onos commit hash c2999f30c69e50df905a9d175ef80b3f23a98514

Change-Id: I2bb8562c4942b6d6a6d60b663db2e17540477b81
Signed-off-by: Ashlee Young <ashlee@wildernessvoice.com>

1 files changed, 11 insertions, 0 deletions

diff --git a/framework/src/suricata/src/detect.h b/framework/src/suricata/src/detect.h
index 8d131b92..89ce35ab 100644
--- a/framework/src/suricata/src/detect.h
+++ b/framework/src/suricata/src/detect.h
@@ -126,6 +126,8 @@ enum DetectSigmatchListEnum {
 
     DETECT_SM_LIST_MODBUS_MATCH,
 
+    DETECT_SM_LIST_BASE64_DATA,
+
     DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH,
 
     /* list for post match actions: flowbit set, flowint increment, etc */
@@ -687,6 +689,9 @@ typedef struct DetectEngineCtx_ {
      *  we can't lookup by proto, address, port as we don't have these */
     struct SigGroupHead_ *decoder_event_sgh;
 
+    /* Maximum size of the buffer for decoded base64 data. */
+    uint32_t base64_decode_max_len;
+
     /** Store rule file and line so that parsers can use them in errors. */
     char *rule_file;
     int rule_line;
@@ -883,6 +888,10 @@ typedef struct DetectEngineThreadCtx_ {
     void **keyword_ctxs_array;
     int keyword_ctxs_size;
 
+    uint8_t *base64_decoded;
+    int base64_decoded_len;
+    int base64_decoded_len_max;
+
 #ifdef PROFILING
     struct SCProfileData_ *rule_perf_data;
     int rule_perf_data_size;
@@ -1221,6 +1230,8 @@ enum {
     DETECT_AL_MODBUS,
 
     DETECT_XBITS,
+    DETECT_BASE64_DECODE,
+    DETECT_BASE64_DATA,
 
     DETECT_TEMPLATE,
     DETECT_AL_TEMPLATE_BUFFER,