From 61a6eaf3307f60f3e856fcbbe72aba0b56c9bb79 Mon Sep 17 00:00:00 2001
From: Jason Ish <jason.ish@oisf.net>
Date: Thu, 12 Sep 2019 14:53:07 -0600
Subject: [PATCH] htp/lzma: set limit from configuration

Also use a default defined in Suricata, not libhtp.
---
 src/app-layer-htp.c | 9 ++++++---
 src/app-layer-htp.h | 3 +++
 suricata.yaml.in    | 3 +++
 3 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c
index b2ebf9d0a5..141c69afe3 100644
--- a/src/app-layer-htp.c
+++ b/src/app-layer-htp.c
@@ -2330,7 +2330,10 @@ static void HTPConfigSetDefaultsPhase1(HTPCfgRec *cfg_prec)
 
     /* don't convert + to space by default */
     htp_config_set_plusspace_decode(cfg_prec->cfg, HTP_DECODER_URLENCODED, 0);
-
+#ifdef HAVE_HTP_CONFIG_SET_LZMA_MEMLIMIT
+    htp_config_set_lzma_memlimit(cfg_prec->cfg,
+            HTP_CONFIG_DEFAULT_LZMA_MEMLIMIT);
+#endif
     /* libhtp <= 0.5.9 doesn't use soft limit, but it's impossible to set
      * only the hard limit. So we set both here to the (current) htp defaults.
      * The reason we do this is that if the user sets the hard limit in the
@@ -2651,8 +2654,8 @@ static void HTPConfigParseParameters(HTPCfgRec *cfg_prec, ConfNode *s,
                            "from conf file cannot be 0.");
             }
             /* set default soft-limit with our new hard limit */
-            htp_config_set_lzma_memlimit(cfg_prec->cfg,
-                    (size_t)limit);
+            SCLogConfig("Setting HTTP LZMA memory limit to %"PRIu32" bytes", limit);
+            htp_config_set_lzma_memlimit(cfg_prec->cfg, (size_t)limit);
 #endif
         } else if (strcasecmp("randomize-inspection-sizes", p->name) == 0) {
             if (!g_disable_randomness) {
diff --git a/src/app-layer-htp.h b/src/app-layer-htp.h
index 59a741aa36..45fe4017bd 100644
--- a/src/app-layer-htp.h
+++ b/src/app-layer-htp.h
@@ -51,6 +51,9 @@
 #define HTP_CONFIG_DEFAULT_FIELD_LIMIT_SOFT             9000U
 #define HTP_CONFIG_DEFAULT_FIELD_LIMIT_HARD             18000U
 
+/* default libhtp lzma limit, taken from libhtp. */
+#define HTP_CONFIG_DEFAULT_LZMA_MEMLIMIT                1048576U
+
 #define HTP_CONFIG_DEFAULT_RANDOMIZE                    1
 #define HTP_CONFIG_DEFAULT_RANDOMIZE_RANGE              10
 
diff --git a/suricata.yaml.in b/suricata.yaml.in
index bbcf006bbe..31cfcc7309 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -963,6 +963,9 @@ app-layer:
            double-decode-path: no
            double-decode-query: no
 
+           # LZMA decompression memory limit.
+           #lzma-memlimit: 1 Mb
+
          server-config:
 
            #- apache: