WIP: Fix Suricata Parser Bug

Fixed a bug where 2 slashes before ending a string resulted in the parser not recognizing that the string terminated.

Updated "Parentheses in Unquoted Option" test to also test this case.

server/modules/suricata/suricata_test.go

@@ -263,7 +263,7 @@ func TestValidate(t *testing.T) {
 		},
 		{
 			Name:  "Parentheses in Unquoted Option",
-			Input: `alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ADWARE_PUP WinSoftware.com Spyware User-Agent (WinSoftware)"; flow:to_server,established; http.user_agent; content:"WinSoftware"; nocase; depth:11; reference:url,research.sunbelt-software.com/threatdisplay.aspx?name=WinSoftware%20Corporation%2c%20Inc.%20(v)&threatid=90037; reference:url,doc.emergingthreats.net/2003527; classtype:pup-activity; sid:2003527; rev:12; metadata:attack_target Client_Endpoint, created_at 2010_07_30, deployment Perimeter, former_category ADWARE_PUP, signature_severity Minor, tag Spyware_User_Agent, updated_at 2020_10_13;)`,
+			Input: `alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET ADWARE_PUP WinSoftware.com Spyware User-Agent (WinSoftware)\\"; flow:to_server,established; http.user_agent; content:"WinSoftware"; nocase; depth:11; reference:url,research.sunbelt-software.com/threatdisplay.aspx?name=WinSoftware%20Corporation%2c%20Inc.%20(v)&threatid=90037; reference:url,doc.emergingthreats.net/2003527; classtype:pup-activity; sid:2003527; rev:12; metadata:attack_target Client_Endpoint, created_at 2010_07_30, deployment Perimeter, former_category ADWARE_PUP, signature_severity Minor, tag Spyware_User_Agent, updated_at 2020_10_13;)`,
 		},
 		{
 			Name:  "Unescaped Double Quote in PCRE Option",

server/modules/suricata/validate.go

@@ -142,7 +142,7 @@ func ParseSuricataRule(rule string) (*SuricataRule, error) {
 						inQuotes = !inQuotes
 					}
 				}
-			} else if ch == '\\' {
+			} else if ch == '\\' && !isEscaping {
 				isEscaping = true
 				buf.WriteRune(ch)
 			} else {