diff --git a/CHANGES b/CHANGES index 40d5b81a87..f2243696b6 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,29 @@ +5.2.0-dev.140 | 2022-10-25 12:34:39 +0200 + + * scripts: Migrate table iteration to blank identifiers (Arne Welzel, Corelight) + + * Introduce special treatment for the blank identifier _ (Arne Welzel, Corelight) + + Mostly: Do not instantiate variables within for loops and allow + reusing differently typed blanks which previously wasn't possible. + + * Management framework: bump zeek-client and cluster testsuite (Christian Kreibich, Corelight) + + * Add new zeek-client dependency to Dockerfile: python3-websocket (Christian Kreibich, Corelight) + + This is a required dependency of zeek-client, and available as a .deb on Debian. + + * Management framework: add websocket support to controller (Christian Kreibich, Corelight) + + The controller now listens on an additional port, defaulting to 2149, for Broker + connections via websockets. Configuration works as for the existing traditional + Broker port (2150), via ZEEK_CONTROLLER_WEBSOCKET_ADDR and + ZEEK_CONTROLLER_WEBSOCKET_PORT environment variables, as well as corresponding + redef'able constants. + + To disable the websockets feature, leave ZEEK_CONTROLLER_WEBSOCKET_PORT unset + and redefine Management::Controller::default_port_websocket to 0/unknown. + 5.2.0-dev.134 | 2022-10-24 08:10:06 -0700 * Re-enable ci-based benchmarking (Tim Wojtulewicz, Corelight) diff --git a/NEWS b/NEWS index b31b1e62e3..77c97a29d7 100644 --- a/NEWS +++ b/NEWS @@ -17,6 +17,9 @@ Breaking Changes clusters running on FreeBSD, as that OS uses a different range for ephemeral ports. +- The blank identifier ``_`` cannot be used in expressions and options anymore. + Outside of obfuscation exercises, this should have little real-world impact. + New Functionality ----------------- @@ -39,6 +42,34 @@ New Functionality been extended to work for packet and file analyzers. This now allows to leverage ``Analyzer::disabled_analyzers`` for these kinds of analyzers. +- The blank identifier ``_`` can now be used to ignore loop variables of + different types without type clash errors. This allows to do the following + within the same scope: + + local vec = vector("a", "b", "c"); + for ( _, v in vec ) + print v; + + for ( i, _ in vec ) + print v; + + Iterating over only the values of a table can be done by ignoring the full + index with a single blank identifier. Due to the internal structure of Zeek + tables, this can result in a performance improvement. + + local tab = table(["a", 1, T] = "a1T", ["b", 2, F] = "b2f"); + for ( _, v in tab ) + print v; + + It's also possible ignore individual indices of different types with the + blank identifier ``_`` as follows: + + for ( [_, i, _], v in tab ) + print i, v; + + As noted under breaking changes, the blank identifier ``_`` cannot be + referenced in expression anymore. + Changed Functionality --------------------- diff --git a/VERSION b/VERSION index 7545e66432..a9fe16538b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -5.2.0-dev.134 +5.2.0-dev.140 diff --git a/scripts/base/frameworks/cluster/pools.zeek b/scripts/base/frameworks/cluster/pools.zeek index 8b2b9dee62..875476b6f5 100644 --- a/scripts/base/frameworks/cluster/pools.zeek +++ b/scripts/base/frameworks/cluster/pools.zeek @@ -246,7 +246,7 @@ event Cluster::node_down(name: string, id: string) &priority=10 function site_id_in_pool(pool: Pool, site_id: count): bool { - for ( i, pn in pool$nodes ) + for ( _, pn in pool$nodes ) { if ( pn$site_id == site_id ) return T; diff --git a/scripts/base/frameworks/intel/files.zeek b/scripts/base/frameworks/intel/files.zeek index d292693d66..46e8f40979 100644 --- a/scripts/base/frameworks/intel/files.zeek +++ b/scripts/base/frameworks/intel/files.zeek @@ -53,7 +53,7 @@ hook extend_match(info: Info, s: Seen, items: set[Item]) &priority=6 if ( s$f?$conns && |s$f$conns| == 1 ) { - for ( cid, c in s$f$conns ) + for ( _, c in s$f$conns ) s$conn = c; } diff --git a/scripts/base/frameworks/intel/main.zeek b/scripts/base/frameworks/intel/main.zeek index 8464e7ebfe..0c3a05becf 100644 --- a/scripts/base/frameworks/intel/main.zeek +++ b/scripts/base/frameworks/intel/main.zeek @@ -246,7 +246,7 @@ function expire_host_data(data: table[addr] of MetaDataTable, idx: addr): interv { local meta_tbl: MetaDataTable = data[idx]; local metas: set[MetaData]; - for ( src, md in meta_tbl ) + for ( _, md in meta_tbl ) add metas[md]; return expire_item(cat(idx), ADDR, metas); @@ -256,7 +256,7 @@ function expire_subnet_data(data: table[subnet] of MetaDataTable, idx: subnet): { local meta_tbl: MetaDataTable = data[idx]; local metas: set[MetaData]; - for ( src, md in meta_tbl ) + for ( _, md in meta_tbl ) add metas[md]; return expire_item(cat(idx), SUBNET, metas); @@ -270,7 +270,7 @@ function expire_string_data(data: table[string, Type] of MetaDataTable, idx: any local meta_tbl: MetaDataTable = data[indicator, indicator_type]; local metas: set[MetaData]; - for ( src, md in meta_tbl ) + for ( _, md in meta_tbl ) add metas[md]; return expire_item(indicator, indicator_type, metas); @@ -317,7 +317,7 @@ function get_items(s: Seen): set[Item] if ( s$host in data_store$host_data ) { mt = data_store$host_data[s$host]; - for ( m, md in mt ) + for ( _, md in mt ) { add return_data[Item($indicator=cat(s$host), $indicator_type=ADDR, $meta=md)]; } @@ -327,7 +327,7 @@ function get_items(s: Seen): set[Item] nets = filter_subnet_table(addr_to_subnet(s$host), data_store$subnet_data); for ( n, mt in nets ) { - for ( m, md in mt ) + for ( _, md in mt ) { add return_data[Item($indicator=cat(n), $indicator_type=SUBNET, $meta=md)]; } diff --git a/scripts/base/frameworks/packet-filter/main.zeek b/scripts/base/frameworks/packet-filter/main.zeek index 51015c307a..9e18795132 100644 --- a/scripts/base/frameworks/packet-filter/main.zeek +++ b/scripts/base/frameworks/packet-filter/main.zeek @@ -240,7 +240,7 @@ function build(): string if ( |capture_filters| == 0 && ! enable_auto_protocol_capture_filters ) cfilter = default_capture_filter; - for ( id, cf in capture_filters ) + for ( _, cf in capture_filters ) cfilter = combine_filters(cfilter, "or", cf); if ( enable_auto_protocol_capture_filters ) @@ -248,11 +248,11 @@ function build(): string # Apply the restriction filters. local rfilter = ""; - for ( id, rf in restrict_filters ) + for ( _, rf in restrict_filters ) rfilter = combine_filters(rfilter, "and", rf); # Apply the dynamic restriction filters. - for ( filt, drf in dynamic_restrict_filters ) + for ( _, drf in dynamic_restrict_filters ) rfilter = combine_filters(rfilter, "and", string_cat("not (", drf, ")")); # Finally, join them into one filter. diff --git a/scripts/base/protocols/dce-rpc/main.zeek b/scripts/base/protocols/dce-rpc/main.zeek index 761c8f6a5c..b5b9f77e72 100644 --- a/scripts/base/protocols/dce-rpc/main.zeek +++ b/scripts/base/protocols/dce-rpc/main.zeek @@ -222,7 +222,7 @@ hook finalize_dce_rpc(c: connection) return; # TODO: Go through any remaining dce_rpc requests that haven't been processed with replies. - for ( i, x in c$dce_rpc_backing ) + for ( _, x in c$dce_rpc_backing ) { set_state(c, x); diff --git a/scripts/base/protocols/dns/main.zeek b/scripts/base/protocols/dns/main.zeek index fa22cdba13..5e6980a7e6 100644 --- a/scripts/base/protocols/dns/main.zeek +++ b/scripts/base/protocols/dns/main.zeek @@ -191,7 +191,7 @@ function log_unmatched_msgs_queue(q: Queue::Queue) function log_unmatched_msgs(msgs: PendingMessages) { - for ( trans_id, q in msgs ) + for ( _, q in msgs ) { log_unmatched_msgs_queue(q); } diff --git a/scripts/base/protocols/ftp/files.zeek b/scripts/base/protocols/ftp/files.zeek index e7a200f927..680e7f254d 100644 --- a/scripts/base/protocols/ftp/files.zeek +++ b/scripts/base/protocols/ftp/files.zeek @@ -37,7 +37,7 @@ function describe_file(f: fa_file): string if ( f$source != "FTP" ) return ""; - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( c?$ftp ) return FTP::describe(c$ftp); diff --git a/scripts/base/protocols/ftp/main.zeek b/scripts/base/protocols/ftp/main.zeek index f9da769fea..a68aa9837b 100644 --- a/scripts/base/protocols/ftp/main.zeek +++ b/scripts/base/protocols/ftp/main.zeek @@ -369,7 +369,7 @@ hook finalize_ftp(c: connection) { if ( ! c?$ftp ) return; - for ( ca, cmdarg in c$ftp$pending_commands ) + for ( _, cmdarg in c$ftp$pending_commands ) { c$ftp$cmdarg = cmdarg; ftp_message(c$ftp); diff --git a/scripts/base/protocols/http/files.zeek b/scripts/base/protocols/http/files.zeek index a8a67762d4..34adc58c08 100644 --- a/scripts/base/protocols/http/files.zeek +++ b/scripts/base/protocols/http/files.zeek @@ -40,7 +40,7 @@ function describe_file(f: fa_file): string if ( f$source != "HTTP" ) return ""; - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( c?$http ) return build_url_http(c$http); diff --git a/scripts/base/protocols/krb/files.zeek b/scripts/base/protocols/krb/files.zeek index fbcc7a7336..8ea8c91638 100644 --- a/scripts/base/protocols/krb/files.zeek +++ b/scripts/base/protocols/krb/files.zeek @@ -48,7 +48,7 @@ function describe_file(f: fa_file): string # are already populated). # # Just return a bit of our connection information and hope that that is good enough. - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( c?$krb ) { diff --git a/scripts/base/protocols/smb/files.zeek b/scripts/base/protocols/smb/files.zeek index a47874d480..08e62c6954 100644 --- a/scripts/base/protocols/smb/files.zeek +++ b/scripts/base/protocols/smb/files.zeek @@ -39,7 +39,7 @@ function describe_file(f: fa_file): string if ( f$source != "SMB" ) return ""; - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( c?$smb_state && c$smb_state?$current_file && c$smb_state$current_file?$name ) return c$smb_state$current_file$name; diff --git a/scripts/base/protocols/smb/main.zeek b/scripts/base/protocols/smb/main.zeek index 703a76903d..6e2854327b 100644 --- a/scripts/base/protocols/smb/main.zeek +++ b/scripts/base/protocols/smb/main.zeek @@ -241,7 +241,7 @@ event file_state_remove(f: fa_file) &priority=-5 if ( f$source != "SMB" ) return; - for ( id, c in f$conns ) + for ( _, c in f$conns ) { if ( c?$smb_state && c$smb_state?$current_file) { diff --git a/scripts/base/protocols/smtp/files.zeek b/scripts/base/protocols/smtp/files.zeek index cb38c27c97..3dd39a018d 100644 --- a/scripts/base/protocols/smtp/files.zeek +++ b/scripts/base/protocols/smtp/files.zeek @@ -31,7 +31,7 @@ function describe_file(f: fa_file): string if ( f$source != "SMTP" ) return ""; - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { return SMTP::describe(c$smtp); } diff --git a/scripts/base/protocols/ssl/files.zeek b/scripts/base/protocols/ssl/files.zeek index c6be72100e..1babbf2c4e 100644 --- a/scripts/base/protocols/ssl/files.zeek +++ b/scripts/base/protocols/ssl/files.zeek @@ -81,7 +81,7 @@ function describe_file(f: fa_file): string # are already populated). # # Just return a bit of our connection information and hope that that is good enough. - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( c?$ssl ) { @@ -138,7 +138,7 @@ event file_sniff(f: fa_file, meta: fa_metadata) &priority=5 local c: connection &is_assigned; # to help static analysis - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( ! c?$ssl ) return; diff --git a/scripts/policy/protocols/smtp/entities-excerpt.zeek b/scripts/policy/protocols/smtp/entities-excerpt.zeek index 4dad6d3e39..8d826e7e4e 100644 --- a/scripts/policy/protocols/smtp/entities-excerpt.zeek +++ b/scripts/policy/protocols/smtp/entities-excerpt.zeek @@ -24,7 +24,7 @@ event file_new(f: fa_file) &priority=5 if ( ! f?$bof_buffer ) return; if ( ! f?$conns ) return; - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( ! c?$smtp ) next; diff --git a/scripts/policy/protocols/ssl/validate-sct.zeek b/scripts/policy/protocols/ssl/validate-sct.zeek index d17caa94d1..3a0872b18f 100644 --- a/scripts/policy/protocols/ssl/validate-sct.zeek +++ b/scripts/policy/protocols/ssl/validate-sct.zeek @@ -97,7 +97,7 @@ event x509_ocsp_ext_signed_certificate_timestamp(f: fa_file, version: count, log local c: connection &is_assigned; - for ( cid, c in f$conns ) + for ( _, c in f$conns ) { if ( ! c?