gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

framework work well

Browse Source
This commit is contained in:
liuwentan
2022-11-25 16:32:29 +08:00
parent 2a83517894
commit 7e6d131c9e
51 changed files with 3499 additions and 3139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
test/CMakeLists.txt
View File

@@ -1,11 +1,16 @@
include_directories(${PROJECT_SOURCE_DIR}/src/inc_internal)
include_directories(${PROJECT_SOURCE_DIR}/deps)
include_directories(${PROJECT_SOURCE_DIR}/scanner)
add_executable(maat_api_gtest maat_api_gtest.cpp)
target_link_libraries(maat_api_gtest maat_frame_static gtest_static)
add_executable(adapter_hs_gtest adapter_hs_gtest.cpp)
target_link_libraries(adapter_hs_gtest maat_frame_static gtest_static)
add_executable(rcu_hash_gtest rcu_hash_gtest.cpp)
target_link_libraries(rcu_hash_gtest maat_frame_static gtest_static)
target_link_libraries(rcu_hash_gtest maat_frame_static gtest_static)
add_executable(maat_framework_gtest maat_framework_gtest.cpp)
target_link_libraries(maat_framework_gtest maat_frame_static gtest_static)
file(COPY rule DESTINATION ./)
file(COPY table_info.conf DESTINATION ./)
file(COPY and_expr.conf DESTINATION ./)

