aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

better htp memory handling & flow valgrind error fixed

Browse Source
remotes/origin/master-1.0.x
Gurvinder Singh 15 years ago committed by Victor Julien
parent 763fb4a583
commit bf236e4567
2 changed files with 68 additions and 46 deletions
Show Stats Download Patch File Download Diff File

111
src/app-layer-htp.c
Unescape Escape View File

@ -183,32 +183,39 @@ static int HTPHandleRequestData(Flow *f, void *htp_state,
}
r = htp_connp_req_data(hstate->connp, 0, input, input_len);
if (r == STREAM_STATE_ERROR || r == STREAM_STATE_DATA_OTHER)
{
if (r == STREAM_STATE_DATA_OTHER) {
SCLogDebug("CONNECT not supported yet");
} else {
switch(r) {
case STREAM_STATE_ERROR:
if (hstate->connp->last_error != NULL) {
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client request: "
"[%"PRId32"] [%s] [%"PRId32"] %s", hstate->connp->last_error->level,
hstate->connp->last_error->file, hstate->connp->last_error->line,
hstate->connp->last_error->msg);
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client "
"request: [%"PRId32"] [%s] [%"PRId32"] %s",
hstate->connp->last_error->level,
hstate->connp->last_error->file,
hstate->connp->last_error->line,
hstate->connp->last_error->msg);
} else {
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client request");
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client "
"request");
}
}
hstate->flags |= HTP_FLAG_STATE_ERROR;
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
ret = -1;
} else if (r == STREAM_STATE_DATA) {
hstate->flags |= HTP_FLAG_STATE_DATA;
} else {
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
}
hstate->flags |= HTP_FLAG_STATE_ERROR;
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
ret = -1;
break;
case STREAM_STATE_DATA:
hstate->flags |= HTP_FLAG_STATE_DATA;
break;
case STREAM_STATE_DATA_OTHER:
SCLogDebug("CONNECT not supported yet");
hstate->flags |= HTP_FLAG_STATE_ERROR;
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
ret = -1;
break;
default:
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
}
/* if we the TCP connection is closed, then close the HTTP connection */
if ((pstate->flags & APP_LAYER_PARSER_EOF) &&
@ -252,32 +259,38 @@ static int HTPHandleResponseData(Flow *f, void *htp_state,
hstate->flags &= ~HTP_NEW_BODY_SET;
r = htp_connp_res_data(hstate->connp, 0, input, input_len);
if (r == STREAM_STATE_ERROR || r == STREAM_STATE_DATA_OTHER)
{
if (r == STREAM_STATE_DATA_OTHER) {
SCLogDebug("CONNECT not supported yet");
} else {
switch(r) {
case STREAM_STATE_ERROR:
if (hstate->connp->last_error != NULL) {
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server response: "
"[%"PRId32"] [%s] [%"PRId32"] %s", hstate->connp->last_error->level,
hstate->connp->last_error->file, hstate->connp->last_error->line,
hstate->connp->last_error->msg);
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server "
"response: [%"PRId32"] [%s] [%"PRId32"] %s",
hstate->connp->last_error->level,
hstate->connp->last_error->file,
hstate->connp->last_error->line,
hstate->connp->last_error->msg);
} else {
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server response");
SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server "
"response");
}
}
hstate->flags = HTP_FLAG_STATE_ERROR;
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
ret = -1;
} else if (r == STREAM_STATE_DATA) {
hstate->flags |= HTP_FLAG_STATE_DATA;
} else {
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
}
hstate->flags = HTP_FLAG_STATE_ERROR;
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
ret = -1;
break;
case STREAM_STATE_DATA:
hstate->flags |= HTP_FLAG_STATE_DATA;
break;
case STREAM_STATE_DATA_OTHER:
SCLogDebug("CONNECT not supported yet");
hstate->flags = HTP_FLAG_STATE_ERROR;
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
ret = -1;
break;
default:
hstate->flags &= ~HTP_FLAG_STATE_DATA;
hstate->flags &= ~HTP_NEW_BODY_SET;
}
/* if we the TCP connection is closed, then close the HTTP connection */
if ((pstate->flags & APP_LAYER_PARSER_EOF) &&
@ -500,6 +513,14 @@ static int HTPCallbackResponse(htp_connp_t *connp) {
}
}
/* Clear the trasactions which are processed by the engine from libhtp.
This helps in reducing the meory consumptions of libhtp */
while (list_size(hstate->connp->conn->transactions) > 0) {
htp_tx_t *tx = list_pop(hstate->connp->conn->transactions);
if (tx != NULL)
htp_tx_destroy(tx);
}
SCReturnInt(0);
}

3
src/flow.c
Unescape Escape View File

@ -628,7 +628,7 @@ void *FlowManagerThread(void *td)
uint32_t sleeping = 0;
uint8_t emerg = FALSE;
memset(&tsdiff, 0, sizeof(tsdiff));
memset(&ts, 0, sizeof(ts));
SCLogDebug("%s started...", th_v->name);
@ -702,6 +702,7 @@ void *FlowManagerThread(void *td)
} else {
/* If we are reading a pcap, how long the pcap timestamps
* says that has passed */
memset(&tsdiff, 0, sizeof(tsdiff));
TimeGet(&tsdiff);
if (tsdiff.tv_sec == ts.tv_sec &&

Write Preview
Loading…
Cancel
Save