$ssl ) return; diff --git a/src/ID.cc b/src/ID.cc index 2df52b2520..bfc4f57ea1 100644 --- a/src/ID.cc +++ b/src/ID.cc @@ -114,11 +114,15 @@ ID::ID(const char* arg_name, IDScope arg_scope, bool arg_is_export) scope = arg_scope; is_export = arg_is_export; is_option = false; + is_blank = name && extract_var_name(name) == "_"; is_const = false; is_enum_const = false; is_type = false; offset = 0; + if ( is_blank ) + SetType(base_type(TYPE_ANY)); + opt_info = new IDOptInfo(this); infer_return_type = false; diff --git a/src/ID.h b/src/ID.h index 28b0a5689d..47322d78a2 100644 --- a/src/ID.h +++ b/src/ID.h @@ -105,6 +105,7 @@ public: void SetOption(); bool IsOption() const { return is_option; } + bool IsBlank() const { return is_blank; }; void SetEnumConst() { is_enum_const = true; } bool IsEnumConst() const { return is_enum_const; } @@ -162,7 +163,7 @@ protected: bool is_export; bool infer_return_type; TypePtr type; - bool is_const, is_enum_const, is_type, is_option; + bool is_const, is_enum_const, is_type, is_option, is_blank; int offset; ValPtr val; AttributesPtr attrs; diff --git a/src/Stmt.cc b/src/Stmt.cc index 6f49fc79ec..f13c21455c 100644 --- a/src/Stmt.cc +++ b/src/Stmt.cc @@ -1221,7 +1221,17 @@ ForStmt::ForStmt(IDPList* arg_loop_vars, ExprPtr loop_expr) { const auto& indices = e->GetType()->AsTableType()->GetIndexTypes(); - if ( static_cast(indices.size()) != loop_vars->length() ) + if ( loop_vars->length() == 1 && (*loop_vars)[0]->IsBlank() ) + { + // Special case support for looping with a single loop_var + // ignoring the full index of a table. + // + // for ( _, value ) + // ... + // + return; + } + else if ( static_cast(indices.size()) != loop_vars->length() ) { e->Error("wrong index size"); return; @@ -1233,7 +1243,10 @@ ForStmt::ForStmt(IDPList* arg_loop_vars, ExprPtr loop_expr) const auto& lv = (*loop_vars)[i]; const auto& lvt = lv->GetType(); - if ( lvt ) + if ( lv->IsBlank() ) + continue; + + else if ( lvt ) { if ( ! same_type(lvt, ind_type) ) lvt->Error("type clash in iteration", ind_type.get()); @@ -1254,11 +1267,16 @@ ForStmt::ForStmt(IDPList* arg_loop_vars, ExprPtr loop_expr) return; } - const auto& t = (*loop_vars)[0]->GetType(); + const auto& lv = (*loop_vars)[0]; + const auto& t = lv->GetType(); - if ( ! t ) - add_local({NewRef{}, (*loop_vars)[0]}, base_type(TYPE_COUNT), INIT_NONE, nullptr, - nullptr, VAR_REGULAR); + if ( lv->IsBlank() ) + { + // nop + } + else if ( ! t ) + add_local({NewRef{}, lv}, base_type(TYPE_COUNT), INIT_NONE, nullptr, nullptr, + VAR_REGULAR); else if ( ! IsIntegral(t->Tag()) ) { @@ -1275,9 +1293,14 @@ ForStmt::ForStmt(IDPList* arg_loop_vars, ExprPtr loop_expr) return; } - const auto& t = (*loop_vars)[0]->GetType(); + const auto& lv = (*loop_vars)[0]; + const auto& t = lv->GetType(); - if ( ! t ) + if ( lv->IsBlank() ) + { + // nop + } + else if ( ! t ) add_local({NewRef{}, (*loop_vars)[0]}, base_type(TYPE_STRING), INIT_NONE, nullptr, nullptr, VAR_REGULAR); @@ -1312,7 +1335,10 @@ ForStmt::ForStmt(IDPList* arg_loop_vars, ExprPtr loop_expr, IDPtr val_var) } // Verify value_vars type if it's already been defined - if ( value_var->GetType() ) + if ( value_var->IsBlank() ) + value_var = ID::nil; + + else if ( value_var->GetType() ) { if ( ! same_type(value_var->GetType(), yield_type) ) value_var->GetType()->Error("type clash in iteration", yield_type.get()); @@ -1340,17 +1366,30 @@ ValPtr ForStmt::DoExec(Frame* f, Val* v, StmtFlowType& flow) if ( ! loop_vals->Length() ) return nullptr; + // If there are only blank loop_vars (iterating over just the values), + // we can avoid the RecreateIndex() overhead. + bool all_loop_vars_blank = true; + for ( const auto* lv : *loop_vars ) + all_loop_vars_blank &= lv->IsBlank(); + for ( const auto& lve : *loop_vals ) { auto k = lve.GetHashKey(); auto* current_tev = lve.value; - auto ind_lv = tv->RecreateIndex(*k); if ( value_var ) f->SetElement(value_var, current_tev->GetVal()); - for ( int i = 0; i < ind_lv->Length(); i++ ) - f->SetElement((*loop_vars)[i], ind_lv->Idx(i)); + if ( ! all_loop_vars_blank ) + { + auto ind_lv = tv->RecreateIndex(*k); + for ( int i = 0; i < ind_lv->Length(); i++ ) + { + const auto* lv = (*loop_vars)[i]; + if ( ! lv->IsBlank() ) + f->SetElement(lv, ind_lv->Idx(i)); + } + } flow = FLOW_NEXT; ret = body->Exec(f, flow); @@ -1375,7 +1414,10 @@ ValPtr ForStmt::DoExec(Frame* f, Val* v, StmtFlowType& flow) if ( value_var ) f->SetElement(value_var, vv->ValAt(i)); - f->SetElement((*loop_vars)[0], val_mgr->Count(i)); + const auto* lv = (*loop_vars)[0]; + if ( ! lv->IsBlank() ) + f->SetElement(lv, val_mgr->Count(i)); + flow = FLOW_NEXT; ret = body->Exec(f, flow); diff --git a/src/Var.cc b/src/Var.cc index c4e13c7d74..490761314a 100644 --- a/src/Var.cc +++ b/src/Var.cc @@ -209,7 +209,7 @@ static void make_var(const IDPtr& id, TypePtr t, InitClass c, ExprPtr init, init = expand_op(cast_intrusive(init), init_t); } - if ( id->GetType() ) + if ( id->GetType() && ! id->IsBlank() ) { if ( id->IsRedefinable() || (! init && attr && ! IsFunc(id->GetType()->Tag())) ) { @@ -247,7 +247,7 @@ static void make_var(const IDPtr& id, TypePtr t, InitClass c, ExprPtr init, t = id->GetType(); } - if ( id->GetType() && id->GetType()->Tag() != TYPE_ERROR ) + if ( id->GetType() && id->GetType()->Tag() != TYPE_ERROR && ! id->IsBlank() ) { if ( dt != VAR_REDEF && (! init || ! do_init || (! t && ! (t = init_type(init)))) ) { diff --git a/src/parse.y b/src/parse.y index b194ced9c0..337a1e63dc 100644 --- a/src/parse.y +++ b/src/parse.y @@ -915,7 +915,12 @@ expr: if ( id->IsDeprecated() ) reporter->Warning("%s", id->GetDeprecationWarning().c_str()); - if ( ! id->GetType() ) + if ( id->IsBlank() ) + { + $$ = new NameExpr(std::move(id)); + $$->SetError("blank identifier used in expression"); + } + else if ( ! id->GetType() ) { id->Error("undeclared variable"); id->SetType(error_type()); @@ -1330,7 +1335,10 @@ decl: | TOK_OPTION def_global_id opt_type init_class opt_init opt_attr ';' { - build_global($2, $3, $4, $5, $6, VAR_OPTION); + if ( $2->IsBlank() ) + $2->Error("blank identifier used as option"); + else + build_global($2, $3, $4, $5, $6, VAR_OPTION); } | TOK_CONST def_global_id opt_type init_class opt_init opt_attr ';' @@ -1873,6 +1881,7 @@ stmt: | TOK_CONST local_id opt_type init_class opt_init opt_attr ';' opt_no_test { set_location(@1, @6); + $$ = build_local($2, $3, $4, $5, $6, VAR_CONST, ! $8).release(); } @@ -2093,10 +2102,10 @@ local_id: if ( $$ ) { - if ( $$->IsGlobal() ) + if ( $$->IsGlobal() && ! $$->IsBlank() ) $$->Error("already a global identifier"); - if ( $$->IsConst() ) + if ( $$->IsConst() && ! $$->IsBlank() ) $$->Error("already a const identifier"); delete [] $1; diff --git a/testing/btest/Baseline/language.blank-expr-errors-2/.stderr b/testing/btest/Baseline/language.blank-expr-errors-2/.stderr new file mode 100644 index 0000000000..6b1eac8e31 --- /dev/null +++ b/testing/btest/Baseline/language.blank-expr-errors-2/.stderr @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +error in <...