Skip to content

unittests: convert detect-base64-data.c to FAIL/PASS API #14058

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

unittests: convert detect-base64-data.c to FAIL/PASS API #14058

wants to merge 4 commits into from
+17 −58

Conversation

jhonny-rs
Copy link

Title: Convert base64_data unit tests to FAIL/PASS API

Description

This PR refactors the unit tests in detect-base64-data.c to strictly adhere to the Suricata unit testing API (util-unittest.h).

The functions DetectBase64DataSetupTest01 and DetectBase64DataSetupTest04 were updated to replace internal C failure logic (if (cond) { printf(...); goto end; }) with immediate assertions using the FAIL/PASS macros.

Issue informartion
Issue 6320: https://redmine.openinfosecfoundation.org/issues/6320

Specific Changes:

  1. All subsequent assertion checks are handled by FAIL_IF_NULL() or FAIL_IF_NOT().
  2. The cleanup logic is now unconditional, as it is only reached on the successful path (PASS).

Note on Memory Safety Policy:
Following the project's guidance that memory leaks are acceptable on unit test failure paths (as the process terminates immediately), I removed the resource-safe goto end pattern. This ensures that the code fully uses the immediate exit behavior of the FAIL/PASS API.

Testing

Verified by running the filtered unit tests:

./src/suricata -u --unittest-filter=base64

@jufajardini jufajardini added the outreachy Contributions made by Outreachy applicants label Oct 17, 2025
@github-actions GitHub Actions
Copy link

NOTE: This PR may contain new authors.

@codecov Codecov
Copy link

codecov bot commented Oct 17, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.44%. Comparing base (93c0409) to head (87d8d7d).
⚠️ Report is 15 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #14058   +/-   ##
=======================================
  Coverage   84.43%   84.44%           
=======================================
  Files        1011     1011           
  Lines      272251   272254    +3     
=======================================
+ Hits       229876   229904   +28     
+ Misses      42375    42350   -25
Flag Coverage Δ
fuzzcorpus 63.40% <100.00%> (-0.01%) ⬇️
livemode 19.45% <0.00%> (+0.10%) ⬆️
pcap 44.80% <100.00%> (-0.01%) ⬇️
suricata-verify 65.20% <100.00%> (+0.01%) ⬆️
unittests 59.44% <100.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@inashivb
Copy link
Member

inashivb commented Oct 17, 2025
edited
Loading

Following the project's guidance that memory leaks are acceptable on unit test failure paths (as the process terminates immediately)

Just to let you know, it is no longer acceptable and will cause a failure in the CI. I was wrong. Please read Victor's response below.

@victorjulien
Copy link
Member

Following the project's guidance that memory leaks are acceptable on unit test failure paths (as the process terminates immediately)

Just to let you know, it is no longer acceptable and will cause a failure in the CI.

Memory leaks in the failure path are acceptable, just not in the pass-path.

victorjulien
victorjulien reviewed Oct 17, 2025
View reviewed changes
src/detect-base64-data.c Outdated
FAIL_IF_NOT(sm->type == DETECT_BASE64_DECODE);
FAIL_IF_NULL(de_ctx->sig_list->init_data->smlists[DETECT_SM_LIST_BASE64_DATA]);

SigGroupCleanup(de_ctx);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

while doing these conversions a few other cleanups can be done:

  • declare variables on first use
  • remove calls to SigGroupCleanup and SigCleanSignatures (redundant as DetectEngineCtxFree handles this)
  • replace SigInit with DetectEngineAppendSig

Could you update these tests to incorporate this?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, I’ll get to it immediately.

inashivb
inashivb reviewed Oct 17, 2025
View reviewed changes
Copy link
Member

@inashivb inashivb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your contribution! The changes are looking OK but we need to work on the commit message. Please make sure to read the contribution guidelines https://docs.suricata.io/en/suricata-8.0.1/devguide/contributing/code-submission-process.html#commits
You could also check out previous contributions around the same issue: 4a98c4bde for examples. 😉

@inashivb
Copy link
Member

Following the project's guidance that memory leaks are acceptable on unit test failure paths (as the process terminates immediately)

Just to let you know, it is no longer acceptable and will cause a failure in the CI.

Memory leaks in the failure path are acceptable, just not in the pass-path.

oops. misread. Sorry.

@jhonny-rs
detect: Refactor base64-data setup tests for style compliance
d816eec 
The unit tests for the 'detect-base64-data.c' keyword were refactored to align with coding style guidelines.

Changes include:
- replaced SigInit with DetectEngineAppendSig in unit tests.
- variables are now declared at the point of their first use.
- remove calls to SigGroupCleanup and SigCleanSignatures.

Ticket: OISF#6320
victorjulien
victorjulien reviewed Oct 17, 2025
View reviewed changes
src/detect-base64-data.c Outdated

de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx,
de_ctx->sig_list = DetectEngineAppendSig(de_ctx,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DetectEngineAppendSig does the list append itself, so you'd use Signature *s = DetectEngineAppendSig... here, followed by FAIL_IF_NULL(s);

jufajardini
jufajardini requested changes Oct 17, 2025
View reviewed changes
Copy link
Contributor

@jufajardini jufajardini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As per the other reviewers' comments.

@jhonny-rs
detect: Use returned Signature pointer in base64_data unit tests
87d8d7d 
The function DetectEngineAppendSig() returns a pointer to the newly created Signature object.

The unit tests DetectBase64DataSetupTest01 and DetectBase64DataSetupTest04 were incorrectly relying on de_ctx->sig_list to reference the parsed signature.

This commit updates both tests to explicitly capture the Signature *s returned by DetectEngineAppendSig and use this specific pointer for all validation checks, ensuring test stability and correct API usage.

Ticket: OISF#6320
victorjulien
victorjulien reviewed Oct 18, 2025
View reviewed changes
src/detect-base64-data.c Outdated
printf("sm->type should be DETECT_BASE64_DECODE: ");
goto end;
}
SigMatch *sm = de_ctx->sig_list->init_data->smlists[DETECT_SM_LIST_PMATCH];
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

now that we have the s pointer, it's cleaner and clearer to use this here SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_PMATCH];

@github-actions GitHub Actions
Copy link

NOTE: This PR may contain new authors.

@jhonny-rs
detect: Refactors DetectBase64DataSetupTest01 to use s (Signature…
3c94e4b 
…) for accessing the rule's initial data (`s->init_data`).

Ticket: OISF#6320
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jufajardini jufajardini jufajardini requested changes

@inashivb inashivb Awaiting requested review from inashivb

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

outreachy Contributions made by Outreachy applicants

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jhonny-rs @inashivb @victorjulien @jufajardini