"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/service_inspectors/http2_inspect/http2_headers_frame_with_startline.cc" between
snort3-3.1.36.0.tar.gz and snort3-3.1.38.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

http2_headers_frame_with_startline.cc  (snort3-3.1.36.0):http2_headers_frame_with_startline.cc  (snort3-3.1.38.0)
skipping to change at line 31 skipping to change at line 31
#include "config.h" #include "config.h"
#endif #endif
#include "http2_headers_frame_with_startline.h" #include "http2_headers_frame_with_startline.h"
#include "protocols/packet.h" #include "protocols/packet.h"
#include "service_inspectors/http_inspect/http_flow_data.h" #include "service_inspectors/http_inspect/http_flow_data.h"
#include "service_inspectors/http_inspect/http_inspect.h" #include "service_inspectors/http_inspect/http_inspect.h"
#include "service_inspectors/http_inspect/http_stream_splitter.h" #include "service_inspectors/http_inspect/http_stream_splitter.h"
#include "http2_dummy_packet.h"
#include "http2_enum.h" #include "http2_enum.h"
#include "http2_flow_data.h" #include "http2_flow_data.h"
#include "http2_hpack.h" #include "http2_hpack.h"
#include "http2_module.h" #include "http2_module.h"
#include "http2_request_line.h" #include "http2_request_line.h"
#include "http2_start_line.h" #include "http2_start_line.h"
#include "http2_status_line.h" #include "http2_status_line.h"
#include "http2_stream.h" #include "http2_stream.h"
using namespace snort; using namespace snort;
using namespace HttpCommon; using namespace HttpCommon;
using namespace Http2Enums; using namespace Http2Enums;
Http2HeadersFrameWithStartline::~Http2HeadersFrameWithStartline() Http2HeadersFrameWithStartline::~Http2HeadersFrameWithStartline()
{ {
delete start_line_generator; delete start_line_generator;
} }
bool Http2HeadersFrameWithStartline::process_start_line(HttpFlowData*& http_flow bool Http2HeadersFrameWithStartline::process_start_line(HttpFlowData*& http_flow
, , SourceId hi_source_id, Packet* p)
SourceId hi_source_id)
{ {
if (session_data->abort_flow[source_id]) if (session_data->abort_flow[source_id])
return false; return false;
// http_inspect scan() of start line // http_inspect scan() of start line
{ {
uint32_t flush_offset; uint32_t flush_offset;
Http2DummyPacket dummy_pkt;
dummy_pkt.flow = session_data->flow;
const uint32_t unused = 0;
const StreamSplitter::Status start_scan_result = const StreamSplitter::Status start_scan_result =
session_data->hi_ss[hi_source_id]->scan(&dummy_pkt, start_line.start session_data->hi_ss[hi_source_id]->scan(session_data->flow, start_li
(), ne.start(), start_line.length(),
start_line.length(), unused, &flush_offset); &flush_offset);
if (start_scan_result != StreamSplitter::FLUSH) if (start_scan_result != StreamSplitter::FLUSH)
{ {
stream->set_state(hi_source_id, STREAM_ERROR); stream->set_state(hi_source_id, STREAM_ERROR);
return false; return false;
} }
assert((int64_t)flush_offset == start_line.length()); assert((int64_t)flush_offset == start_line.length());
} }
StreamBuffer stream_buf; StreamBuffer stream_buf;
skipping to change at line 89 skipping to change at line 84
start_line.length(), 0, start_line.start(), start_line.length(), PKT _PDU_TAIL, start_line.length(), 0, start_line.start(), start_line.length(), PKT _PDU_TAIL,
copied); copied);
assert(stream_buf.data != nullptr); assert(stream_buf.data != nullptr);
assert(copied == (unsigned)start_line.length()); assert(copied == (unsigned)start_line.length());
} }
http_flow = stream->get_hi_flow_data(); http_flow = stream->get_hi_flow_data();
assert(http_flow); assert(http_flow);
// http_inspect eval() and clear() of start line // http_inspect eval() and clear() of start line
{ {
Http2DummyPacket dummy_pkt; session_data->hi->eval(p, hi_source_id, stream_buf.data, stream_buf.leng
dummy_pkt.flow = session_data->flow; th);
dummy_pkt.packet_flags = (hi_source_id == SRC_CLIENT) ? PKT_FROM_CLIENT
: PKT_FROM_SERVER;
dummy_pkt.dsize = stream_buf.length;
dummy_pkt.data = stream_buf.data;
session_data->hi->eval(&dummy_pkt);
if (http_flow->get_type_expected(hi_source_id) != SEC_HEADER) if (http_flow->get_type_expected(hi_source_id) != SEC_HEADER)
{ {
stream->set_state(hi_source_id, STREAM_ERROR); stream->set_state(hi_source_id, STREAM_ERROR);
return false; return false;
} }
session_data->hi->clear(&dummy_pkt); session_data->hi->clear(p);
} }
return true; return true;
} }
// If we are not processing a truncated headers frame or we have seen a non-pseu doheader, we know // If we are not processing a truncated headers frame or we have seen a non-pseu doheader, we know
// we've seen all the (valid) pseudoheaders in the frame. Otherwise we could be missing some due // we've seen all the (valid) pseudoheaders in the frame. Otherwise we could be missing some due
// to truncation // to truncation
bool Http2HeadersFrameWithStartline::are_pseudo_headers_complete() bool Http2HeadersFrameWithStartline::are_pseudo_headers_complete()
{ {
return !session_data->is_processing_partial_header() or return !session_data->is_processing_partial_header() or
 End of changes. 6 change blocks. 
18 lines changed or deleted 8 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)