>/blank-expr-errors.zeek, line 4: blank identifier used in expression (_) diff --git a/testing/btest/Baseline/language.blank-expr-errors-3/.stderr b/testing/btest/Baseline/language.blank-expr-errors-3/.stderr new file mode 100644 index 0000000000..d4821ffe98 --- /dev/null +++ b/testing/btest/Baseline/language.blank-expr-errors-3/.stderr @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +error in <...>/blank-expr-errors.zeek, line 6: blank identifier used in expression (MyModule::_) diff --git a/testing/btest/Baseline/language.blank-expr-errors-4/.stderr b/testing/btest/Baseline/language.blank-expr-errors-4/.stderr new file mode 100644 index 0000000000..b54f2d62c5 --- /dev/null +++ b/testing/btest/Baseline/language.blank-expr-errors-4/.stderr @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +error in <...>/blank-expr-errors.zeek, line 11: blank identifier used in expression (MyModule::_) diff --git a/testing/btest/Baseline/language.blank-expr-errors-5/.stderr b/testing/btest/Baseline/language.blank-expr-errors-5/.stderr new file mode 100644 index 0000000000..d4821ffe98 --- /dev/null +++ b/testing/btest/Baseline/language.blank-expr-errors-5/.stderr @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +error in <...>/blank-expr-errors.zeek, line 6: blank identifier used in expression (MyModule::_) diff --git a/testing/btest/Baseline/language.blank-expr-errors/.stderr b/testing/btest/Baseline/language.blank-expr-errors/.stderr new file mode 100644 index 0000000000..f8f0b87d81 --- /dev/null +++ b/testing/btest/Baseline/language.blank-expr-errors/.stderr @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +error in <...>/blank-expr-errors.zeek, line 9: blank identifier used in expression (_) diff --git a/testing/btest/Baseline/language.blank-for/output b/testing/btest/Baseline/language.blank-for/output new file mode 100644 index 0000000000..7829b9d25e --- /dev/null +++ b/testing/btest/Baseline/language.blank-for/output @@ -0,0 +1,31 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +== vec 1 +a +b +c +== vec 2 +idxsum(vec), 3 +== vec 3 +veclen(vec), 3 +== t1 1 +c +b +a +== t1 2 +keyc +keyb +keya +== t1 3 +t1len, 3 +== t2 1 +1, a1a +3, c3c +2, b2b +== t2 2 +a, T +c, T +b, F +== t2 3 +t2concat, a1ac3cb2b +== s +strlen(s), 10 diff --git a/testing/btest/Baseline/language.blank-local-2/.stderr b/testing/btest/Baseline/language.blank-local-2/.stderr new file mode 100644 index 0000000000..49d861c74c --- /dev/null +++ b/testing/btest/Baseline/language.blank-local-2/.stderr @@ -0,0 +1 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. diff --git a/testing/btest/Baseline/language.blank-local-3/.stderr b/testing/btest/Baseline/language.blank-local-3/.stderr new file mode 100644 index 0000000000..49d861c74c --- /dev/null +++ b/testing/btest/Baseline/language.blank-local-3/.stderr @@ -0,0 +1 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. diff --git a/testing/btest/Baseline/language.blank-local-4/.stderr b/testing/btest/Baseline/language.blank-local-4/.stderr new file mode 100644 index 0000000000..49d861c74c --- /dev/null +++ b/testing/btest/Baseline/language.blank-local-4/.stderr @@ -0,0 +1 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. diff --git a/testing/btest/Baseline/language.blank-local/.stderr b/testing/btest/Baseline/language.blank-local/.stderr new file mode 100644 index 0000000000..49d861c74c --- /dev/null +++ b/testing/btest/Baseline/language.blank-local/.stderr @@ -0,0 +1 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. diff --git a/testing/btest/Baseline/language.blank-option-error/.stderr b/testing/btest/Baseline/language.blank-option-error/.stderr new file mode 100644 index 0000000000..f0d70b14e9 --- /dev/null +++ b/testing/btest/Baseline/language.blank-option-error/.stderr @@ -0,0 +1,2 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +error in <...>/blank-option-error.zeek, line 9: blank identifier used as option (MyModule::_) diff --git a/testing/btest/Baseline/plugins.hooks/output b/testing/btest/Baseline/plugins.hooks/output index 6b1cf39c25..f16b5939b9 100644 --- a/testing/btest/Baseline/plugins.hooks/output +++ b/testing/btest/Baseline/plugins.hooks/output @@ -179,15 +179,15 @@ 0.000000 MetaHookPost CallFunction(Files::register_for_mime_type, , (Files::ANALYZER_X509, application/x-x509-ca-cert)) -> 0.000000 MetaHookPost CallFunction(Files::register_for_mime_type, , (Files::ANALYZER_X509, application/x-x509-user-cert)) -> 0.000000 MetaHookPost CallFunction(Files::register_for_mime_types, , (Files::ANALYZER_PE, {application/x-dosexec})) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_DTLS, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::cid, SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::cid] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_FTP_DATA, [get_file_handle=FTP::get_file_handle{ if (!FTP::c$id$resp_h, FTP::c$id$resp_p in FTP::ftp_data_expected) return ()return (cat(Analyzer::ANALYZER_FTP_DATA, FTP::c$start_time, FTP::c$id, FTP::is_orig))}, describe=FTP::describe_file{ FTP::cid, FTP::c{ if (FTP::f$source != FTP) return ()for ([FTP::cid] in FTP::f$conns) { if (FTP::c?$ftp) return (FTP::describe(FTP::c$ftp))}return ()}}])) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_HTTP, [get_file_handle=HTTP::get_file_handle{ if (!HTTP::c?$http) return ()if (HTTP::c$http$range_request && !HTTP::is_orig) { return (cat(Analyzer::ANALYZER_HTTP, HTTP::is_orig, HTTP::c$id$orig_h, HTTP::build_url(HTTP::c$http)))}else{ HTTP::mime_depth = HTTP::is_orig ? HTTP::c$http$orig_mime_depth : HTTP::c$http$resp_mime_depthreturn (cat(Analyzer::ANALYZER_HTTP, HTTP::c$start_time, HTTP::is_orig, HTTP::c$http$trans_depth, HTTP::mime_depth, id_string(HTTP::c$id)))}}, describe=HTTP::describe_file{ HTTP::cid, HTTP::c{ if (HTTP::f$source != HTTP) return ()for ([HTTP::cid] in HTTP::f$conns) { if (HTTP::c?