"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/service_inspectors/dce_rpc/dce_smb_utils.cc" between
snort3-3.1.29.0.tar.gz and snort3-3.1.30.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

dce_smb_utils.cc  (snort3-3.1.29.0):dce_smb_utils.cc  (snort3-3.1.30.0)
skipping to change at line 1354 skipping to change at line 1354
del_req->smb_wct = 1; del_req->smb_wct = 1;
del_req->smb_search_attrs = SmbHtons(&search_attrs); del_req->smb_search_attrs = SmbHtons(&search_attrs);
*del_req_fmt = SMB_FMT__ASCII; *del_req_fmt = SMB_FMT__ASCII;
} }
static void DCE2_SmbInjectDeletePdu(DCE2_SmbFileTracker* ftracker) static void DCE2_SmbInjectDeletePdu(DCE2_SmbFileTracker* ftracker)
{ {
Packet* inject_pkt = DetectionEngine::get_current_wire_packet(); Packet* inject_pkt = DetectionEngine::get_current_wire_packet();
Packet* p = DetectionEngine::get_current_packet(); Packet* p = DetectionEngine::get_current_packet();
if ( inject_pkt->flow != p->flow ) if ( !inject_pkt || inject_pkt->flow != p->flow )
return; return;
NbssHdr* nb_hdr = (NbssHdr*)dce2_smb_delete_pdu; NbssHdr* nb_hdr = (NbssHdr*)dce2_smb_delete_pdu;
SmbNtHdr* smb_hdr = (SmbNtHdr*)((uint8_t*)nb_hdr + sizeof(*nb_hdr)); SmbNtHdr* smb_hdr = (SmbNtHdr*)((uint8_t*)nb_hdr + sizeof(*nb_hdr));
SmbDeleteReq* del_req = (SmbDeleteReq*)((uint8_t*)smb_hdr + sizeof(*smb_hdr) ); SmbDeleteReq* del_req = (SmbDeleteReq*)((uint8_t*)smb_hdr + sizeof(*smb_hdr) );
char* del_filename = (char*)((uint8_t*)del_req + sizeof(*del_req) + 1); char* del_filename = (char*)((uint8_t*)del_req + sizeof(*del_req) + 1);
FileCharEncoding encoding = get_character_encoding(ftracker->file_name, FileCharEncoding encoding = get_character_encoding(ftracker->file_name,
ftracker->file_name_size); ftracker->file_name_size);
uint16_t file_name_len; uint16_t file_name_len;
skipping to change at line 1725 skipping to change at line 1725
DCE2_SmbRemoveFileTracker(ssd, ftracker); DCE2_SmbRemoveFileTracker(ssd, ftracker);
return; return;
} }
if ((file_data_depth != -1) && if ((file_data_depth != -1) &&
((ftracker->ff_file_offset == ftracker->ff_bytes_processed) && ((ftracker->ff_file_offset == ftracker->ff_bytes_processed) &&
((file_data_depth == 0) || (ftracker->ff_bytes_processed < (uint64_t)fil e_data_depth)))) ((file_data_depth == 0) || (ftracker->ff_bytes_processed < (uint64_t)fil e_data_depth))))
{ {
set_file_data(data_ptr, (data_len > UINT16_MAX) ? UINT16_MAX : (uint16_t )data_len); set_file_data(data_ptr, (data_len > UINT16_MAX) ? UINT16_MAX : (uint16_t )data_len);
DCE2_FileDetect(); DCE2_FileDetect();
set_file_data(nullptr, 0);
} }
if (ftracker == ssd->fapi_ftracker) if (ftracker == ssd->fapi_ftracker)
{ {
DCE2_Ret ret; DCE2_Ret ret;
if ((ftracker->ff_file_offset != ftracker->ff_bytes_processed) if ((ftracker->ff_file_offset != ftracker->ff_bytes_processed)
|| !DCE2_ListIsEmpty(ftracker->ff_file_chunks)) || !DCE2_ListIsEmpty(ftracker->ff_file_chunks))
{ {
if ((ssd->max_file_depth != 0) if ((ssd->max_file_depth != 0)
 End of changes. 2 change blocks. 
1 lines changed or deleted 2 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)