"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/service_inspectors/http_inspect/http_js_norm.cc" between
snort3-3.1.29.0.tar.gz and snort3-3.1.30.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

http_js_norm.cc  (snort3-3.1.29.0):http_js_norm.cc  (snort3-3.1.30.0)
skipping to change at line 83 skipping to change at line 83
if (src_next > ptr) if (src_next > ptr)
HttpModule::increment_peg_counts(PEG_JS_BYTES, src_next - ptr); HttpModule::increment_peg_counts(PEG_JS_BYTES, src_next - ptr);
else else
src_next = end; // Normalizer has failed, thus aborting the remaining in put src_next = end; // Normalizer has failed, thus aborting the remaining in put
ptr = src_next; ptr = src_next;
return ret; return ret;
} }
HttpJsNorm::HttpJsNorm(const HttpParaList::UriParam& uri_param_, int64_t normali HttpJsNorm::HttpJsNorm(const HttpParaList::UriParam& uri_param_,
zation_depth_, const HttpParaList::JsNormParam& js_norm_param_) :
int32_t identifier_depth_, uint8_t max_template_nesting_, uint32_t max_brack
et_depth_,
uint32_t max_scope_depth_, const std::unordered_set<std::string>& ignored_id
s_) :
uri_param(uri_param_), uri_param(uri_param_),
js_norm_param(js_norm_param_),
detection_depth(UINT64_MAX), detection_depth(UINT64_MAX),
normalization_depth(normalization_depth_),
identifier_depth(identifier_depth_),
max_template_nesting(max_template_nesting_),
max_bracket_depth(max_bracket_depth_),
max_scope_depth(max_scope_depth_),
ignored_ids(ignored_ids_),
mpse_otag(nullptr), mpse_otag(nullptr),
mpse_attr(nullptr), mpse_attr(nullptr),
mpse_type(nullptr) mpse_type(nullptr)
{} {}
HttpJsNorm::~HttpJsNorm() HttpJsNorm::~HttpJsNorm()
{ {
delete mpse_otag; delete mpse_otag;
delete mpse_attr; delete mpse_attr;
delete mpse_type; delete mpse_type;
skipping to change at line 162 skipping to change at line 156
if (!alive_ctx(ssn)) if (!alive_ctx(ssn))
{ {
HttpModule::increment_peg_counts(PEG_JS_EXTERNAL); HttpModule::increment_peg_counts(PEG_JS_EXTERNAL);
trace_logf(2, http_trace, TRACE_JS_PROC, current_packet, trace_logf(2, http_trace, TRACE_JS_PROC, current_packet,
"script starts\n"); "script starts\n");
} }
else else
trace_logf(2, http_trace, TRACE_JS_PROC, current_packet, trace_logf(2, http_trace, TRACE_JS_PROC, current_packet,
"script continues\n"); "script continues\n");
auto& js_ctx = ssn->acquire_js_ctx(identifier_depth, normalization_depth, ma auto& js_ctx = ssn->acquire_js_ctx(js_norm_param);
x_template_nesting,
max_bracket_depth, max_scope_depth, ignored_ids);
while (ptr < end) while (ptr < end)
{ {
trace_logf(1, http_trace, TRACE_JS_PROC, current_packet, trace_logf(1, http_trace, TRACE_JS_PROC, current_packet,
"external script at %zd offset\n", ptr - (const char*)input.start()) ; "external script at %zd offset\n", ptr - (const char*)input.start()) ;
auto ret = js_normalize(js_ctx, current_packet, end, ptr, true); auto ret = js_normalize(js_ctx, current_packet, end, ptr, true);
switch (ret) switch (ret)
{ {
skipping to change at line 309 skipping to change at line 302
if (!sctx.is_javascript) if (!sctx.is_javascript)
continue; continue;
script_external = sctx.is_external; script_external = sctx.is_external;
// script found // script found
if (!script_external) if (!script_external)
HttpModule::increment_peg_counts(PEG_JS_INLINE); HttpModule::increment_peg_counts(PEG_JS_INLINE);
} }
auto& js_ctx = ssn->acquire_js_ctx(identifier_depth, normalization_depth auto& js_ctx = ssn->acquire_js_ctx(js_norm_param);
,
max_template_nesting, max_bracket_depth, max_scope_depth, ignored_id
s);
auto output_size_before = js_ctx.script_size(); auto output_size_before = js_ctx.script_size();
auto ret = js_normalize(js_ctx, current_packet, end, ptr, false); auto ret = js_normalize(js_ctx, current_packet, end, ptr, false);
switch (ret) switch (ret)
{ {
case JSTokenizer::EOS: case JSTokenizer::EOS:
js_ctx.reset_depth(); js_ctx.reset_depth();
break; break;
case JSTokenizer::SCRIPT_ENDED: case JSTokenizer::SCRIPT_ENDED:
 End of changes. 5 change blocks. 
19 lines changed or deleted 5 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)