$http) return (HTTP::build_url_http(HTTP::c$http))}return ()}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_DTLS, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::_] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_FTP_DATA, [get_file_handle=FTP::get_file_handle{ if (!FTP::c$id$resp_h, FTP::c$id$resp_p in FTP::ftp_data_expected) return ()return (cat(Analyzer::ANALYZER_FTP_DATA, FTP::c$start_time, FTP::c$id, FTP::is_orig))}, describe=FTP::describe_file{ FTP::c{ if (FTP::f$source != FTP) return ()for ([FTP::_] in FTP::f$conns) { if (FTP::c?$ftp) return (FTP::describe(FTP::c$ftp))}return ()}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_HTTP, [get_file_handle=HTTP::get_file_handle{ if (!HTTP::c?$http) return ()if (HTTP::c$http$range_request && !HTTP::is_orig) { return (cat(Analyzer::ANALYZER_HTTP, HTTP::is_orig, HTTP::c$id$orig_h, HTTP::build_url(HTTP::c$http)))}else{ HTTP::mime_depth = HTTP::is_orig ? HTTP::c$http$orig_mime_depth : HTTP::c$http$resp_mime_depthreturn (cat(Analyzer::ANALYZER_HTTP, HTTP::c$start_time, HTTP::is_orig, HTTP::c$http$trans_depth, HTTP::mime_depth, id_string(HTTP::c$id)))}}, describe=HTTP::describe_file{ HTTP::c{ if (HTTP::f$source != HTTP) return ()for ([HTTP::_] in HTTP::f$conns) { if (HTTP::c?$http) return (HTTP::build_url_http(HTTP::c$http))}return ()}}])) -> 0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_IRC_DATA, [get_file_handle=IRC::get_file_handle{ return (cat(Analyzer::ANALYZER_IRC_DATA, IRC::c$start_time, IRC::c$id, IRC::is_orig))}, describe=lambda_<15770440363500096069>{ return ()}])) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::cid, KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::cid] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB_TCP, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::cid, KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::cid] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMB, [get_file_handle=SMB::get_file_handle{ if (!(SMB::c$smb_state?$current_file && (SMB::c$smb_state$current_file?$name || SMB::c$smb_state$current_file?$path))) { return ()}SMB::current_file = SMB::c$smb_state$current_fileSMB::path_name = SMB::current_file?$path ? SMB::current_file$path : SMB::file_name = SMB::current_file?$name ? SMB::current_file$name : SMB::last_mod = cat(SMB::current_file?$times ? SMB::current_file$times$modified_raw : 0)return (hexdump(cat(Analyzer::ANALYZER_SMB, SMB::c$id$orig_h, SMB::c$id$resp_h, SMB::path_name, SMB::file_name, SMB::last_mod)))}, describe=SMB::describe_file{ SMB::cid, SMB::c{ if (SMB::f$source != SMB) return ()for ([SMB::cid] in SMB::f$conns) { if (SMB::c?$smb_state && SMB::c$smb_state?$current_file && SMB::c$smb_state$current_file?$name) return (SMB::c$smb_state$current_file$name)}return ()}}])) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMTP, [get_file_handle=SMTP::get_file_handle{ return (cat(Analyzer::ANALYZER_SMTP, SMTP::c$start_time, SMTP::c$smtp$trans_depth, SMTP::c$smtp_state$mime_depth))}, describe=SMTP::describe_file{ SMTP::cid, SMTP::c{ if (SMTP::f$source != SMTP) return ()for ([SMTP::cid] in SMTP::f$conns) { return (SMTP::describe(SMTP::c$smtp))}return ()}}])) -> -0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SSL, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::cid, SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::cid] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::_] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB_TCP, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::_] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMB, [get_file_handle=SMB::get_file_handle{ if (!(SMB::c$smb_state?$current_file && (SMB::c$smb_state$current_file?$name || SMB::c$smb_state$current_file?$path))) { return ()}SMB::current_file = SMB::c$smb_state$current_fileSMB::path_name = SMB::current_file?$path ? SMB::current_file$path : SMB::file_name = SMB::current_file?$name ? SMB::current_file$name : SMB::last_mod = cat(SMB::current_file?$times ? SMB::current_file$times$modified_raw : 0)return (hexdump(cat(Analyzer::ANALYZER_SMB, SMB::c$id$orig_h, SMB::c$id$resp_h, SMB::path_name, SMB::file_name, SMB::last_mod)))}, describe=SMB::describe_file{ SMB::c{ if (SMB::f$source != SMB) return ()for ([SMB::_] in SMB::f$conns) { if (SMB::c?$smb_state && SMB::c$smb_state?$current_file && SMB::c$smb_state$current_file?$name) return (SMB::c$smb_state$current_file$name)}return ()}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMTP, [get_file_handle=SMTP::get_file_handle{ return (cat(Analyzer::ANALYZER_SMTP, SMTP::c$start_time, SMTP::c$smtp$trans_depth, SMTP::c$smtp_state$mime_depth))}, describe=SMTP::describe_file{ SMTP::c{ if (SMTP::f$source != SMTP) return ()for ([SMTP::_] in SMTP::f$conns) { return (SMTP::describe(SMTP::c$smtp))}return ()}}])) -> +0.000000 MetaHookPost CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SSL, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::_] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) -> 0.000000 MetaHookPost CallFunction(FilteredTraceDetection::should_detect, , ()) -> 0.000000 MetaHookPost CallFunction(Log::__add_filter, , (Broker::LOG, [name=default, writer=Log::WRITER_ASCII, path=broker, path_func=, include=, exclude=, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=lambda_<2528247166937952945>, interv=0 secs, postprocessor=, config={}, policy=])) -> 0.000000 MetaHookPost CallFunction(Log::__add_filter, , (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, path=cluster, path_func=, include=, exclude=, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=lambda_<2528247166937952945>, interv=0 secs, postprocessor=, config={}, policy=])) -> @@ -1694,15 +1694,15 @@ 0.000000 MetaHookPre CallFunction(Files::register_for_mime_type, , (Files::ANALYZER_X509, application/x-x509-ca-cert)) 0.000000 MetaHookPre CallFunction(Files::register_for_mime_type, , (Files::ANALYZER_X509, application/x-x509-user-cert)) 0.000000 MetaHookPre CallFunction(Files::register_for_mime_types, , (Files::ANALYZER_PE, {application/x-dosexec})) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_DTLS, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::cid, SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::cid] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_FTP_DATA, [get_file_handle=FTP::get_file_handle{ if (!FTP::c$id$resp_h, FTP::c$id$resp_p in FTP::ftp_data_expected) return ()return (cat(Analyzer::ANALYZER_FTP_DATA, FTP::c$start_time, FTP::c$id, FTP::is_orig))}, describe=FTP::describe_file{ FTP::cid, FTP::c{ if (FTP::f$source != FTP) return ()for ([FTP::cid] in FTP::f$conns) { if (FTP::c?