"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/service_inspectors/http2_inspect/http2_data_cutter.cc" between
snort3-3.1.28.0.tar.gz and snort3-3.1.29.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

http2_data_cutter.cc  (snort3-3.1.28.0):http2_data_cutter.cc  (snort3-3.1.29.0)
skipping to change at line 77 skipping to change at line 77
} }
} }
session_data->payload_discard[source_id] = true; session_data->payload_discard[source_id] = true;
return StreamSplitter::FLUSH; return StreamSplitter::FLUSH;
} }
bool Http2DataCutter::check_http_state(Http2Stream* const stream) bool Http2DataCutter::check_http_state(Http2Stream* const stream)
{ {
HttpFlowData* const http_flow = stream->get_hi_flow_data(); HttpFlowData* const http_flow = stream->get_hi_flow_data();
if ((http_flow->get_type_expected(source_id) != HttpEnums::SEC_BODY_H2)) if ((http_flow->get_type_expected(source_id) != SEC_BODY_H2))
{ {
stream->set_state(source_id, STREAM_ERROR); stream->set_state(source_id, STREAM_ERROR);
if (data_len > 0) if (data_len > 0)
{ {
*session_data->infractions[source_id] += INF_UNEXPECTED_DATA_FRAME; *session_data->infractions[source_id] += INF_UNEXPECTED_DATA_FRAME;
session_data->events[source_id]->create_event(EVENT_UNEXPECTED_DATA_ FRAME); session_data->events[source_id]->create_event(EVENT_UNEXPECTED_DATA_ FRAME);
} }
return false; return false;
} }
return true; return true;
skipping to change at line 141 skipping to change at line 141
if (cur_data > 0) if (cur_data > 0)
{ {
uint32_t http_flush_offset = 0; uint32_t http_flush_offset = 0;
Http2DummyPacket dummy_pkt; Http2DummyPacket dummy_pkt;
dummy_pkt.flow = session_data->flow; dummy_pkt.flow = session_data->flow;
uint32_t unused = 0; uint32_t unused = 0;
session_data->stream_in_hi = session_data->current_stream[source_id]; session_data->stream_in_hi = session_data->current_stream[source_id];
if ((data_bytes_read == data_len) && (frame_flags & FLAG_END_STREAM)) if ((data_bytes_read == data_len) && (frame_flags & FLAG_END_STREAM))
{ {
HttpFlowData* const hi_flow = stream->get_hi_flow_data(); HttpFlowData* const hi_flow = stream->get_hi_flow_data();
hi_flow->set_h2_body_state(source_id, HttpEnums::H2_BODY_LAST_SEG); hi_flow->set_h2_body_state(source_id, H2_BODY_LAST_SEG);
} }
scan_result = session_data->hi_ss[source_id]->scan(&dummy_pkt, data + cu r_data_offset, scan_result = session_data->hi_ss[source_id]->scan(&dummy_pkt, data + cu r_data_offset,
cur_data, unused, &http_flush_offset); cur_data, unused, &http_flush_offset);
session_data->stream_in_hi = NO_STREAM_ID; session_data->stream_in_hi = NO_STREAM_ID;
switch (scan_result) switch (scan_result)
{ {
case StreamSplitter::FLUSH: case StreamSplitter::FLUSH:
{ {
bytes_sent_http += http_flush_offset; bytes_sent_http += http_flush_offset;
const uint32_t unused_input = cur_data - http_flush_offset; const uint32_t unused_input = cur_data - http_flush_offset;
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)