301
test/adapter_hs_gtest.cpp
View File

@@ -1,301 +0,0 @@
#include <gtest/gtest.h>
#include "maat_utils.h"
#include "adapter_hs.h"
#include "maat_table_schema.h"
int parse_and_expr_file(const char *filename, and_expr_t expr[], size_t *n_expr)
{
FILE *fp = fopen(filename, "r");
char line[4096] = {0};
size_t i = 0;
while (NULL != fgets(line, sizeof(line), fp)) {
if (line[0] == '#' || line[0] == ' ' || line[0] == '\t') {
continue;
}
char pattern_buf[1024] = {0};
int ret = sscanf(line, "%u\t%lu\t%s", &(expr[i].expr_id), &(expr[i].n_patterns), pattern_buf);
EXPECT_NE(ret, 0);
char *expr_token = NULL;
char *sub_expr_token = NULL;
char *save_expr_ptr = NULL;
size_t j = 0;
for (expr_token = pattern_buf; ; expr_token = NULL) {
sub_expr_token = strtok_r(expr_token, "&", &save_expr_ptr);
if (sub_expr_token == NULL) {
break;
}
char *pattern_token = sub_expr_token;
char *save_pattern_ptr = NULL;
char *sub_pattern_token = strtok_r(pattern_token, ":", &save_pattern_ptr);
expr[i].patterns[j].type = atoi(sub_pattern_token);
size_t str_len = strlen(save_pattern_ptr);
expr[i].patterns[j].pat = ALLOC(char, str_len);
memcpy(expr[i].patterns[j].pat, save_pattern_ptr, str_len);
expr[i].patterns[j].pat_len = str_len;
j++;
}
i++;
}
*n_expr = i;
fclose(fp);
return 0;
}
void expr_array_free(and_expr_t expr_array[], size_t n_expr_array)
{
for (size_t i = 0; i < n_expr_array; i++) {
for (size_t j = 0; j < expr_array[i].n_patterns; j++) {
free(expr_array[i].patterns[j].pat);
}
}
}
TEST(block_mode_initialize, invalid_input_parameter)
{
struct adapter_hs *hs_instance = NULL;
and_expr_t exprs[5];
/* case1: invalid scan_mode parameter */
hs_instance = adapter_hs_initialize(0, 1, exprs, 1);
EXPECT_EQ(hs_instance, nullptr);
/* case2: invalid expr parameter */
hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, nullptr, 1);
EXPECT_EQ(hs_instance, nullptr);
/* case3: invalid expr num */
hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, exprs, 0);
EXPECT_EQ(hs_instance, nullptr);
}
TEST(block_mode_scan, invalid_input_parameter)
{
and_expr_t expr_array[64];
size_t n_expr_array = 0;
struct adapter_hs *hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, nullptr, 0);
EXPECT_EQ(hs_instance, nullptr);
hs_instance = adapter_hs_initialize(0, 1, expr_array, n_expr_array);
EXPECT_EQ(hs_instance, nullptr);
n_expr_array = 1;
expr_array[0].expr_id = 101;
expr_array[0].n_patterns = 10;
hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, expr_array, n_expr_array);
EXPECT_EQ(hs_instance, nullptr);
memset(expr_array, 0, sizeof(expr_array));
n_expr_array = 1;
expr_array[0].expr_id = 101;
expr_array[0].n_patterns = 1;
expr_array[0].patterns[0].type = 0;
hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, expr_array, n_expr_array);
EXPECT_EQ(hs_instance, nullptr);
}
TEST(block_mode_scan, hit_one_expr)
{
and_expr_t expr_array[64] = {0};
size_t n_expr_array = 0;
int ret = parse_and_expr_file("./and_expr.conf", expr_array, &n_expr_array);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_expr_array, 6);
struct adapter_hs *hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, expr_array, n_expr_array);
EXPECT_NE(hs_instance, nullptr);
expr_array_free(expr_array, n_expr_array);
char data0[64] = "luis";
int result0[64] = {0};
size_t n_result0 = 0;
ret = adapter_hs_scan(hs_instance, 0, data0, strlen(data0), result0, &n_result0);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result0, 0);
char data1[64] = "hello";
int result1[64] = {0};
size_t n_result1 = 0;
ret = adapter_hs_scan(hs_instance, 0, data1, strlen(data1), result1, &n_result1);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result1, 1);
EXPECT_EQ(result1[0], 101);
char data2[64] = "world";
int result2[64] = {0};
size_t n_result2 = 0;
ret = adapter_hs_scan(hs_instance, 0, data2, strlen(data2), result2, &n_result2);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result2, 1);
EXPECT_EQ(result2[0], 102);
adapter_hs_destroy(hs_instance);
hs_instance = nullptr;
}
TEST(block_mode_scan, hit_two_expr)
{
and_expr_t expr_array[64] = {0};
size_t n_expr_array = 0;
int ret = parse_and_expr_file("./and_expr.conf", expr_array, &n_expr_array);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_expr_array, 6);
struct adapter_hs *hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, expr_array, n_expr_array);
EXPECT_NE(hs_instance, nullptr);
expr_array_free(expr_array, n_expr_array);
char data0[64] = "hello maat";
int result0[64] = {0};
size_t n_result0 = 0;
ret = adapter_hs_scan(hs_instance, 0, data0, strlen(data0), result0, &n_result0);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result0, 2);
EXPECT_EQ(result0[0], 103);
EXPECT_EQ(result0[1], 101);
char data1[64] = "maat World";
int result1[64] = {0};
size_t n_result1 = 0;
ret = adapter_hs_scan(hs_instance, 0, data1, strlen(data1), result1, &n_result1);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result1, 2);
EXPECT_EQ(result1[0], 103);
EXPECT_EQ(result1[1], 102);
adapter_hs_destroy(hs_instance);
hs_instance = nullptr;
}
TEST(block_mode_scan, hit_three_expr)
{
and_expr_t expr_array[64] = {0};
size_t n_expr_array = 0;
int ret = parse_and_expr_file("./and_expr.conf", expr_array, &n_expr_array);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_expr_array, 6);
struct adapter_hs *hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, expr_array, n_expr_array);
EXPECT_NE(hs_instance, nullptr);
expr_array_free(expr_array, n_expr_array);
char data0[64] = "hello world";
int result0[64] = {0};
size_t n_result0 = 0;
ret = adapter_hs_scan(hs_instance, 0, data0, strlen(data0), result0, &n_result0);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result0, 3);
EXPECT_EQ(result0[0], 104);
EXPECT_EQ(result0[1], 102);
EXPECT_EQ(result0[2], 101);
char data1[64] = "hello World";
int result1[64] = {0};
size_t n_result1 = 0;
ret = adapter_hs_scan(hs_instance, 0, data1, strlen(data1), result1, &n_result1);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result1, 3);
EXPECT_EQ(result1[0], 104);
EXPECT_EQ(result1[1], 102);
EXPECT_EQ(result1[2], 101);
adapter_hs_destroy(hs_instance);
hs_instance = nullptr;
}
TEST(block_mode_scan, hit_four_expr)
{
and_expr_t expr_array[64] = {0};
size_t n_expr_array = 0;
int ret = parse_and_expr_file("./and_expr.conf", expr_array, &n_expr_array);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_expr_array, 6);
struct adapter_hs *hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, expr_array, n_expr_array);
EXPECT_NE(hs_instance, nullptr);
expr_array_free(expr_array, n_expr_array);
char data0[64] = "1hello world";
int result0[64] = {0};
size_t n_result0 = 0;
ret = adapter_hs_scan(hs_instance, 0, data0, strlen(data0), result0, &n_result0);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result0, 4);
EXPECT_EQ(result0[0], 105);
EXPECT_EQ(result0[1], 104);
EXPECT_EQ(result0[2], 102);
EXPECT_EQ(result0[3], 101);
char data1[64] = "8hello World";
int result1[64] = {0};
size_t n_result1 = 0;
ret = adapter_hs_scan(hs_instance, 0, data1, strlen(data1), result1, &n_result1);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result1, 4);
EXPECT_EQ(result1[0], 105);
EXPECT_EQ(result1[1], 104);
EXPECT_EQ(result1[2], 102);
EXPECT_EQ(result1[3], 101);
adapter_hs_destroy(hs_instance);
hs_instance = nullptr;
}
TEST(block_mode_scan, hit_five_expr)
{
and_expr_t expr_array[64] = {0};
size_t n_expr_array = 0;
int ret = parse_and_expr_file("./and_expr.conf", expr_array, &n_expr_array);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_expr_array, 6);
struct adapter_hs *hs_instance = adapter_hs_initialize(SCAN_MODE_BLOCK, 1, expr_array, n_expr_array);
EXPECT_NE(hs_instance, nullptr);
expr_array_free(expr_array, n_expr_array);
char data0[64] = "1hello 2world";
int result0[64] = {0};
size_t n_result0 = 0;
ret = adapter_hs_scan(hs_instance, 0, data0, strlen(data0), result0, &n_result0);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result0, 5);
EXPECT_EQ(result0[0], 106);
EXPECT_EQ(result0[1], 105);
EXPECT_EQ(result0[2], 104);
EXPECT_EQ(result0[3], 102);
EXPECT_EQ(result0[4], 101);
char data1[64] = "8hello 9World";
int result1[64] = {0};
size_t n_result1 = 0;
ret = adapter_hs_scan(hs_instance, 0, data1, strlen(data1), result1, &n_result1);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result1, 5);
EXPECT_EQ(result1[0], 106);
EXPECT_EQ(result1[1], 105);
EXPECT_EQ(result1[2], 104);
EXPECT_EQ(result1[3], 102);
EXPECT_EQ(result1[4], 101);
adapter_hs_destroy(hs_instance);
hs_instance = nullptr;
}
int main(int argc, char **argv)
{
int ret = 0;
::testing::InitGoogleTest(&argc, argv);
ret = RUN_ALL_TESTS();
return ret;
}

4
test/maat_api_gtest.cpp
View File

@@ -1,6 +1,6 @@
#include <gtest/gtest.h>
#include "maat/maat.h"
#include "../include/maat/maat.h"
#include <gtest/gtest.h>
TEST(EQ_Test, Always_True) {
EXPECT_EQ(1, 1);

41
test/maat_framework_gtest.cpp Normal file
View File

@@ -0,0 +1,41 @@
#include <gtest/gtest.h>
#include "maat/maat.h"
#include "maat_rule.h"
#include "maat_table_schema.h"
#include "maat_table_runtime.h"
struct maat *g_maat_instance = NULL;
const char *table_info_path = "/home/liuwentan/project/maat-v4/test/table_info.conf";
const char *rule_path = "/home/liuwentan/project/maat-v4/test/rule/full/index";
TEST(maat_scan_string, literal) {
struct table_schema_manager *table_schema_mgr = g_maat_instance->table_schema_mgr;
int table_id = table_schema_manager_get_table_id(table_schema_mgr, "HTTP_URL");
char data[64] = "www.baidu.com";
int result_array[5] = {0};
size_t n_result_array = 0;
int ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), result_array, &n_result_array, NULL);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result_array, 1);
EXPECT_EQ(result_array[0], 101);
}
int main(int argc, char ** argv)
{
int ret=0;
::testing::InitGoogleTest(&argc, argv);
struct maat_options *opts = maat_options_new();
maat_options_set_iris_full_dir(opts, rule_path);
g_maat_instance = maat_new(opts, table_info_path);
EXPECT_NE(g_maat_instance, nullptr);
ret=RUN_ALL_TESTS();
maat_free(g_maat_instance);
g_maat_instance = NULL;
return ret;
}

225
test/rcu_hash_gtest.cpp
View File

@@ -1,16 +1,16 @@
#include <gtest/gtest.h>
#include "../src/inc_internal/rcu_hash.h"
#include "../include/utils.h"
#include "rcu_hash.h"
#include "maat_utils.h"
#include <gtest/gtest.h>
struct user_data {
int id;
char name[32];
};
void data_free(void *data)
void data_free(void *user_ctx, void *data)
{
free(data);
}
TEST(rcu_hash_new, invalid_input_parameter) {
@@ -18,27 +18,236 @@ TEST(rcu_hash_new, invalid_input_parameter) {
EXPECT_EQ(htable, nullptr);
}
TEST(rcu_hash_add, one) {
TEST(rcu_hash_add_one_node, single_thread) {
/* add one node to hash */
struct rcu_hash_table *htable = rcu_hash_new(data_free);
EXPECT_NE(htable, nullptr);
struct user_data *data = ALLOC(struct user_data, 1);
data->id = 101;
char *name = "www.baidu.com";
char name[64] = "www.baidu.com";
memcpy(data->name, name, strlen(name));
char *key = "http_url";
char key[64] = "http_url";
size_t key_len = strlen(key);
/* add to hash */
rcu_hash_add(htable, key, key_len, (void *)data);
/* find in hash before commit */
void *res = rcu_hash_find(htable, key, key_len);
EXPECT_EQ(res, nullptr);
int ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 0);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
rcu_hash_commit(htable);
/* find in hash after commit */
res = rcu_hash_find(htable, key, key_len);
EXPECT_NE(res, nullptr);
struct user_data *res_data = (struct user_data *)res;
EXPECT_EQ(res_data->id, 101);
EXPECT_STREQ(res_data->name, "www.baidu.com");
ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 1);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
rcu_hash_free(htable);
}
TEST(rcu_hash_add_multi_node, single_thread) {
/* add multi node to hash */
struct rcu_hash_table *htable = rcu_hash_new(data_free);
EXPECT_NE(htable, nullptr);
struct user_data *data0 = ALLOC(struct user_data, 1);
data0->id = 101;
char name0[64] = "www.baidu.com";
memcpy(data0->name, name0, strlen(name0));
char key0[64] = "http_url";
size_t key0_len = strlen(key0);
rcu_hash_add(htable, key0, key0_len, (void *)data0);
struct user_data *data1 = ALLOC(struct user_data, 1);
data1->id = 102;
char name1[64] = "127.0.0.1";
memcpy(data1->name, name1, strlen(name1));
char key1[64] = "http_host";
size_t key1_len = strlen(key1);
rcu_hash_add(htable, key1, key1_len, (void *)data1);
/* find in hash before commit */
void *res = rcu_hash_find(htable, key0, key0_len);
EXPECT_EQ(res, nullptr);
res = rcu_hash_find(htable, key1, key1_len);
EXPECT_EQ(res, nullptr);
int ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 0);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
rcu_hash_commit(htable);
/* find in hash after commit */
res = rcu_hash_find(htable, key0, key0_len);
EXPECT_NE(res, nullptr);
struct user_data *res_data0 = (struct user_data *)res;
EXPECT_EQ(res_data0->id, 101);
EXPECT_STREQ(res_data0->name, "www.baidu.com");
res = rcu_hash_find(htable, key1, key1_len);
EXPECT_NE(res, nullptr);
struct user_data *res_data1 = (struct user_data *)res;
EXPECT_EQ(res_data1->id, 102);
EXPECT_STREQ(res_data1->name, "127.0.0.1");
ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 2);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
rcu_hash_free(htable);
}
TEST(rcu_hash_del_one_node, single_thread) {
/* case1: add and del before commit */
struct rcu_hash_table *htable = rcu_hash_new(data_free);
EXPECT_NE(htable, nullptr);
struct user_data *data = ALLOC(struct user_data, 1);
data->id = 101;
char name[64] = "www.baidu.com";
memcpy(data->name, name, strlen(name));
char key[64] = "http_url";
size_t key_len = strlen(key);
/* add to hash */
rcu_hash_add(htable, key, key_len, (void *)data);
/* find in hash before commit */
void *res = rcu_hash_find(htable, key, key_len);
EXPECT_EQ(res, nullptr);
int ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 0);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
rcu_hash_del(htable, key, key_len);
rcu_hash_commit(htable);
/* find in hash after commit */
res = rcu_hash_find(htable, key, key_len);
EXPECT_EQ(res, nullptr);
/* case2: add && commit, and del */
struct user_data *data1 = ALLOC(struct user_data, 1);
data1->id = 102;
char name1[64] = "127.0.0.1";
memcpy(data1->name, name1, strlen(name1));
char key1[64] = "http_host";
size_t key1_len = strlen(key1);
rcu_hash_add(htable, key1, key1_len, (void *)data1);
/* add commit */
rcu_hash_commit(htable);
rcu_hash_del(htable, key1, key1_len);
res = rcu_hash_find(htable, key1, key1_len);
EXPECT_NE(res, nullptr);
struct user_data *res_data = (struct user_data *)res;
EXPECT_EQ(res_data->id, 102);
EXPECT_STREQ(res_data->name, "127.0.0.1");
ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 1);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 1);
/* delete commit */
rcu_hash_commit(htable);
res = rcu_hash_find(htable, key1, key1_len);
EXPECT_EQ(res, nullptr);
ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 0);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
rcu_hash_free(htable);
}
TEST(rcu_hash_del_multi_node, single_thread) {
/* case1: add and del before commit */
struct rcu_hash_table *htable = rcu_hash_new(data_free);
EXPECT_NE(htable, nullptr);
struct user_data *data1 = ALLOC(struct user_data, 1);
data1->id = 101;
char name1[64] = "www.baidu.com";
memcpy(data1->name, name1, strlen(name1));
char key1[64] = "http_url";
size_t key1_len = strlen(key1);
rcu_hash_add(htable, key1, key1_len, (void *)data1);
struct user_data *data2 = ALLOC(struct user_data, 1);
data2->id = 102;
char name2[64] = "127.0.0.1";
memcpy(data2->name, name2, strlen(name2));
char key2[64] = "http_host";
size_t key2_len = strlen(key2);
rcu_hash_add(htable, key2, key2_len, (void *)data2);
/* find in hash before commit */
void *res = rcu_hash_find(htable, key1, key1_len);
EXPECT_EQ(res, nullptr);
int ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 0);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
/* add del, then commit */
rcu_hash_del(htable, key1, key1_len);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 1);
rcu_hash_commit(htable);
/* find in hash after commit */
res = rcu_hash_find(htable, key1, key1_len);
EXPECT_EQ(res, nullptr);
res = rcu_hash_find(htable, key2, key2_len);
EXPECT_NE(res, nullptr);
ret = rcu_hash_count(htable);
EXPECT_EQ(ret, 1);
ret = rcu_hash_garbage_queue_len(htable);
EXPECT_EQ(ret, 0);
rcu_hash_free(htable);
}
int main(int argc, char ** argv)