$ftp) return (FTP::describe(FTP::c$ftp))}return ()}}])) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_HTTP, [get_file_handle=HTTP::get_file_handle{ if (!HTTP::c?$http) return ()if (HTTP::c$http$range_request && !HTTP::is_orig) { return (cat(Analyzer::ANALYZER_HTTP, HTTP::is_orig, HTTP::c$id$orig_h, HTTP::build_url(HTTP::c$http)))}else{ HTTP::mime_depth = HTTP::is_orig ? HTTP::c$http$orig_mime_depth : HTTP::c$http$resp_mime_depthreturn (cat(Analyzer::ANALYZER_HTTP, HTTP::c$start_time, HTTP::is_orig, HTTP::c$http$trans_depth, HTTP::mime_depth, id_string(HTTP::c$id)))}}, describe=HTTP::describe_file{ HTTP::cid, HTTP::c{ if (HTTP::f$source != HTTP) return ()for ([HTTP::cid] in HTTP::f$conns) { if (HTTP::c?$http) return (HTTP::build_url_http(HTTP::c$http))}return ()}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_DTLS, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::_] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_FTP_DATA, [get_file_handle=FTP::get_file_handle{ if (!FTP::c$id$resp_h, FTP::c$id$resp_p in FTP::ftp_data_expected) return ()return (cat(Analyzer::ANALYZER_FTP_DATA, FTP::c$start_time, FTP::c$id, FTP::is_orig))}, describe=FTP::describe_file{ FTP::c{ if (FTP::f$source != FTP) return ()for ([FTP::_] in FTP::f$conns) { if (FTP::c?$ftp) return (FTP::describe(FTP::c$ftp))}return ()}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_HTTP, [get_file_handle=HTTP::get_file_handle{ if (!HTTP::c?$http) return ()if (HTTP::c$http$range_request && !HTTP::is_orig) { return (cat(Analyzer::ANALYZER_HTTP, HTTP::is_orig, HTTP::c$id$orig_h, HTTP::build_url(HTTP::c$http)))}else{ HTTP::mime_depth = HTTP::is_orig ? HTTP::c$http$orig_mime_depth : HTTP::c$http$resp_mime_depthreturn (cat(Analyzer::ANALYZER_HTTP, HTTP::c$start_time, HTTP::is_orig, HTTP::c$http$trans_depth, HTTP::mime_depth, id_string(HTTP::c$id)))}}, describe=HTTP::describe_file{ HTTP::c{ if (HTTP::f$source != HTTP) return ()for ([HTTP::_] in HTTP::f$conns) { if (HTTP::c?$http) return (HTTP::build_url_http(HTTP::c$http))}return ()}}])) 0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_IRC_DATA, [get_file_handle=IRC::get_file_handle{ return (cat(Analyzer::ANALYZER_IRC_DATA, IRC::c$start_time, IRC::c$id, IRC::is_orig))}, describe=lambda_<15770440363500096069>{ return ()}])) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::cid, KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::cid] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB_TCP, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::cid, KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::cid] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMB, [get_file_handle=SMB::get_file_handle{ if (!(SMB::c$smb_state?$current_file && (SMB::c$smb_state$current_file?$name || SMB::c$smb_state$current_file?$path))) { return ()}SMB::current_file = SMB::c$smb_state$current_fileSMB::path_name = SMB::current_file?$path ? SMB::current_file$path : SMB::file_name = SMB::current_file?$name ? SMB::current_file$name : SMB::last_mod = cat(SMB::current_file?$times ? SMB::current_file$times$modified_raw : 0)return (hexdump(cat(Analyzer::ANALYZER_SMB, SMB::c$id$orig_h, SMB::c$id$resp_h, SMB::path_name, SMB::file_name, SMB::last_mod)))}, describe=SMB::describe_file{ SMB::cid, SMB::c{ if (SMB::f$source != SMB) return ()for ([SMB::cid] in SMB::f$conns) { if (SMB::c?$smb_state && SMB::c$smb_state?$current_file && SMB::c$smb_state$current_file?$name) return (SMB::c$smb_state$current_file$name)}return ()}}])) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMTP, [get_file_handle=SMTP::get_file_handle{ return (cat(Analyzer::ANALYZER_SMTP, SMTP::c$start_time, SMTP::c$smtp$trans_depth, SMTP::c$smtp_state$mime_depth))}, describe=SMTP::describe_file{ SMTP::cid, SMTP::c{ if (SMTP::f$source != SMTP) return ()for ([SMTP::cid] in SMTP::f$conns) { return (SMTP::describe(SMTP::c$smtp))}return ()}}])) -0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SSL, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::cid, SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::cid] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::_] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_KRB_TCP, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::_] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMB, [get_file_handle=SMB::get_file_handle{ if (!(SMB::c$smb_state?$current_file && (SMB::c$smb_state$current_file?$name || SMB::c$smb_state$current_file?$path))) { return ()}SMB::current_file = SMB::c$smb_state$current_fileSMB::path_name = SMB::current_file?$path ? SMB::current_file$path : SMB::file_name = SMB::current_file?$name ? SMB::current_file$name : SMB::last_mod = cat(SMB::current_file?$times ? SMB::current_file$times$modified_raw : 0)return (hexdump(cat(Analyzer::ANALYZER_SMB, SMB::c$id$orig_h, SMB::c$id$resp_h, SMB::path_name, SMB::file_name, SMB::last_mod)))}, describe=SMB::describe_file{ SMB::c{ if (SMB::f$source != SMB) return ()for ([SMB::_] in SMB::f$conns) { if (SMB::c?$smb_state && SMB::c$smb_state?$current_file && SMB::c$smb_state$current_file?$name) return (SMB::c$smb_state$current_file$name)}return ()}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SMTP, [get_file_handle=SMTP::get_file_handle{ return (cat(Analyzer::ANALYZER_SMTP, SMTP::c$start_time, SMTP::c$smtp$trans_depth, SMTP::c$smtp_state$mime_depth))}, describe=SMTP::describe_file{ SMTP::c{ if (SMTP::f$source != SMTP) return ()for ([SMTP::_] in SMTP::f$conns) { return (SMTP::describe(SMTP::c$smtp))}return ()}}])) +0.000000 MetaHookPre CallFunction(Files::register_protocol, , (Analyzer::ANALYZER_SSL, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::_] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}])) 0.000000 MetaHookPre CallFunction(FilteredTraceDetection::should_detect, , ()) 0.000000 MetaHookPre CallFunction(Log::__add_filter, , (Broker::LOG, [name=default, writer=Log::WRITER_ASCII, path=broker, path_func=, include=, exclude=, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=lambda_<2528247166937952945>, interv=0 secs, postprocessor=, config={}, policy=])) 0.000000 MetaHookPre