rust: remove unneeded mut for tx in detect

Detection does not change transactions, it reads only.

rust/src/dcerpc/detect.rs

@@ -60,7 +60,7 @@ pub struct DCEOpnumData {
 }
 
 fn match_backuuid(
-    tx: &mut DCERPCTransaction, state: &mut DCERPCState, if_data: &mut DCEIfaceData,
+    tx: &DCERPCTransaction, state: &mut DCERPCState, if_data: &mut DCEIfaceData,
 ) -> u8 {
     let mut ret = 0;
     if let Some(ref bindack) = state.bindack {
@@ -204,15 +204,15 @@ fn parse_opnum_data(arg: &str) -> Result<DCEOpnumData, ()> {
 
 #[no_mangle]
 pub extern "C" fn rs_dcerpc_iface_match(
-    tx: &mut DCERPCTransaction, state: &mut DCERPCState, if_data: &mut DCEIfaceData,
+    tx: &DCERPCTransaction, state: &mut DCERPCState, if_data: &mut DCEIfaceData,
 ) -> u8 {
     let first_req_seen = tx.get_first_req_seen();
     if first_req_seen == 0 {
         return 0;
     }
 
     match state.get_hdr_type() {
-        Some(DCERPC_TYPE_REQUEST | DCERPC_TYPE_RESPONSE) => {},
+        Some(DCERPC_TYPE_REQUEST | DCERPC_TYPE_RESPONSE) => {}
         _ => {
             return 0;
         }
@@ -248,7 +248,7 @@ pub unsafe extern "C" fn rs_dcerpc_iface_free(ptr: *mut c_void) {
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_dcerpc_opnum_match(
-    tx: &mut DCERPCTransaction, opnum_data: &mut DCEOpnumData,
+    tx: &DCERPCTransaction, opnum_data: &mut DCEOpnumData,
 ) -> u8 {
     let first_req_seen = tx.get_first_req_seen();
     if first_req_seen == 0 {

rust/src/enip/detect.rs

@@ -192,7 +192,7 @@ fn enip_cip_match_service(d: &CipData, ctx: &DetectCipServiceData) -> std::os::r
 }
 
 fn enip_tx_has_cip_service(
-    tx: &mut EnipTransaction, direction: Direction, ctx: &DetectCipServiceData,
+    tx: &EnipTransaction, direction: Direction, ctx: &DetectCipServiceData,
 ) -> std::os::raw::c_int {
     let pduo = if direction == Direction::ToServer {
         &tx.request
@@ -227,9 +227,7 @@ fn enip_cip_match_status(d: &CipData, ctx: &DetectUintData<u8>) -> std::os::raw:
     return 0;
 }
 
-fn enip_tx_has_cip_status(
-    tx: &mut EnipTransaction, ctx: &DetectUintData<u8>,
-) -> std::os::raw::c_int {
+fn enip_tx_has_cip_status(tx: &EnipTransaction, ctx: &DetectUintData<u8>) -> std::os::raw::c_int {
     if let Some(pdu) = &tx.response {
         if let EnipPayload::Cip(c) = &pdu.payload {
             for item in c.items.iter() {
@@ -262,7 +260,7 @@ fn enip_cip_match_extendedstatus(d: &CipData, ctx: &DetectUintData<u16>) -> std:
 }
 
 fn enip_tx_has_cip_extendedstatus(
-    tx: &mut EnipTransaction, ctx: &DetectUintData<u16>,
+    tx: &EnipTransaction, ctx: &DetectUintData<u16>,
 ) -> std::os::raw::c_int {
     if let Some(pdu) = &tx.response {
         if let EnipPayload::Cip(c) = &pdu.payload {
@@ -276,7 +274,7 @@ fn enip_tx_has_cip_extendedstatus(
     return 0;
 }
 
-fn enip_get_status(tx: &mut EnipTransaction, direction: Direction) -> Option<u32> {
+fn enip_get_status(tx: &EnipTransaction, direction: Direction) -> Option<u32> {
     if direction == Direction::ToServer {
         if let Some(req) = &tx.request {
             return Some(req.header.status);
@@ -308,7 +306,7 @@ fn enip_cip_match_segment(
 }
 
 fn enip_tx_has_cip_segment(
-    tx: &mut EnipTransaction, ctx: &DetectUintData<u32>, segment_type: u8,
+    tx: &EnipTransaction, ctx: &DetectUintData<u32>, segment_type: u8,
 ) -> std::os::raw::c_int {
     if let Some(pdu) = &tx.request {
         if let EnipPayload::Cip(c) = &pdu.payload {
@@ -358,7 +356,7 @@ fn enip_cip_match_attribute(d: &CipData, ctx: &DetectUintData<u32>) -> std::os::
 }
 
 fn enip_tx_has_cip_attribute(
-    tx: &mut EnipTransaction, ctx: &DetectUintData<u32>,
+    tx: &EnipTransaction, ctx: &DetectUintData<u32>,
 ) -> std::os::raw::c_int {
     if let Some(pdu) = &tx.request {
         if let EnipPayload::Cip(c) = &pdu.payload {
@@ -372,7 +370,7 @@ fn enip_tx_has_cip_attribute(
     return 0;
 }
 
-fn tx_get_protocol_version(tx: &mut EnipTransaction, direction: Direction) -> Option<u16> {
+fn tx_get_protocol_version(tx: &EnipTransaction, direction: Direction) -> Option<u16> {
     if direction == Direction::ToServer {
         if let Some(req) = &tx.request {
             if let EnipPayload::RegisterSession(rs) = &req.payload {
@@ -511,7 +509,7 @@ unsafe extern "C" fn capabilities_setup(
     return 0;
 }
 
-fn tx_get_capabilities(tx: &mut EnipTransaction) -> Option<u16> {
+fn tx_get_capabilities(tx: &EnipTransaction) -> Option<u16> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListServices(lsp) = &response.payload {
             if !lsp.is_empty() {
@@ -647,7 +645,7 @@ unsafe extern "C" fn vendor_id_setup(
     return 0;
 }
 
-fn tx_get_vendor_id(tx: &mut EnipTransaction) -> Option<u16> {
+fn tx_get_vendor_id(tx: &EnipTransaction) -> Option<u16> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListIdentity(lip) = &response.payload {
             if !lip.is_empty() {
@@ -730,7 +728,7 @@ unsafe extern "C" fn state_setup(
     return 0;
 }
 
-fn tx_get_state(tx: &mut EnipTransaction) -> Option<u8> {
+fn tx_get_state(tx: &EnipTransaction) -> Option<u8> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListIdentity(lip) = &response.payload {
             if !lip.is_empty() {
@@ -778,7 +776,7 @@ unsafe extern "C" fn serial_setup(
     return 0;
 }
 
-fn tx_get_serial(tx: &mut EnipTransaction) -> Option<u32> {
+fn tx_get_serial(tx: &EnipTransaction) -> Option<u32> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListIdentity(lip) = &response.payload {
             if !lip.is_empty() {
@@ -828,7 +826,7 @@ unsafe extern "C" fn revision_setup(
     return 0;
 }
 
-fn tx_get_revision(tx: &mut EnipTransaction) -> Option<u16> {
+fn tx_get_revision(tx: &EnipTransaction) -> Option<u16> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListIdentity(lip) = &response.payload {
             if !lip.is_empty() {
@@ -927,7 +925,7 @@ unsafe extern "C" fn product_code_setup(
     return 0;
 }
 
-fn tx_get_product_code(tx: &mut EnipTransaction) -> Option<u16> {
+fn tx_get_product_code(tx: &EnipTransaction) -> Option<u16> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListIdentity(lip) = &response.payload {
             if !lip.is_empty() {
@@ -983,7 +981,7 @@ unsafe extern "C" fn identity_status_setup(
     return 0;
 }
 
