unit_tests/check_matchers.c: add tests for cli_(ac|bm)_scanbuff

git-svn: trunk@4091

ChangeLog

@@ -1,3 +1,7 @@
+Thu Aug  7 14:27:44 CEST 2008 (tk)
+----------------------------------
+  * unit_tests/check_matchers.c: add tests for cli_(ac|bm)_scanbuff
+
 Wed Aug  6 02:15:39 CEST 2008 (acab)
 ------------------------------------
   * libclamav/unzip.c: fix incorrect debug spam which misleaded poor sigmakers

libclamav/libclamav.map

@@ -108,6 +108,16 @@ CLAMAV_PRIVATE {
     uniq_add;
     uniq_get;
     cli_hex2str;
+    cli_ac_init;
+    cli_ac_initdata;
+    cli_ac_buildtrie;
+    cli_ac_scanbuff;
+    cli_ac_freedata;
+    cli_ac_free;
+    cli_parse_add;
+    cli_bm_init;
+    cli_bm_scanbuff;
+    cli_bm_free;
   local:
     *;
 };

libclamav/readdb.c

@@ -140,7 +140,7 @@ char *cli_virname(char *virname, unsigned int official, unsigned int allocated)
     return virname;
 }
 
-static int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hexsig, uint16_t rtype, uint16_t type, const char *offset, uint8_t target, const uint32_t *lsigid, unsigned int options)
+int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hexsig, uint16_t rtype, uint16_t type, const char *offset, uint8_t target, const uint32_t *lsigid, unsigned int options)
 {
 	struct cli_bm_patt *bm_new;
 	char *pt, *hexcpy, *start, *n;

libclamav/readdb.h

@@ -55,6 +55,8 @@
 
 char *cli_virname(char *virname, unsigned int official, unsigned int allocated);
 
+int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hexsig, uint16_t rtype, uint16_t type, const char *offset, uint8_t target, const uint32_t *lsigid, unsigned int options);
+
 int cli_initengine(struct cl_engine **engine, unsigned int options);
 
 int cli_load(const char *filename, struct cl_engine **engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio);

unit_tests/Makefile.am

@@ -16,7 +16,7 @@ else
 check_PROGRAMS = $(programs)
 check_SCRIPTS = $(scripts)
 endif
-check_clamav_SOURCES = check_clamav.c check_jsnorm.c check_str.c check_regex.c checks.h $(top_builddir)/libclamav/clamav.h check_disasm.c check_uniq.c
+check_clamav_SOURCES = check_clamav.c check_jsnorm.c check_str.c check_regex.c checks.h $(top_builddir)/libclamav/clamav.h check_disasm.c check_uniq.c check_matchers.c
 check_clamav_CFLAGS = @CHECK_CFLAGS@ -DSRCDIR=\"$(abs_srcdir)\"
 check_clamav_LDADD = $(top_builddir)/libclamav/libclamav.la @THREAD_LIBS@ @CHECK_LIBS@
 

unit_tests/Makefile.in

@@ -59,7 +59,8 @@ am_check_clamav_OBJECTS = check_clamav-check_clamav.$(OBJEXT) \
 	check_clamav-check_str.$(OBJEXT) \
 	check_clamav-check_regex.$(OBJEXT) \
 	check_clamav-check_disasm.$(OBJEXT) \
-	check_clamav-check_uniq.$(OBJEXT)
+	check_clamav-check_uniq.$(OBJEXT) \
+	check_clamav-check_matchers.$(OBJEXT)
 check_clamav_OBJECTS = $(am_check_clamav_OBJECTS)
 check_clamav_DEPENDENCIES = $(top_builddir)/libclamav/libclamav.la
 check_clamav_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
@@ -225,7 +226,7 @@ programs = check_clamav
 scripts = check_clamd.sh check_freshclam.sh check_sigtool.sh check_clamscan.sh valgrind_tests.sh
 @ENABLE_UT_INSTALL_TRUE@dist_bin_SCRIPTS = $(scripts)
 @ENABLE_UT_INSTALL_FALSE@check_SCRIPTS = $(scripts)
-check_clamav_SOURCES = check_clamav.c check_jsnorm.c check_str.c check_regex.c checks.h $(top_builddir)/libclamav/clamav.h check_disasm.c check_uniq.c
+check_clamav_SOURCES = check_clamav.c check_jsnorm.c check_str.c check_regex.c checks.h $(top_builddir)/libclamav/clamav.h check_disasm.c check_uniq.c check_matchers.c
 check_clamav_CFLAGS = @CHECK_CFLAGS@ -DSRCDIR=\"$(abs_srcdir)\"
 check_clamav_LDADD = $(top_builddir)/libclamav/libclamav.la @THREAD_LIBS@ @CHECK_LIBS@
 CLEANFILES = lcov.out *.gcno *.gcda *.log clamd-test.socket /tmp/clamd-test.log $(FILES) test-stderr.log clamscan.log valgrind.log clamdscan.log
@@ -367,6 +368,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_clamav-check_clamav.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_clamav-check_disasm.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_clamav-check_jsnorm.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_clamav-check_matchers.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_clamav-check_regex.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_clamav-check_str.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_clamav-check_uniq.Po@am__quote@
@@ -476,6 +478,20 @@ check_clamav-check_uniq.obj: check_uniq.c
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(check_clamav_CFLAGS) $(CFLAGS) -c -o check_clamav-check_uniq.obj `if test -f 'check_uniq.c'; then $(CYGPATH_W) 'check_uniq.c'; else $(CYGPATH_W) '$(srcdir)/check_uniq.c'; fi`
 