CallFunction(Log::__add_filter, , (Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, path=cluster, path_func=, include=, exclude=, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=lambda_<2528247166937952945>, interv=0 secs, postprocessor=, config={}, policy=])) @@ -3208,15 +3208,15 @@ 0.000000 | HookCallFunction Files::register_for_mime_type(Files::ANALYZER_X509, application/x-x509-ca-cert) 0.000000 | HookCallFunction Files::register_for_mime_type(Files::ANALYZER_X509, application/x-x509-user-cert) 0.000000 | HookCallFunction Files::register_for_mime_types(Files::ANALYZER_PE, {application/x-dosexec}) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_DTLS, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::cid, SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::cid] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}]) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_FTP_DATA, [get_file_handle=FTP::get_file_handle{ if (!FTP::c$id$resp_h, FTP::c$id$resp_p in FTP::ftp_data_expected) return ()return (cat(Analyzer::ANALYZER_FTP_DATA, FTP::c$start_time, FTP::c$id, FTP::is_orig))}, describe=FTP::describe_file{ FTP::cid, FTP::c{ if (FTP::f$source != FTP) return ()for ([FTP::cid] in FTP::f$conns) { if (FTP::c?$ftp) return (FTP::describe(FTP::c$ftp))}return ()}}]) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_HTTP, [get_file_handle=HTTP::get_file_handle{ if (!HTTP::c?$http) return ()if (HTTP::c$http$range_request && !HTTP::is_orig) { return (cat(Analyzer::ANALYZER_HTTP, HTTP::is_orig, HTTP::c$id$orig_h, HTTP::build_url(HTTP::c$http)))}else{ HTTP::mime_depth = HTTP::is_orig ? HTTP::c$http$orig_mime_depth : HTTP::c$http$resp_mime_depthreturn (cat(Analyzer::ANALYZER_HTTP, HTTP::c$start_time, HTTP::is_orig, HTTP::c$http$trans_depth, HTTP::mime_depth, id_string(HTTP::c$id)))}}, describe=HTTP::describe_file{ HTTP::cid, HTTP::c{ if (HTTP::f$source != HTTP) return ()for ([HTTP::cid] in HTTP::f$conns) { if (HTTP::c?$http) return (HTTP::build_url_http(HTTP::c$http))}return ()}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_DTLS, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::_] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_FTP_DATA, [get_file_handle=FTP::get_file_handle{ if (!FTP::c$id$resp_h, FTP::c$id$resp_p in FTP::ftp_data_expected) return ()return (cat(Analyzer::ANALYZER_FTP_DATA, FTP::c$start_time, FTP::c$id, FTP::is_orig))}, describe=FTP::describe_file{ FTP::c{ if (FTP::f$source != FTP) return ()for ([FTP::_] in FTP::f$conns) { if (FTP::c?$ftp) return (FTP::describe(FTP::c$ftp))}return ()}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_HTTP, [get_file_handle=HTTP::get_file_handle{ if (!HTTP::c?$http) return ()if (HTTP::c$http$range_request && !HTTP::is_orig) { return (cat(Analyzer::ANALYZER_HTTP, HTTP::is_orig, HTTP::c$id$orig_h, HTTP::build_url(HTTP::c$http)))}else{ HTTP::mime_depth = HTTP::is_orig ? HTTP::c$http$orig_mime_depth : HTTP::c$http$resp_mime_depthreturn (cat(Analyzer::ANALYZER_HTTP, HTTP::c$start_time, HTTP::is_orig, HTTP::c$http$trans_depth, HTTP::mime_depth, id_string(HTTP::c$id)))}}, describe=HTTP::describe_file{ HTTP::c{ if (HTTP::f$source != HTTP) return ()for ([HTTP::_] in HTTP::f$conns) { if (HTTP::c?$http) return (HTTP::build_url_http(HTTP::c$http))}return ()}}]) 0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_IRC_DATA, [get_file_handle=IRC::get_file_handle{ return (cat(Analyzer::ANALYZER_IRC_DATA, IRC::c$start_time, IRC::c$id, IRC::is_orig))}, describe=lambda_<15770440363500096069>{ return ()}]) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_KRB, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::cid, KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::cid] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}]) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_KRB_TCP, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::cid, KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::cid] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}]) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_SMB, [get_file_handle=SMB::get_file_handle{ if (!(SMB::c$smb_state?$current_file && (SMB::c$smb_state$current_file?$name || SMB::c$smb_state$current_file?$path))) { return ()}SMB::current_file = SMB::c$smb_state$current_fileSMB::path_name = SMB::current_file?$path ? SMB::current_file$path : SMB::file_name = SMB::current_file?$name ? SMB::current_file$name : SMB::last_mod = cat(SMB::current_file?$times ? SMB::current_file$times$modified_raw : 0)return (hexdump(cat(Analyzer::ANALYZER_SMB, SMB::c$id$orig_h, SMB::c$id$resp_h, SMB::path_name, SMB::file_name, SMB::last_mod)))}, describe=SMB::describe_file{ SMB::cid, SMB::c{ if (SMB::f$source != SMB) return ()for ([SMB::cid] in SMB::f$conns) { if (SMB::c?$smb_state && SMB::c$smb_state?$current_file && SMB::c$smb_state$current_file?$name) return (SMB::c$smb_state$current_file$name)}return ()}}]) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_SMTP, [get_file_handle=SMTP::get_file_handle{ return (cat(Analyzer::ANALYZER_SMTP, SMTP::c$start_time, SMTP::c$smtp$trans_depth, SMTP::c$smtp_state$mime_depth))}, describe=SMTP::describe_file{ SMTP::cid, SMTP::c{ if (SMTP::f$source != SMTP) return ()for ([SMTP::cid] in SMTP::f$conns) { return (SMTP::describe(SMTP::c$smtp))}return ()}}]) -0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_SSL, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::cid, SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::cid] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_KRB, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::_] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_KRB_TCP, [get_file_handle=KRB::get_file_handle{ return ()}, describe=KRB::describe_file{ KRB::c{ if (KRB::f$source != KRB_TCP && KRB::f$source != KRB) return ()if (!KRB::f?$info || !KRB::f$info?$x509 || !KRB::f$info$x509?$certificate) return ()for ([KRB::_] in KRB::f$conns) { if (KRB::c?$krb) { return (cat(KRB::c$id$resp_h, :, KRB::c$id$resp_p))}}return (cat(Serial: , KRB::f$info$x509$certificate$serial, Subject: , KRB::f$info$x509$certificate$subject, Issuer: , KRB::f$info$x509$certificate$issuer))}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_SMB, [get_file_handle=SMB::get_file_handle{ if (!(SMB::c$smb_state?$current_file && (SMB::c$smb_state$current_file?$name || SMB::c$smb_state$current_file?