"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/service_inspectors/http2_inspect/http2_inspect.cc" between
snort3-3.1.36.0.tar.gz and snort3-3.1.38.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

http2_inspect.cc  (snort3-3.1.36.0):http2_inspect.cc  (snort3-3.1.38.0)
skipping to change at line 86 skipping to change at line 86
bool Http2Inspect::get_buf(unsigned id, Packet* p, InspectionBuffer& b) bool Http2Inspect::get_buf(unsigned id, Packet* p, InspectionBuffer& b)
{ {
Http2FlowData* const session_data = Http2FlowData* const session_data =
(Http2FlowData*)p->flow->get_flow_data(Http2FlowData::inspector_id); (Http2FlowData*)p->flow->get_flow_data(Http2FlowData::inspector_id);
if (session_data == nullptr) if (session_data == nullptr)
return false; return false;
// Otherwise we can return buffers for raw packets because frame header is a vailable before // Otherwise we can return buffers for raw packets because frame header is a vailable before
// frame is reassembled. // frame is reassembled.
if (!session_data->frame_in_detection) if (session_data->stream_in_hi == Http2Enums::NO_STREAM_ID)
return false; return false;
Http2Stream* const stream = session_data->find_processing_stream(); Http2Stream* const stream = session_data->find_processing_stream();
assert(stream != nullptr); assert(stream != nullptr);
const Field& buffer = stream->get_buf(id); const Field& buffer = stream->get_buf(id);
if (buffer.length() <= 0) if (buffer.length() <= 0)
return false; return false;
b.data = buffer.start(); b.data = buffer.start();
b.len = buffer.length(); b.len = buffer.length();
skipping to change at line 154 skipping to change at line 154
assert(session_data->processing_stream_id != NO_STREAM_ID); assert(session_data->processing_stream_id != NO_STREAM_ID);
session_data->stream_in_hi = stream->get_stream_id(); session_data->stream_in_hi = stream->get_stream_id();
Http2Module::increment_peg_counts(PEG_TOTAL_BYTES, (uint64_t)(FRAME_HEADER_L ENGTH) + Http2Module::increment_peg_counts(PEG_TOTAL_BYTES, (uint64_t)(FRAME_HEADER_L ENGTH) +
session_data->frame_data_size[source_id]); session_data->frame_data_size[source_id]);
uint8_t* const frame_header_copy = new uint8_t[FRAME_HEADER_LENGTH]; uint8_t* const frame_header_copy = new uint8_t[FRAME_HEADER_LENGTH];
memcpy(frame_header_copy, session_data->lead_frame_header[source_id], FRAME_ HEADER_LENGTH); memcpy(frame_header_copy, session_data->lead_frame_header[source_id], FRAME_ HEADER_LENGTH);
stream->eval_frame(frame_header_copy, FRAME_HEADER_LENGTH, stream->eval_frame(frame_header_copy, FRAME_HEADER_LENGTH,
session_data->frame_data[source_id], session_data->frame_data_size[sourc e_id], source_id); session_data->frame_data[source_id], session_data->frame_data_size[sourc e_id], source_id, p);
if (!stream->get_current_frame()->is_detection_required()) if (!stream->get_current_frame()->is_detection_required())
DetectionEngine::disable_all(p); DetectionEngine::disable_all(p);
p->xtradata_mask |= stream->get_xtradata_mask();
// The current frame now owns these buffers, clear them from the flow data // The current frame now owns these buffers, clear them from the flow data
session_data->frame_data[source_id] = nullptr; session_data->frame_data[source_id] = nullptr;
session_data->frame_data_size[source_id] = 0; session_data->frame_data_size[source_id] = 0;
session_data->frame_in_detection = true; session_data->frame_in_detection = true;
#ifdef REG_TEST #ifdef REG_TEST
if (HttpTestManager::use_test_output(HttpTestManager::IN_HTTP2)) if (HttpTestManager::use_test_output(HttpTestManager::IN_HTTP2))
{ {
skipping to change at line 202 skipping to change at line 201
if (!session_data->frame_in_detection) if (!session_data->frame_in_detection)
{ {
assert(session_data->stream_in_hi == NO_STREAM_ID); assert(session_data->stream_in_hi == NO_STREAM_ID);
return; return;
} }
session_data->frame_in_detection = false; session_data->frame_in_detection = false;
Http2Stream* stream = session_data->find_processing_stream(); Http2Stream* stream = session_data->find_processing_stream();
assert(stream != nullptr); assert(stream != nullptr);
stream->clear_frame(); stream->clear_frame(p);
if (session_data->delete_stream) if (session_data->delete_stream)
session_data->delete_processing_stream(); session_data->delete_processing_stream();
session_data->stream_in_hi = NO_STREAM_ID; session_data->stream_in_hi = NO_STREAM_ID;
session_data->processing_stream_id = NO_STREAM_ID; session_data->processing_stream_id = NO_STREAM_ID;
session_data->processing_partial_header = false; session_data->processing_partial_header = false;
session_data->set_hi_msg_section(nullptr); session_data->set_hi_msg_section(nullptr);
} }
void Http2Inspect::show(const SnortConfig*) const void Http2Inspect::show(const SnortConfig*) const
{ {
 End of changes. 4 change blocks. 
4 lines changed or deleted 3 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)