+check_clamav-check_matchers.o: check_matchers.c
+@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(check_clamav_CFLAGS) $(CFLAGS) -MT check_clamav-check_matchers.o -MD -MP -MF $(DEPDIR)/check_clamav-check_matchers.Tpo -c -o check_clamav-check_matchers.o `test -f 'check_matchers.c' || echo '$(srcdir)/'`check_matchers.c
+@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/check_clamav-check_matchers.Tpo $(DEPDIR)/check_clamav-check_matchers.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='check_matchers.c' object='check_clamav-check_matchers.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(check_clamav_CFLAGS) $(CFLAGS) -c -o check_clamav-check_matchers.o `test -f 'check_matchers.c' || echo '$(srcdir)/'`check_matchers.c
+
+check_clamav-check_matchers.obj: check_matchers.c
+@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(check_clamav_CFLAGS) $(CFLAGS) -MT check_clamav-check_matchers.obj -MD -MP -MF $(DEPDIR)/check_clamav-check_matchers.Tpo -c -o check_clamav-check_matchers.obj `if test -f 'check_matchers.c'; then $(CYGPATH_W) 'check_matchers.c'; else $(CYGPATH_W) '$(srcdir)/check_matchers.c'; fi`
+@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/check_clamav-check_matchers.Tpo $(DEPDIR)/check_clamav-check_matchers.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='check_matchers.c' object='check_clamav-check_matchers.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(check_clamav_CFLAGS) $(CFLAGS) -c -o check_clamav-check_matchers.obj `if test -f 'check_matchers.c'; then $(CYGPATH_W) 'check_matchers.c'; else $(CYGPATH_W) '$(srcdir)/check_matchers.c'; fi`
+
 mostlyclean-libtool:
 	-rm -f *.lo
 

unit_tests/check_clamav.c

@@ -346,6 +346,7 @@ int main(int argc, char **argv)
     srunner_add_suite(sr, test_regex_suite());
     srunner_add_suite(sr, test_disasm_suite());
     srunner_add_suite(sr, test_uniq_suite());
+    srunner_add_suite(sr, test_matchers_suite());
 
     srunner_set_log(sr, "test.log");
     if(freopen("test-stderr.log","w+",stderr) == NULL) {

