htp/lzma: set limit from configuration

Also use a default defined in Suricata, not libhtp.

src/app-layer-htp.c

@@ -2330,7 +2330,10 @@ static void HTPConfigSetDefaultsPhase1(HTPCfgRec *cfg_prec)
 
     /* don't convert + to space by default */
     htp_config_set_plusspace_decode(cfg_prec->cfg, HTP_DECODER_URLENCODED, 0);
-
+#ifdef HAVE_HTP_CONFIG_SET_LZMA_MEMLIMIT
+    htp_config_set_lzma_memlimit(cfg_prec->cfg,
+            HTP_CONFIG_DEFAULT_LZMA_MEMLIMIT);
+#endif
     /* libhtp <= 0.5.9 doesn't use soft limit, but it's impossible to set
      * only the hard limit. So we set both here to the (current) htp defaults.
      * The reason we do this is that if the user sets the hard limit in the
@@ -2651,8 +2654,8 @@ static void HTPConfigParseParameters(HTPCfgRec *cfg_prec, ConfNode *s,
                            "from conf file cannot be 0.");
             }
             /* set default soft-limit with our new hard limit */
-            htp_config_set_lzma_memlimit(cfg_prec->cfg,
+            SCLogConfig("Setting HTTP LZMA memory limit to %"PRIu32" bytes", limit);
-                    (size_t)limit);
+            htp_config_set_lzma_memlimit(cfg_prec->cfg, (size_t)limit);
 #endif
         } else if (strcasecmp("randomize-inspection-sizes", p->name) == 0) {
             if (!g_disable_randomness) {

src/app-layer-htp.h

@@ -51,6 +51,9 @@
 #define HTP_CONFIG_DEFAULT_FIELD_LIMIT_SOFT             9000U
 #define HTP_CONFIG_DEFAULT_FIELD_LIMIT_HARD             18000U
 
+/* default libhtp lzma limit, taken from libhtp. */
+#define HTP_CONFIG_DEFAULT_LZMA_MEMLIMIT                1048576U
+
 #define HTP_CONFIG_DEFAULT_RANDOMIZE                    1
 #define HTP_CONFIG_DEFAULT_RANDOMIZE_RANGE              10
 

suricata.yaml.in

@@ -963,6 +963,9 @@ app-layer:
            double-decode-path: no
            double-decode-query: no
 
+           # LZMA decompression memory limit.
+           #lzma-memlimit: 1 Mb
+
          server-config:
 
            #- apache: