pgsql: remove probe_ts function

With the changes in the probing_ts function, this other one could become obsolete. Remove it, and directly call `parser::parse_request` when checking for gaps, instead. (cherry picked from commit 9aeeac5)
OISF · Dec 6, 2023 · ff69e8a · ff69e8a
1 parent 9121f9a
commit ff69e8a
Showing 1 changed file with 1 addition and 40 deletions.
diff --git a/rust/src/pgsql/pgsql.rs b/rust/src/pgsql/pgsql.rs
@@ -318,7 +318,7 @@ impl PgsqlState {
 
         // If there was gap, check we can sync up again.
         if self.request_gap {
-            if !probe_ts(input) {
+            if parser::parse_request(input).is_ok() {
                 // The parser now needs to decide what to do as we are not in sync.
                 // For now, we'll just try again next time.
                 SCLogDebug!("Suricata interprets there's a gap in the request");
@@ -532,14 +532,6 @@ impl PgsqlState {
     }
 }
 
-/// Probe for a valid PostgreSQL request
-///
-/// PGSQL messages don't have a header per se, so we parse the slice for an ok()
-fn probe_ts(input: &[u8]) -> bool {
-    SCLogDebug!("We are in probe_ts");
-    parser::parse_request(input).is_ok()
-}
-
 /// Probe for a valid PostgreSQL response
 ///
 /// Currently, for parser usage only. We have a bit more logic in the function
@@ -801,37 +793,6 @@ pub unsafe extern "C" fn rs_pgsql_register_parser() {
 mod test {
     use super::*;
 
-    #[test]
-    fn test_request_probe() {
-        // An SSL Request
-        let buf: &[u8] = &[0x00, 0x00, 0x00, 0x08, 0x04, 0xd2, 0x16, 0x2f];
-        assert!(probe_ts(buf));
-
-        // incomplete messages, probe must return false
-        assert!(!probe_ts(&buf[0..6]));
-        assert!(!probe_ts(&buf[0..3]));
-
-        // length is wrong (7), probe must return false
-        let buf: &[u8] = &[0x00, 0x00, 0x00, 0x07, 0x04, 0xd2, 0x16, 0x2f];
-        assert!(!probe_ts(buf));
-
-        // A valid startup message/request
-        let buf: &[u8] = &[
-            0x00, 0x00, 0x00, 0x26, 0x00, 0x03, 0x00, 0x00, 0x75, 0x73, 0x65, 0x72, 0x00, 0x6f,
-            0x72, 0x79, 0x78, 0x00, 0x64, 0x61, 0x74, 0x61, 0x62, 0x61, 0x73, 0x65, 0x00, 0x6d,
-            0x61, 0x69, 0x6c, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x00, 0x00,
-        ];
-        assert!(probe_ts(buf));
-
-        // A non valid startup message/request (length is shorter by one. Would `exact!` help?)
-        let buf: &[u8] = &[
-            0x00, 0x00, 0x00, 0x25, 0x00, 0x03, 0x00, 0x00, 0x75, 0x73, 0x65, 0x72, 0x00, 0x6f,
-            0x72, 0x79, 0x78, 0x00, 0x64, 0x61, 0x74, 0x61, 0x62, 0x61, 0x73, 0x65, 0x00, 0x6d,
-            0x61, 0x69, 0x6c, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x00, 0x00,
-        ];
-        assert!(!probe_ts(buf));
-    }
-
     #[test]
     fn test_response_probe() {
         /* Authentication Request MD5 password salt value f211a3ed */