"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/service_inspectors/http2_inspect/http2_headers_frame_trailer.cc" between
snort3-3.1.28.0.tar.gz and snort3-3.1.29.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

http2_headers_frame_trailer.cc  (snort3-3.1.28.0):http2_headers_frame_trailer.cc  (snort3-3.1.29.0)
skipping to change at line 27 skipping to change at line 27
//-------------------------------------------------------------------------- //--------------------------------------------------------------------------
// http2_headers_frame_trailer.cc author Katura Harvey <katharve@cisco.com> // http2_headers_frame_trailer.cc author Katura Harvey <katharve@cisco.com>
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
#include "config.h" #include "config.h"
#endif #endif
#include "http2_headers_frame_trailer.h" #include "http2_headers_frame_trailer.h"
#include "protocols/packet.h" #include "protocols/packet.h"
#include "service_inspectors/http_inspect/http_enum.h"
#include "service_inspectors/http_inspect/http_flow_data.h" #include "service_inspectors/http_inspect/http_flow_data.h"
#include "service_inspectors/http_inspect/http_inspect.h" #include "service_inspectors/http_inspect/http_inspect.h"
#include "service_inspectors/http_inspect/http_stream_splitter.h" #include "service_inspectors/http_inspect/http_stream_splitter.h"
#include "http2_dummy_packet.h" #include "http2_dummy_packet.h"
#include "http2_enum.h" #include "http2_enum.h"
#include "http2_flow_data.h" #include "http2_flow_data.h"
#include "http2_hpack.h" #include "http2_hpack.h"
#include "http2_stream.h" #include "http2_stream.h"
skipping to change at line 75 skipping to change at line 74
} }
return false; return false;
} }
void Http2HeadersFrameTrailer::analyze_http1() void Http2HeadersFrameTrailer::analyze_http1()
{ {
HttpFlowData* const http_flow = stream->get_hi_flow_data(); HttpFlowData* const http_flow = stream->get_hi_flow_data();
assert(http_flow); assert(http_flow);
const bool valid_headers = http1_header.length() > 0; const bool valid_headers = http1_header.length() > 0;
if (http_flow->get_type_expected(source_id) != HttpEnums::SEC_TRAILER) if (http_flow->get_type_expected(source_id) != SEC_TRAILER)
{ {
// http_inspect is not yet expecting trailers. Flush empty buffer throug h scan, reassemble, // http_inspect is not yet expecting trailers. Flush empty buffer throug h scan, reassemble,
// and eval to prepare http_inspect for trailers. // and eval to prepare http_inspect for trailers.
assert(http_flow->get_type_expected(source_id) == HttpEnums::SEC_BODY_H2 ); assert(http_flow->get_type_expected(source_id) == SEC_BODY_H2);
stream->finish_msg_body(source_id, valid_headers, true); // calls http_i nspect scan() stream->finish_msg_body(source_id, valid_headers, true); // calls http_i nspect scan()
unsigned copied; unsigned copied;
const StreamBuffer stream_buf = const StreamBuffer stream_buf =
session_data->hi_ss[source_id]->reassemble(session_data->flow, session_data->hi_ss[source_id]->reassemble(session_data->flow,
0, 0, nullptr, 0, PKT_PDU_TAIL, copied); 0, 0, nullptr, 0, PKT_PDU_TAIL, copied);
assert(copied == 0); assert(copied == 0);
if (stream_buf.data != nullptr) if (stream_buf.data != nullptr)
{ {
Http2DummyPacket dummy_pkt; Http2DummyPacket dummy_pkt;
dummy_pkt.flow = session_data->flow; dummy_pkt.flow = session_data->flow;
dummy_pkt.packet_flags = (source_id == SRC_CLIENT) ? PKT_FROM_CLIENT : PKT_FROM_SERVER; dummy_pkt.packet_flags = (source_id == SRC_CLIENT) ? PKT_FROM_CLIENT : PKT_FROM_SERVER;
dummy_pkt.dsize = stream_buf.length; dummy_pkt.dsize = stream_buf.length;
dummy_pkt.data = stream_buf.data; dummy_pkt.data = stream_buf.data;
session_data->hi->eval(&dummy_pkt); session_data->hi->eval(&dummy_pkt);
assert (!valid_headers || http_flow->get_type_expected(source_id) == assert (!valid_headers || http_flow->get_type_expected(source_id) ==
HttpEnums::SEC_TRAILER); SEC_TRAILER);
if (http_flow->get_type_expected(source_id) == HttpEnums::SEC_ABORT) if (http_flow->get_type_expected(source_id) == SEC_ABORT)
{ {
stream->set_state(source_id, STREAM_ERROR); stream->set_state(source_id, STREAM_ERROR);
return; return;
} }
session_data->hi->clear(&dummy_pkt); session_data->hi->clear(&dummy_pkt);
} }
} }
if (!valid_headers) if (!valid_headers)
{ {
 End of changes. 4 change blocks. 
6 lines changed or deleted 5 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)