(TYPE_ADDR))); + VectorVal* rval = new VectorVal(internal_type("addr_vec")->AsVectorType()); int len = s->Len(); const u_char* bytes = s->Bytes(); @@ -2362,7 +2362,7 @@ function routing0_data_to_addrs%(s: string%): addr_vec ## .. bro:see:: counts_to_addr function addr_to_counts%(a: addr%): index_vec %{ - VectorVal* rval = new VectorVal(new VectorType(base_type(TYPE_COUNT))); + VectorVal* rval = new VectorVal(internal_type("index_vec")->AsVectorType()); const uint32* bytes; int len = a->AsAddr().GetBytes(&bytes); diff --git a/src/strings.bif b/src/strings.bif index 27c11b4013..4c3b331b8a 100644 --- a/src/strings.bif +++ b/src/strings.bif @@ -875,8 +875,8 @@ function str_split%(s: string, idx: index_vec%): string_vec indices[i] = (*idx_v)[i]->AsCount(); BroString::Vec* result = s->AsString()->Split(indices); - VectorVal* result_v = - new VectorVal(new VectorType(base_type(TYPE_STRING))); + VectorVal* result_v = new VectorVal( + internal_type("string_vec")->AsVectorType()); if ( result ) { diff --git a/testing/btest/Baseline/core.leaks.ipv6_ext_headers/output b/testing/btest/Baseline/core.leaks.ipv6_ext_headers/output new file mode 100644 index 0000000000..5c2177718c --- /dev/null +++ b/testing/btest/Baseline/core.leaks.ipv6_ext_headers/output @@ -0,0 +1,4 @@ +weird routing0_hdr from 2001:4f8:4:7:2e0:81ff:fe52:ffff to 2001:78:1:32::2 +[orig_h=2001:4f8:4:7:2e0:81ff:fe52:ffff, orig_p=53/udp, resp_h=2001:78:1:32::2, resp_p=53/udp] +[ip=, ip6=[class=0, flow=0, len=59, nxt=0, hlim=64, src=2001:4f8:4:7:2e0:81ff:fe52:ffff, dst=2001:4f8:4:7:2e0:81ff:fe52:9a6b, exts=[[id=0, hopopts=[nxt=43, len=0, options=[[otype=1, len=4, data=\0\0\0\0]]], dstopts=, routing=, fragment=, ah=, esp=, mobility=], [id=43, hopopts=, dstopts=, routing=[nxt=17, len=4, rtype=0, segleft=2, data=\0\0\0\0 ^A\0x\0^A\02\0\0\0\0\0\0\0^A ^A\0x\0^A\02\0\0\0\0\0\0\0^B], fragment=, ah=, esp=, mobility=]]], tcp=, udp=[sport=53/udp, dport=53/udp, ulen=11], icmp=] +[2001:78:1:32::1, 2001:78:1:32::2] diff --git a/testing/btest/Baseline/core.leaks.vector-val-bifs/output b/testing/btest/Baseline/core.leaks.vector-val-bifs/output new file mode 100644 index 0000000000..4a57d29a71 --- /dev/null +++ b/testing/btest/Baseline/core.leaks.vector-val-bifs/output @@ -0,0 +1,10 @@ +[1, 3, 0, 2] +[2374950123] +[1, 3, 0, 2] +[2374950123] +[1, 3, 0, 2] +[2374950123] +[1, 3, 0, 2] +[3353991673] +[1, 3, 0, 2] +[3353991673] diff --git a/testing/btest/core/leaks/ipv6_ext_headers.test b/testing/btest/core/leaks/ipv6_ext_headers.test new file mode 100644 index 0000000000..3b2497655c --- /dev/null +++ b/testing/btest/core/leaks/ipv6_ext_headers.test @@ -0,0 +1,37 @@ +# Needs perftools support. +# +# @TEST-GROUP: leaks +# +# @TEST-REQUIRES: bro --help 2>&1 | grep -q mem-leaks +# +# @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local bro -m -b -r $TRACES/ipv6-hbh-routing0.trace %INPUT >output +# @TEST-EXEC: btest-diff output + +# Just check that the event is raised correctly for a packet containing +# extension headers. +event ipv6_ext_headers(c: connection, p: pkt_hdr) + { + print p; + } + +# Also check the weird for routing type 0 extensions headers +event flow_weird(name: string, src: addr, dst: addr) + { + print fmt("weird %s from %s to %s", name, src, dst); + } + +# And the connection for routing type 0 packets with non-zero segments left +# should use the last address in that extension header. +event new_connection(c: connection) + { + print c$id; + } + +event ipv6_ext_headers(c: connection, p: pkt_hdr) + { + for ( h in p$ip6$exts ) + if ( p$ip6$exts[h]$id == IPPROTO_ROUTING ) + if ( p$ip6$exts[h]$routing$rtype == 0 ) + print routing0_data_to_addrs(p$ip6$exts[h]$routing$data); + } + diff --git a/testing/btest/core/leaks/vector-val-bifs.test b/testing/btest/core/leaks/vector-val-bifs.test new file mode 100644 index 0000000000..d42e273bc5 --- /dev/null +++ b/testing/btest/core/leaks/vector-val-bifs.test @@ -0,0 +1,28 @@ +# Needs perftools support. +# +# @TEST-GROUP: leaks +# +# @TEST-REQUIRES: bro --help 2>&1 | grep -q mem-leaks +# +# The BIFS used in this test originally didn't call the VectorVal() ctor right, +# assuming that it didn't automatically Ref the VectorType argument and thus +# leaked that memeory. +# +# @TEST-EXEC: HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local bro -m -b -r $TRACES/ftp-ipv4.trace %INPUT >output +# @TEST-EXEC: btest-diff output + +function myfunc(aa: interval, bb: interval): int + { + if ( aa < bb ) + return -1; + else + return 1; + } + +event new_connection(c: connection) + { + local a = vector( 5, 2, 8, 3 ); + print order(a); + str_split("this is a test string", a); + print addr_to_counts(c$id$orig_h); + } From f0db2db9146aaaa29680e278693a35518953fa2a Mon Sep 17 00:00:00 2001 From: Robin Sommer Date: Wed, 6 Jun 2012 11:55:15 -0700 Subject: [PATCH 18/19] Updating submodule(s). [nomail] --- aux/broctl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aux/broctl b/aux/broctl index 892b60edb9..589cb04c3d 160000 --- a/aux/broctl +++ b/aux/broctl @@ -1 +1 @@ -Subproject commit 892b60edb967bb456872638f22ba994e84530137 +Subproject commit 589cb04c3d7e28a81aa07454e2b9b6b092f0e1af From 9a86a5e21f0ce305e2fc7bab44ac68d62c1d29a4 Mon Sep 17 00:00:00 2001 From: Robin Sommer Date: Wed, 6 Jun 2012 12:21:24 -0700 Subject: [PATCH 19/19] Revert "Fixed a bug with the MIME analyzer not removing whitespace on wrapped headers." This reverts commit 89cb103a2c07aede9969ee586225c4d7b0411a29. --- src/MIME.cc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/MIME.cc b/src/MIME.cc index 11f764266d..4a7c0268b0 100644 --- a/src/MIME.cc +++ b/src/MIME.cc @@ -426,8 +426,7 @@ void MIME_Entity::ContHeader(int len, const char* data) return; } - int ws = MIME_count_leading_lws(len, data); - current_header_line->append(len - ws, data + ws); + current_header_line->append(len, data); } void MIME_Entity::FinishHeader()