Actions
Bug #5196
openSuricata test mode should fail when there are invalid config values
Affected Versions:
Effort:
Difficulty:
Label:
Description
Suricata should fail for all config value issues where an error message is printed.
There are some places where this exists already:
/** set config values for memcap, prealloc and hash_size */ if ((ConfGet("app-layer.protocols.ftp.memcap", &conf_val)) == 1) { if (ParseSizeStringU64(conf_val, &ftp_config_memcap) < 0) { SCLogError(SC_ERR_SIZE_PARSE, "Error parsing ftp.memcap " "from conf file - %s. Killing engine", conf_val); exit(EXIT_FAILURE); }
However, there are many places that log the error and continue:
ConfNode *p = ConfGetNode("app-layer.protocols.smb.stream-depth"); if (p != NULL) { uint32_t value; if (ParseSizeStringU32(p->val, &value) < 0) { SCLogError(SC_ERR_SMB_CONFIG, "invalid value for stream-depth %s", p->val); } else { stream_depth = value; } }
I suggest we add an interface like SCLogConfigError
void SCLogConfigError(args) { SCLogError(args) if (in-test-mode) exit(1) }
Actions