-fn tx_get_identity_status(tx: &mut EnipTransaction) -> Option<u16> {
+fn tx_get_identity_status(tx: &EnipTransaction) -> Option<u16> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListIdentity(lip) = &response.payload {
             if !lip.is_empty() {
@@ -1039,7 +1037,7 @@ unsafe extern "C" fn device_type_setup(
     return 0;
 }
 
-fn tx_get_device_type(tx: &mut EnipTransaction) -> Option<u16> {
+fn tx_get_device_type(tx: &EnipTransaction) -> Option<u16> {
     if let Some(ref response) = tx.response {
         if let EnipPayload::ListIdentity(lip) = &response.payload {
             if !lip.is_empty() {
@@ -1088,7 +1086,7 @@ unsafe extern "C" fn command_setup(
     return 0;
 }
 
-fn tx_get_command(tx: &mut EnipTransaction, direction: u8) -> Option<u16> {
+fn tx_get_command(tx: &EnipTransaction, direction: u8) -> Option<u16> {
     let direction: Direction = direction.into();
     if direction == Direction::ToServer {
         if let Some(req) = &tx.request {

rust/src/http2/detect.rs

@@ -27,7 +27,7 @@ use std::rc::Rc;
 use base64::{Engine, engine::general_purpose::STANDARD};
 
 fn http2_tx_has_frametype(
-    tx: &mut HTTP2Transaction, direction: Direction, value: u8,
+    tx: &HTTP2Transaction, direction: Direction, value: u8,
 ) -> std::os::raw::c_int {
     if direction == Direction::ToServer {
         for i in 0..tx.frames_ts.len() {
@@ -67,7 +67,7 @@ pub unsafe extern "C" fn rs_http2_parse_frametype(
 }
 
 fn http2_tx_has_errorcode(
-    tx: &mut HTTP2Transaction, direction: Direction, code: u32,
+    tx: &HTTP2Transaction, direction: Direction, code: u32,
 ) -> std::os::raw::c_int {
     if direction == Direction::ToServer {
         for i in 0..tx.frames_ts.len() {
@@ -127,7 +127,7 @@ pub unsafe extern "C" fn rs_http2_parse_errorcode(
 }
 
 fn http2_tx_get_next_priority(
-    tx: &mut HTTP2Transaction, direction: Direction, nb: u32,
+    tx: &HTTP2Transaction, direction: Direction, nb: u32,
 ) -> std::os::raw::c_int {
     let mut pos = 0_u32;
     if direction == Direction::ToServer {
@@ -187,7 +187,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_next_priority(
 }
 
 fn http2_tx_get_next_window(
-    tx: &mut HTTP2Transaction, direction: Direction, nb: u32,
+    tx: &HTTP2Transaction, direction: Direction, nb: u32,
 ) -> std::os::raw::c_int {
     let mut pos = 0_u32;
     if direction == Direction::ToServer {
@@ -263,7 +263,7 @@ fn http2_detect_settings_match(
 }
 
 fn http2_detect_settingsctx_match(
-    ctx: &mut parser::DetectHTTP2settingsSigCtx, tx: &mut HTTP2Transaction, direction: Direction,
+    ctx: &parser::DetectHTTP2settingsSigCtx, tx: &HTTP2Transaction, direction: Direction,
 ) -> std::os::raw::c_int {
     if direction == Direction::ToServer {
         for i in 0..tx.frames_ts.len() {
@@ -324,7 +324,7 @@ fn http2_header_blocks(frame: &HTTP2Frame) -> Option<&[parser::HTTP2FrameHeaderB
 }
 
 fn http2_detect_sizeupdatectx_match(
-    ctx: &mut DetectUintData<u64>, tx: &mut HTTP2Transaction, direction: Direction,
+    ctx: &DetectUintData<u64>, tx: &HTTP2Transaction, direction: Direction,
 ) -> std::os::raw::c_int {
     if direction == Direction::ToServer {
         for i in 0..tx.frames_ts.len() {
@@ -359,7 +359,7 @@ pub unsafe extern "C" fn rs_http2_detect_sizeupdatectx_match(
 // and rs_http2_detect_sizeupdatectx_match explicitly casting
 #[no_mangle]
 pub unsafe extern "C" fn rs_http2_tx_get_header_name(
-    tx: &mut HTTP2Transaction, direction: u8, nb: u32, buffer: *mut *const u8, buffer_len: *mut u32,
+    tx: &HTTP2Transaction, direction: u8, nb: u32, buffer: *mut *const u8, buffer_len: *mut u32,
 ) -> bool {
     let mut pos = 0_u32;
     match direction.into() {
@@ -498,6 +498,7 @@ fn http2_frames_get_header_value<'a>(
     }
 }
 
+// we mutate the tx to cache req_line
 fn http2_tx_get_req_line(tx: &mut HTTP2Transaction) {
     if !tx.req_line.is_empty() {
         return;

rust/src/ike/detect.rs

@@ -23,7 +23,7 @@ use std::ffi::CStr;
 use std::ptr;
 
 #[no_mangle]
-pub extern "C" fn rs_ike_state_get_exch_type(tx: &mut IKETransaction, exch_type: *mut u8) -> u8 {
+pub extern "C" fn rs_ike_state_get_exch_type(tx: &IKETransaction, exch_type: *mut u8) -> u8 {
     debug_validate_bug_on!(exch_type.is_null());
 
     if tx.ike_version == 1 {
@@ -45,7 +45,7 @@ pub extern "C" fn rs_ike_state_get_exch_type(tx: &mut IKETransaction, exch_type:
 
 #[no_mangle]
 pub extern "C" fn rs_ike_state_get_spi_initiator(
-    tx: &mut IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
+    tx: &IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
 ) -> u8 {
     debug_validate_bug_on!(buffer.is_null() || buffer_len.is_null());
 
@@ -58,7 +58,7 @@ pub extern "C" fn rs_ike_state_get_spi_initiator(
 
 #[no_mangle]
 pub extern "C" fn rs_ike_state_get_spi_responder(
-    tx: &mut IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
+    tx: &IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
 ) -> u8 {
     debug_validate_bug_on!(buffer.is_null() || buffer_len.is_null());
 
@@ -71,7 +71,7 @@ pub extern "C" fn rs_ike_state_get_spi_responder(
 
 #[no_mangle]
 pub extern "C" fn rs_ike_state_get_nonce(
-    tx: &mut IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
+    tx: &IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
 ) -> u8 {
     debug_validate_bug_on!(buffer.is_null() || buffer_len.is_null());
 
@@ -94,7 +94,7 @@ pub extern "C" fn rs_ike_state_get_nonce(
 
 #[no_mangle]
 pub extern "C" fn rs_ike_state_get_key_exchange(
-    tx: &mut IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
+    tx: &IKETransaction, buffer: *mut *const u8, buffer_len: *mut u32,
 ) -> u8 {
     debug_validate_bug_on!(buffer.is_null() || buffer_len.is_null());
 
@@ -137,7 +137,7 @@ pub extern "C" fn rs_ike_tx_get_vendor(
 
 #[no_mangle]
 pub extern "C" fn rs_ike_state_get_sa_attribute(
-    tx: &mut IKETransaction, sa_type: *const std::os::raw::c_char, value: *mut u32,
+    tx: &IKETransaction, sa_type: *const std::os::raw::c_char, value: *mut u32,
 ) -> u8 {
     debug_validate_bug_on!(value.is_null());
     let mut ret_val = 0;
@@ -208,7 +208,7 @@ pub extern "C" fn rs_ike_state_get_sa_attribute(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_ike_state_get_key_exchange_payload_length(
-    tx: &mut IKETransaction, value: *mut u32,
+    tx: &IKETransaction, value: *mut u32,
 ) -> u8 {
     debug_validate_bug_on!(value.is_null());
 