2
test/rule/full/2022-11-24/HTTP_URL.000001 Normal file
View File

@@ -0,0 +1,2 @@
0000000001
101 1 www.baidu.com 0 0 0 1

1
test/rule/full/index/full_config_index.000001 Normal file
View File

@@ -0,0 +1 @@
HTTP_URL 1 /home/liuwentan/project/maat-v4/test/rule/full/2022-11-24/HTTP_URL.000001

20
test/table_info.conf
View File

@@ -1,9 +1,9 @@
#each column seperated by '\t'
[
{
"table_id":1,
"table_name":"HTTP_URL",
"table_type":"expr",
"scan_mode":"block",
"item_id":1,
"group_id":2,
"rule": {
@@ -11,21 +11,31 @@
"expr_type":4,
"match_method":5,
"is_hexbin":6,
"case_sensitive":7,
"is_valid":8
"is_valid":7
}
},
{
"table_id":2,
"table_name":"TEST_IP_PLUGIN",
"table_name":"IP_PLUGIN_TABLE",
"table_type":"ip_plugin",
"item_id":1,
"group_id":2,
"rule": {
"ip_type":2,
"start_ip":3,
"end_ip":4,
"is_valid":5
}
},
{
"table_id":3,
"table_name":"PLUGIN_TABLE",
"table_type":"plugin",
"item_id":1,
"rule": {
"key":2,
"tag":3,
"is_valid":4,
"foreign":[6,8,10]
}
}
]