$path))) { return ()}SMB::current_file = SMB::c$smb_state$current_fileSMB::path_name = SMB::current_file?$path ? SMB::current_file$path : SMB::file_name = SMB::current_file?$name ? SMB::current_file$name : SMB::last_mod = cat(SMB::current_file?$times ? SMB::current_file$times$modified_raw : 0)return (hexdump(cat(Analyzer::ANALYZER_SMB, SMB::c$id$orig_h, SMB::c$id$resp_h, SMB::path_name, SMB::file_name, SMB::last_mod)))}, describe=SMB::describe_file{ SMB::c{ if (SMB::f$source != SMB) return ()for ([SMB::_] in SMB::f$conns) { if (SMB::c?$smb_state && SMB::c$smb_state?$current_file && SMB::c$smb_state$current_file?$name) return (SMB::c$smb_state$current_file$name)}return ()}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_SMTP, [get_file_handle=SMTP::get_file_handle{ return (cat(Analyzer::ANALYZER_SMTP, SMTP::c$start_time, SMTP::c$smtp$trans_depth, SMTP::c$smtp_state$mime_depth))}, describe=SMTP::describe_file{ SMTP::c{ if (SMTP::f$source != SMTP) return ()for ([SMTP::_] in SMTP::f$conns) { return (SMTP::describe(SMTP::c$smtp))}return ()}}]) +0.000000 | HookCallFunction Files::register_protocol(Analyzer::ANALYZER_SSL, [get_file_handle=SSL::get_file_handle{ return ()}, describe=SSL::describe_file{ SSL::c{ if (SSL::f$source != SSL || !SSL::f?$info || !SSL::f$info?$x509 || !SSL::f$info$x509?$certificate) return ()for ([SSL::_] in SSL::f$conns) { if (SSL::c?$ssl) { return (cat(SSL::c$id$resp_h, :, SSL::c$id$resp_p))}}return (cat(Serial: , SSL::f$info$x509$certificate$serial, Subject: , SSL::f$info$x509$certificate$subject, Issuer: , SSL::f$info$x509$certificate$issuer))}}]) 0.000000 | HookCallFunction FilteredTraceDetection::should_detect() 0.000000 | HookCallFunction Log::__add_filter(Broker::LOG, [name=default, writer=Log::WRITER_ASCII, path=broker, path_func=, include=, exclude=, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=lambda_<2528247166937952945>, interv=0 secs, postprocessor=, config={}, policy=]) 0.000000 | HookCallFunction Log::__add_filter(Cluster::LOG, [name=default, writer=Log::WRITER_ASCII, path=cluster, path_func=, include=, exclude=, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=lambda_<2528247166937952945>, interv=0 secs, postprocessor=, config={}, policy=]) diff --git a/testing/btest/language/blank-expr-errors.zeek b/testing/btest/language/blank-expr-errors.zeek new file mode 100644 index 0000000000..6d786bf49f --- /dev/null +++ b/testing/btest/language/blank-expr-errors.zeek @@ -0,0 +1,54 @@ +# @TEST-DOC: Do not allow to reference the blank identifier. + +# @TEST-EXEC-FAIL: zeek -b %INPUT +# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff .stderr +event zeek_init() + { + local vec = vector( "1", "2", "3" ); + for ( _, v in vec ) + print _; + } + +@TEST-START-NEXT +event zeek_init() + { + local _ = vector( "1", "2", "3" ); + print _; + } + +@TEST-START-NEXT +# Ensure it does not work in a module, either. +module MyModule; +event zeek_init() + { + local _ = vector( "1", "2", "3" ); + print _; + } + +@TEST-START-NEXT +# Ensure _ can not referenced when it's a const in an export section. +# Adding the const _ isn't an error though. +module MyModule; + +export { + const _: count = 1; +} + +event zeek_init() + { + print MyModule::_; + } + +@TEST-START-NEXT +# Ensure it does not work in a function. +module MyModule; +function helper() + { + local _ = vector( "1", "2", "3" ); + print _; + } + +event zeek_init() + { + helper(); + } diff --git a/testing/btest/language/blank-for.zeek b/testing/btest/language/blank-for.zeek new file mode 100644 index 0000000000..ee584aa82b --- /dev/null +++ b/testing/btest/language/blank-for.zeek @@ -0,0 +1,70 @@ +# @TEST-DOC: Some blank identifier tests iterating over vectors, tables and strings. +# @TEST-EXEC: zeek -b %INPUT > output +# @TEST-EXEC: btest-diff output +event zeek_init() + { + local vec = vector("a", "b", "c"); + local t1 = table(["keya"] = "a", ["keyb"] = "b", ["keyc"] = "c"); + local t2 = table(["a",1,T] = "a1a", ["b",2,F] = "b2b", ["c",3,T] = "c3c"); + local s = "the string"; + + # Ignore just the index. + print "== vec 1"; + for ( _, v in vec ) + print v; + + # Ignore just the value. + print "== vec 2"; + local idxsum = 0; + for ( idx, _ in vec ) + idxsum += idx; + print "idxsum(vec)", idxsum; + + # Ignore index and value + print "== vec 3"; + local veclen = 0; + for ( _, _ in vec ) + ++veclen; + print "veclen(vec)", veclen; + + # Ignore just the key + print "== t1 1"; + for ( _, v in t1 ) + print v; + + # Ignore just the value + print "== t1 2"; + for ( k, _ in t1 ) + print k; + + # Ignore index and value + local t1len = 0; + print "== t1 3"; + for ( _, _ in t1 ) + ++t1len; + print "t1len", t1len; + + # Ignore part of the index and the value. + print "== t2 1"; + for ( [_,c,_], v in t2 ) + print c, v; + + # Ignore part of the index and the value. + print "== t2 2"; + for ( [t2a,_,t2b], _ in t2 ) + print t2a, t2b; + + # Ignore the whole index with a single _ + print "== t2 3"; + local t2concat = ""; + for ( _, v in t2 ) + t2concat += v; + print "t2concat", t2concat; + + # String iteration ignoring the value + print "== s"; + local i = 0; + for ( _ in s ) + ++i; + print "strlen(s)", i; + } diff --git a/testing/btest/language/blank-local.zeek b/testing/btest/language/blank-local.zeek new file mode 100644 index 0000000000..edede48d08 --- /dev/null +++ b/testing/btest/language/blank-local.zeek @@ -0,0 +1,29 @@ +# @TEST-DOC: Locals work with the blank identifier, but can not be referenced. + +# @TEST-EXEC: zeek -b %INPUT +# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff .stderr +event zeek_init() + { + local _ = "1"; + } + +#@TEST-START-NEXT +event zeek_init() + { + local _: string = "1"; + local _: count = 1; + } + +#@TEST-START-NEXT +event zeek_init() + { + local _: string = "1"; + const _: count = 1; + } + +#@TEST-START-NEXT +event zeek_init() + { + const _: string = "1"; + const _: count = 1; + } diff --git a/testing/btest/language/blank-option-error.zeek b/testing/btest/language/blank-option-error.zeek new file mode 100644 index 0000000000..9354863077 --- /dev/null +++ b/testing/btest/language/blank-option-error.zeek @@ -0,0 +1,10 @@ +# @TEST-DOC: Do not allow blank options. + +# @TEST-EXEC-FAIL: zeek -b %INPUT +# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff .stderr + +module MyModule; + +export { + option _: count = 42; +}