@@ -223,7 +223,7 @@ pub unsafe extern "C" fn rs_ike_state_get_key_exchange_payload_length(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_ike_state_get_nonce_payload_length(
-    tx: &mut IKETransaction, value: *mut u32,
+    tx: &IKETransaction, value: *mut u32,
 ) -> u8 {
     debug_validate_bug_on!(value.is_null());
 

rust/src/krb/detect.rs

@@ -31,14 +31,14 @@ use nom7::IResult;
 use std::ffi::CStr;
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_krb5_tx_get_msgtype(tx: &mut KRB5Transaction, ptr: *mut u32) {
+pub unsafe extern "C" fn rs_krb5_tx_get_msgtype(tx: &KRB5Transaction, ptr: *mut u32) {
     *ptr = tx.msg_type.0;
 }
 
 /// Get error code, if present in transaction
 /// Return 0 if error code was filled, else 1
 #[no_mangle]
-pub unsafe extern "C" fn rs_krb5_tx_get_errcode(tx: &mut KRB5Transaction, ptr: *mut i32) -> u32 {
+pub unsafe extern "C" fn rs_krb5_tx_get_errcode(tx: &KRB5Transaction, ptr: *mut i32) -> u32 {
     match tx.error_code {
         Some(ref e) => {
             *ptr = e.0;
@@ -50,7 +50,7 @@ pub unsafe extern "C" fn rs_krb5_tx_get_errcode(tx: &mut KRB5Transaction, ptr: *
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_krb5_tx_get_cname(
-    tx: &mut KRB5Transaction, i: u32, buffer: *mut *const u8, buffer_len: *mut u32,
+    tx: &KRB5Transaction, i: u32, buffer: *mut *const u8, buffer_len: *mut u32,
 ) -> u8 {
     if let Some(ref s) = tx.cname {
         if (i as usize) < s.name_string.len() {
@@ -65,7 +65,7 @@ pub unsafe extern "C" fn rs_krb5_tx_get_cname(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_krb5_tx_get_sname(
-    tx: &mut KRB5Transaction, i: u32, buffer: *mut *const u8, buffer_len: *mut u32,
+    tx: &KRB5Transaction, i: u32, buffer: *mut *const u8, buffer_len: *mut u32,
 ) -> u8 {
     if let Some(ref s) = tx.sname {
         if (i as usize) < s.name_string.len() {
@@ -103,7 +103,6 @@ impl DetectKrb5TicketEncryptionList {
     }
 }
 
-
 // Suppress large enum variant lint as the LIST is very large compared
 // to the boolean variant.
 #[derive(Debug)]
@@ -227,7 +226,7 @@ pub unsafe extern "C" fn rs_krb5_detect_encryption_parse(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_krb5_detect_encryption_match(
-    tx: &mut KRB5Transaction, ctx: &DetectKrb5TicketEncryptionData,
+    tx: &KRB5Transaction, ctx: &DetectKrb5TicketEncryptionData,
 ) -> std::os::raw::c_int {
     if let Some(x) = tx.ticket_etype {
         match ctx {

rust/src/rfb/detect.rs

@@ -101,7 +101,7 @@ unsafe extern "C" fn rfb_sec_type_setup(
     return 0;
 }
 
-fn rfb_sec_type_match_aux(tx: &mut RFBTransaction, ctx: &DetectUintData<u32>) -> c_int {
+fn rfb_sec_type_match_aux(tx: &RFBTransaction, ctx: &DetectUintData<u32>) -> c_int {
     if let Some(r) = tx.chosen_security_type {
         if detect_match_uint(ctx, r) {
             return 1;