unit_tests/check_matchers.c

@@ -0,0 +1,129 @@
+/*
+ *  Copyright (C) 2008 Sourcefire, Inc.
+ *
+ *  Authors: Tomasz Kojm
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+#if HAVE_CONFIG_H
+#include "clamav-config.h"
+#endif
+
+#ifdef HAVE_CHECK
+
+#include <check.h>
+#include <stdio.h>
+
+#include "../libclamav/clamav.h"
+#include "../libclamav/readdb.h"
+#include "../libclamav/matcher.h"
+#include "../libclamav/matcher-ac.h"
+#include "../libclamav/matcher-bm.h"
+#include "checks.h"
+
+static const struct ac_testdata_s {
+    const char *data;
+    const char *hexsig;
+    const char *virname;
+} ac_testdata[] = {
+    /* IMPORTANT: ac_testdata[i].hexsig should only match ac_testdata[i].data */
+    { "daaaaaaaaddbbbbbcce", "64[4-4]61616161{2}6262[3-6]65", "Test_1" },
+    { "ebbbbbbbbeecccccddf", "6262(6162|6364|6265|6465){2}6363", "Test_2" },
+    { "aaaabbbbcccccdddddeeee", "616161*63636363*6565", "Test_3" },
+    { "oprstuwxy","6f??727374????7879", "Test_4" },
+    { "abdcabcddabccadbbdbacb", "6463{2-3}64646162(63|64|65)6361*6462????6261{-1}6362", "Test_5" },
+    { "abcdefghijkabcdefghijk", "62????65666768*696a6b6162{2-3}656667[1-3]6b", "Test_6" },
+    { "abcadbabcadbabcacb", "6?6164?26?62{3}?26162?361", "Test_7" },
+
+    { NULL, NULL, NULL}
+};
+
+START_TEST (test_ac_scanbuff) {
+	struct cli_matcher *root;
+	struct cli_ac_data mdata;
+	const char *virname = NULL;
+	unsigned int i;
+	int ret;
+
+
+    root = (struct cli_matcher *) cli_calloc(1, sizeof(struct cli_matcher));
+    fail_unless(root != NULL, "root == NULL");
+    root->ac_only = 1;
+
+    ret = cli_ac_init(root, AC_DEFAULT_MIN_DEPTH, AC_DEFAULT_MAX_DEPTH);
+    fail_unless(ret == CL_SUCCESS, "cli_ac_init() failed");
+
+    for(i = 0; ac_testdata[i].data; i++) {
+	ret = cli_parse_add(root, ac_testdata[i].virname, ac_testdata[i].hexsig, 0, 0, NULL, 0, NULL, 0);
+	fail_unless(ret == CL_SUCCESS, "cli_parse_add() failed");
+    }
+
+    ret = cli_ac_buildtrie(root);
+    fail_unless(ret == CL_SUCCESS, "cli_ac_buildtrie() failed");
+
+    ret = cli_ac_initdata(&mdata, root->ac_partsigs, 0, AC_DEFAULT_TRACKLEN);
+    fail_unless(ret == CL_SUCCESS, "cli_ac_initdata() failed");
+
+    for(i = 0; ac_testdata[i].data; i++) {
+	ret = cli_ac_scanbuff(ac_testdata[i].data, strlen(ac_testdata[i].data), &virname, NULL, NULL, root, &mdata, 0, 0, -1, NULL, AC_SCAN_VIR, NULL);
+	fail_unless(ret == CL_VIRUS, "cli_ac_scanbuff() failed for %s", ac_testdata[i].virname);
+	fail_unless(!strncmp(virname, ac_testdata[i].virname, strlen(ac_testdata[i].virname)), "Dataset %u matched with %s", i, virname);
+    }
+
+    cli_ac_freedata(&mdata);
+    cli_ac_free(root);
+    free(root);
+}
+END_TEST
+
+START_TEST (test_bm_scanbuff) {
+	struct cli_matcher *root;
+	const char *virname = NULL;
+	int ret;
+
+
+    root = (struct cli_matcher *) cli_calloc(1, sizeof(struct cli_matcher));
+    fail_unless(root != NULL, "root == NULL");
+
+    ret = cli_bm_init(root);
+    fail_unless(ret == CL_SUCCESS, "cli_bm_init() failed");
+
+    ret = cli_parse_add(root, "Sig1", "deadbabe", 0, 0, NULL, 0, NULL, 0);
+    fail_unless(ret == CL_SUCCESS, "cli_parse_add() failed");
+    ret = cli_parse_add(root, "Sig2", "deadbeef", 0, 0, NULL, 0, NULL, 0);
+    fail_unless(ret == CL_SUCCESS, "cli_parse_add() failed");
+    ret = cli_parse_add(root, "Sig3", "babedead", 0, 0, NULL, 0, NULL, 0);
+    fail_unless(ret == CL_SUCCESS, "cli_parse_add() failed");
+
+    ret = cli_bm_scanbuff("blah\xde\xad\xbe\xef", 12, &virname, root, 0, 0, -1);
+    fail_unless(ret == CL_VIRUS, "cli_bm_scanbuff() failed");
+    fail_unless(!strncmp(virname, "Sig2", 4), "Incorrect signature matched in cli_bm_scanbuff()\n");
+    cli_bm_free(root);
+    free(root);
+}
+END_TEST
+
+Suite *test_matchers_suite(void)
+{
+    Suite *s = suite_create("matchers");
+    TCase *tc_matchers;
+    tc_matchers = tcase_create("matchers");
+    suite_add_tcase(s, tc_matchers);
+    tcase_add_test(tc_matchers, test_ac_scanbuff);
+    tcase_add_test(tc_matchers, test_bm_scanbuff);
+    return s;
+}
+
+#endif

unit_tests/checks.h

@@ -5,6 +5,7 @@ Suite *test_str_suite(void);
 Suite *test_regex_suite(void);
 Suite *test_disasm_suite(void);
 Suite *test_uniq_suite(void);
+Suite *test_matchers_suite(void);
 void errmsg_expected(void);
 int open_testfile(const char *name);
 #endif