aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

http: make client and server body inspection more robust in cases where realloc fails

Browse Source
remotes/origin/HEAD
Victor Julien 13 years ago
parent 60c3af9303
commit 108da566bc
2 changed files with 70 additions and 54 deletions
Show Stats Download Patch File Download Diff File

8
src/detect-engine-hcbd.c
Unescape Escape View File

@ -97,10 +97,12 @@ static void DetectEngineBufferHttpClientBodies(DetectEngineCtx *de_ctx,
size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx; size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx;
/* no transactions?! cool. get out of here */ /* no transactions?! cool. get out of here */
if (txs == 0) { if (txs == 0) {
det_ctx->hcbd_buffers_list_len = 0;
goto end; goto end;
} else if (txs > det_ctx->hcbd_buffers_list_len) { } else if (txs > det_ctx->hcbd_buffers_list_len) {
det_ctx->hcbd = SCRealloc(det_ctx->hcbd, txs * sizeof(HttpReassembledBody)); det_ctx->hcbd = SCRealloc(det_ctx->hcbd, txs * sizeof(HttpReassembledBody));
if (det_ctx->hcbd == NULL) { if (det_ctx->hcbd == NULL) {
det_ctx->hcbd_buffers_list_len = 0;
goto end; goto end;
} }
@ -233,6 +235,7 @@ int DetectEngineRunHttpClientBodyMpm(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state); DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
if (det_ctx->hcbd[i].buffer_len == 0) if (det_ctx->hcbd[i].buffer_len == 0)
continue; continue;
@ -242,6 +245,7 @@ int DetectEngineRunHttpClientBodyMpm(DetectEngineCtx *de_ctx,
det_ctx->hcbd[i].buffer_len, det_ctx->hcbd[i].buffer_len,
flags); flags);
} }
}
return cnt; return cnt;
} }
@ -272,6 +276,7 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate); DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
uint8_t *hcbd_buffer = det_ctx->hcbd[i].buffer; uint8_t *hcbd_buffer = det_ctx->hcbd[i].buffer;
uint32_t hcbd_buffer_len = det_ctx->hcbd[i].buffer_len; uint32_t hcbd_buffer_len = det_ctx->hcbd[i].buffer_len;
@ -292,6 +297,7 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
break; break;
} }
} }
}
SCReturnInt(r); SCReturnInt(r);
} }
@ -304,9 +310,11 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
void DetectEngineCleanHCBDBuffers(DetectEngineThreadCtx *det_ctx) void DetectEngineCleanHCBDBuffers(DetectEngineThreadCtx *det_ctx)
{ {
int i; int i;
if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
det_ctx->hcbd[i].buffer_len = 0; det_ctx->hcbd[i].buffer_len = 0;
} }
}
return; return;
} }

8
src/detect-engine-hsbd.c
Unescape Escape View File

@ -98,10 +98,12 @@ static void DetectEngineBufferHttpServerBodies(DetectEngineCtx *de_ctx,
size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx; size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx;
/* no transactions?! cool. get out of here */ /* no transactions?! cool. get out of here */
if (txs == 0) { if (txs == 0) {
det_ctx->hsbd_buffers_list_len = 0;
goto end; goto end;
} else if (txs > det_ctx->hsbd_buffers_list_len) { } else if (txs > det_ctx->hsbd_buffers_list_len) {
det_ctx->hsbd = SCRealloc(det_ctx->hsbd, txs * sizeof(HttpReassembledBody)); det_ctx->hsbd = SCRealloc(det_ctx->hsbd, txs * sizeof(HttpReassembledBody));
if (det_ctx->hsbd == NULL) { if (det_ctx->hsbd == NULL) {
det_ctx->hsbd_buffers_list_len = 0;
goto end; goto end;
} }
@ -229,6 +231,7 @@ int DetectEngineRunHttpServerBodyMpm(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, htp_state); DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, htp_state);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
if (det_ctx->hsbd[i].buffer_len == 0) if (det_ctx->hsbd[i].buffer_len == 0)
continue; continue;
@ -238,6 +241,7 @@ int DetectEngineRunHttpServerBodyMpm(DetectEngineCtx *de_ctx,
det_ctx->hsbd[i].buffer_len, det_ctx->hsbd[i].buffer_len,
flags); flags);
} }
}
return cnt; return cnt;
} }
@ -268,6 +272,7 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, alstate); DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, alstate);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
uint8_t *hsbd_buffer = det_ctx->hsbd[i].buffer; uint8_t *hsbd_buffer = det_ctx->hsbd[i].buffer;
uint32_t hsbd_buffer_len = det_ctx->hsbd[i].buffer_len; uint32_t hsbd_buffer_len = det_ctx->hsbd[i].buffer_len;
@ -288,6 +293,7 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
break; break;
} }
} }
}
SCReturnInt(r); SCReturnInt(r);
} }
@ -300,9 +306,11 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
void DetectEngineCleanHSBDBuffers(DetectEngineThreadCtx *det_ctx) void DetectEngineCleanHSBDBuffers(DetectEngineThreadCtx *det_ctx)
{ {
int i; int i;
if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
det_ctx->hsbd[i].buffer_len = 0; det_ctx->hsbd[i].buffer_len = 0;
} }
}
return; return;
} }

Write Preview
Loading…
Cancel
Save