aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

http: make client and server body inspection more robust in cases where realloc fails

Browse Source
remotes/origin/HEAD
Victor Julien 13 years ago
parent 60c3af9303
commit 108da566bc
2 changed files with 70 additions and 54 deletions
Show Stats Download Patch File Download Diff File

62
src/detect-engine-hcbd.c
Unescape Escape View File

@ -97,10 +97,12 @@ static void DetectEngineBufferHttpClientBodies(DetectEngineCtx *de_ctx,
size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx; size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx;
/* no transactions?! cool. get out of here */ /* no transactions?! cool. get out of here */
if (txs == 0) { if (txs == 0) {
det_ctx->hcbd_buffers_list_len = 0;
goto end; goto end;
} else if (txs > det_ctx->hcbd_buffers_list_len) { } else if (txs > det_ctx->hcbd_buffers_list_len) {
det_ctx->hcbd = SCRealloc(det_ctx->hcbd, txs * sizeof(HttpReassembledBody)); det_ctx->hcbd = SCRealloc(det_ctx->hcbd, txs * sizeof(HttpReassembledBody));
if (det_ctx->hcbd == NULL) { if (det_ctx->hcbd == NULL) {
det_ctx->hcbd_buffers_list_len = 0;
goto end; goto end;
} }
@ -233,14 +235,16 @@ int DetectEngineRunHttpClientBodyMpm(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state); DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
if (det_ctx->hcbd[i].buffer_len == 0) for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
continue; if (det_ctx->hcbd[i].buffer_len == 0)
continue;
cnt += HttpClientBodyPatternSearch(det_ctx, cnt += HttpClientBodyPatternSearch(det_ctx,
det_ctx->hcbd[i].buffer, det_ctx->hcbd[i].buffer,
det_ctx->hcbd[i].buffer_len, det_ctx->hcbd[i].buffer_len,
flags); flags);
}
} }
return cnt; return cnt;
@ -272,24 +276,26 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate); DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
uint8_t *hcbd_buffer = det_ctx->hcbd[i].buffer; for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
uint32_t hcbd_buffer_len = det_ctx->hcbd[i].buffer_len; uint8_t *hcbd_buffer = det_ctx->hcbd[i].buffer;
uint32_t hcbd_buffer_len = det_ctx->hcbd[i].buffer_len;
if (hcbd_buffer == NULL || hcbd_buffer_len == 0)
continue; if (hcbd_buffer == NULL || hcbd_buffer_len == 0)
continue;
det_ctx->buffer_offset = 0;
det_ctx->discontinue_matching = 0; det_ctx->buffer_offset = 0;
det_ctx->inspection_recursion_counter = 0; det_ctx->discontinue_matching = 0;
det_ctx->inspection_recursion_counter = 0;
r = DetectEngineContentInspection(de_ctx, det_ctx, s, s->sm_lists[DETECT_SM_LIST_HCBDMATCH],
f, r = DetectEngineContentInspection(de_ctx, det_ctx, s, s->sm_lists[DETECT_SM_LIST_HCBDMATCH],
hcbd_buffer, f,
hcbd_buffer_len, hcbd_buffer,
DETECT_ENGINE_CONTENT_INSPECTION_MODE_HCBD, NULL); hcbd_buffer_len,
if (r == 1) { DETECT_ENGINE_CONTENT_INSPECTION_MODE_HCBD, NULL);
break; if (r == 1) {
break;
}
} }
} }
@ -304,8 +310,10 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
void DetectEngineCleanHCBDBuffers(DetectEngineThreadCtx *det_ctx) void DetectEngineCleanHCBDBuffers(DetectEngineThreadCtx *det_ctx)
{ {
int i; int i;
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
det_ctx->hcbd[i].buffer_len = 0; for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
det_ctx->hcbd[i].buffer_len = 0;
}
} }
return; return;
} }

62
src/detect-engine-hsbd.c
Unescape Escape View File

@ -98,10 +98,12 @@ static void DetectEngineBufferHttpServerBodies(DetectEngineCtx *de_ctx,
size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx; size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx;
/* no transactions?! cool. get out of here */ /* no transactions?! cool. get out of here */
if (txs == 0) { if (txs == 0) {
det_ctx->hsbd_buffers_list_len = 0;
goto end; goto end;
} else if (txs > det_ctx->hsbd_buffers_list_len) { } else if (txs > det_ctx->hsbd_buffers_list_len) {
det_ctx->hsbd = SCRealloc(det_ctx->hsbd, txs * sizeof(HttpReassembledBody)); det_ctx->hsbd = SCRealloc(det_ctx->hsbd, txs * sizeof(HttpReassembledBody));
if (det_ctx->hsbd == NULL) { if (det_ctx->hsbd == NULL) {
det_ctx->hsbd_buffers_list_len = 0;
goto end; goto end;
} }
@ -229,14 +231,16 @@ int DetectEngineRunHttpServerBodyMpm(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, htp_state); DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, htp_state);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
if (det_ctx->hsbd[i].buffer_len == 0) for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
continue; if (det_ctx->hsbd[i].buffer_len == 0)
continue;
cnt += HttpServerBodyPatternSearch(det_ctx, cnt += HttpServerBodyPatternSearch(det_ctx,
det_ctx->hsbd[i].buffer, det_ctx->hsbd[i].buffer,
det_ctx->hsbd[i].buffer_len, det_ctx->hsbd[i].buffer_len,
flags); flags);
}
} }
return cnt; return cnt;
@ -268,24 +272,26 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, alstate); DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, alstate);
FLOWLOCK_UNLOCK(f); FLOWLOCK_UNLOCK(f);
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
uint8_t *hsbd_buffer = det_ctx->hsbd[i].buffer; for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
uint32_t hsbd_buffer_len = det_ctx->hsbd[i].buffer_len; uint8_t *hsbd_buffer = det_ctx->hsbd[i].buffer;
uint32_t hsbd_buffer_len = det_ctx->hsbd[i].buffer_len;
if (hsbd_buffer == NULL || hsbd_buffer_len == 0)
continue; if (hsbd_buffer == NULL || hsbd_buffer_len == 0)
continue;
det_ctx->buffer_offset = 0;
det_ctx->discontinue_matching = 0; det_ctx->buffer_offset = 0;
det_ctx->inspection_recursion_counter = 0; det_ctx->discontinue_matching = 0;
det_ctx->inspection_recursion_counter = 0;
r = DetectEngineContentInspection(de_ctx, det_ctx, s, s->sm_lists[DETECT_SM_LIST_HSBDMATCH],
f, r = DetectEngineContentInspection(de_ctx, det_ctx, s, s->sm_lists[DETECT_SM_LIST_HSBDMATCH],
hsbd_buffer, f,
hsbd_buffer_len, hsbd_buffer,
DETECT_ENGINE_CONTENT_INSPECTION_MODE_HSBD, NULL); hsbd_buffer_len,
if (r == 1) { DETECT_ENGINE_CONTENT_INSPECTION_MODE_HSBD, NULL);
break; if (r == 1) {
break;
}
} }
} }
@ -300,8 +306,10 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
void DetectEngineCleanHSBDBuffers(DetectEngineThreadCtx *det_ctx) void DetectEngineCleanHSBDBuffers(DetectEngineThreadCtx *det_ctx)
{ {
int i; int i;
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
det_ctx->hsbd[i].buffer_len = 0; for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
det_ctx->hsbd[i].buffer_len = 0;
}
} }
return; return;
} }

Write Preview
Loading…
Cancel
Save