Actions
Bug #5196
openconfig: test mode should fail when there are invalid config values
Affected Versions:
Effort:
Difficulty:
Label:
Description
Suricata should fail for all config value issues where an error message is printed.
There are some places where this exists already:
/** set config values for memcap, prealloc and hash_size */
if ((ConfGet("app-layer.protocols.ftp.memcap", &conf_val)) == 1)
{
if (ParseSizeStringU64(conf_val, &ftp_config_memcap) < 0) {
SCLogError(SC_ERR_SIZE_PARSE, "Error parsing ftp.memcap "
"from conf file - %s. Killing engine",
conf_val);
exit(EXIT_FAILURE);
}
However, there are many places that log the error and continue:
ConfNode *p = ConfGetNode("app-layer.protocols.smb.stream-depth");
if (p != NULL) {
uint32_t value;
if (ParseSizeStringU32(p->val, &value) < 0) {
SCLogError(SC_ERR_SMB_CONFIG, "invalid value for stream-depth %s", p->val);
} else {
stream_depth = value;
}
}
I suggest we add an interface like SCLogConfigError
void SCLogConfigError(args)
{
SCLogError(args)
if (in-test-mode)
exit(1)
}
Updated by Victor Julien about 3 years ago
- Target version changed from 7.0.0-beta1 to 7.0.0-rc1
Updated by Victor Julien almost 3 years ago
- Target version changed from 7.0.0-rc1 to 8.0.0-beta1
Updated by Victor Julien 9 months ago
- Subject changed from Suricata test mode should fail when there are invalid config values to config: test mode should fail when there are invalid config values
- Priority changed from Normal to Low
Unlikely we'll get to this in 8.
Updated by Victor Julien 9 months ago
- Related to Optimization #6652: Configuration values trigger error instead of warning messages added
Updated by Victor Julien 8 months ago
- Target version changed from 8.0.0-beta1 to 9.0.0-beta1
Actions