aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

http: make client and server body inspection more robust in cases where realloc fails

Browse Source
remotes/origin/HEAD
Victor Julien 13 years ago
parent 60c3af9303
commit 108da566bc
2 changed files with 70 additions and 54 deletions
Show Stats Download Patch File Download Diff File

8
src/detect-engine-hcbd.c
Unescape Escape View File

@ -97,10 +97,12 @@ static void DetectEngineBufferHttpClientBodies(DetectEngineCtx *de_ctx,
size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx;
/* no transactions?! cool. get out of here */
if (txs == 0) {
det_ctx->hcbd_buffers_list_len = 0;
goto end;
} else if (txs > det_ctx->hcbd_buffers_list_len) {
det_ctx->hcbd = SCRealloc(det_ctx->hcbd, txs * sizeof(HttpReassembledBody));
if (det_ctx->hcbd == NULL) {
det_ctx->hcbd_buffers_list_len = 0;
goto end;
}
@ -233,6 +235,7 @@ int DetectEngineRunHttpClientBodyMpm(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state);
FLOWLOCK_UNLOCK(f);
if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
if (det_ctx->hcbd[i].buffer_len == 0)
continue;
@ -242,6 +245,7 @@ int DetectEngineRunHttpClientBodyMpm(DetectEngineCtx *de_ctx,
det_ctx->hcbd[i].buffer_len,
flags);
}
}
return cnt;
}
@ -272,6 +276,7 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate);
FLOWLOCK_UNLOCK(f);
if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
uint8_t *hcbd_buffer = det_ctx->hcbd[i].buffer;
uint32_t hcbd_buffer_len = det_ctx->hcbd[i].buffer_len;
@ -292,6 +297,7 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
break;
}
}
}
SCReturnInt(r);
}
@ -304,9 +310,11 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx,
void DetectEngineCleanHCBDBuffers(DetectEngineThreadCtx *det_ctx)
{
int i;
if (det_ctx->hcbd != NULL && det_ctx->hcbd_buffers_list_len) {
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
det_ctx->hcbd[i].buffer_len = 0;
}
}
return;
}

8
src/detect-engine-hsbd.c
Unescape Escape View File

@ -98,10 +98,12 @@ static void DetectEngineBufferHttpServerBodies(DetectEngineCtx *de_ctx,
size_t txs = list_size(htp_state->connp->conn->transactions) - tmp_idx;
/* no transactions?! cool. get out of here */
if (txs == 0) {
det_ctx->hsbd_buffers_list_len = 0;
goto end;
} else if (txs > det_ctx->hsbd_buffers_list_len) {
det_ctx->hsbd = SCRealloc(det_ctx->hsbd, txs * sizeof(HttpReassembledBody));
if (det_ctx->hsbd == NULL) {
det_ctx->hsbd_buffers_list_len = 0;
goto end;
}
@ -229,6 +231,7 @@ int DetectEngineRunHttpServerBodyMpm(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, htp_state);
FLOWLOCK_UNLOCK(f);
if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
if (det_ctx->hsbd[i].buffer_len == 0)
continue;
@ -238,6 +241,7 @@ int DetectEngineRunHttpServerBodyMpm(DetectEngineCtx *de_ctx,
det_ctx->hsbd[i].buffer_len,
flags);
}
}
return cnt;
}
@ -268,6 +272,7 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, alstate);
FLOWLOCK_UNLOCK(f);
if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
uint8_t *hsbd_buffer = det_ctx->hsbd[i].buffer;
uint32_t hsbd_buffer_len = det_ctx->hsbd[i].buffer_len;
@ -288,6 +293,7 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
break;
}
}
}
SCReturnInt(r);
}
@ -300,9 +306,11 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx,
void DetectEngineCleanHSBDBuffers(DetectEngineThreadCtx *det_ctx)
{
int i;
if (det_ctx->hsbd != NULL && det_ctx->hsbd_buffers_list_len) {
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
det_ctx->hsbd[i].buffer_len = 0;
}
}
return;
}

Write Preview
Loading…
Cancel
Save