From bf236e4567ac05de3021567e56ef1fb39e9429ea Mon Sep 17 00:00:00 2001 From: Gurvinder Singh Date: Tue, 9 Feb 2010 22:09:10 +0100 Subject: [PATCH] better htp memory handling & flow valgrind error fixed --- src/app-layer-htp.c | 111 ++++++++++++++++++++++++++------------------ src/flow.c | 3 +- 2 files changed, 68 insertions(+), 46 deletions(-) diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index bd13505164..7e0b71ac22 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -183,32 +183,39 @@ static int HTPHandleRequestData(Flow *f, void *htp_state, } r = htp_connp_req_data(hstate->connp, 0, input, input_len); - if (r == STREAM_STATE_ERROR || r == STREAM_STATE_DATA_OTHER) - { - if (r == STREAM_STATE_DATA_OTHER) { - SCLogDebug("CONNECT not supported yet"); - } else { + switch(r) { + case STREAM_STATE_ERROR: if (hstate->connp->last_error != NULL) { - SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client request: " - "[%"PRId32"] [%s] [%"PRId32"] %s", hstate->connp->last_error->level, - hstate->connp->last_error->file, hstate->connp->last_error->line, - hstate->connp->last_error->msg); + SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client " + "request: [%"PRId32"] [%s] [%"PRId32"] %s", + hstate->connp->last_error->level, + hstate->connp->last_error->file, + hstate->connp->last_error->line, + hstate->connp->last_error->msg); } else { - SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client request"); + SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP client " + "request"); } - } - hstate->flags |= HTP_FLAG_STATE_ERROR; - hstate->flags &= ~HTP_FLAG_STATE_DATA; - hstate->flags &= ~HTP_NEW_BODY_SET; - ret = -1; - - } else if (r == STREAM_STATE_DATA) { - hstate->flags |= HTP_FLAG_STATE_DATA; - } else { - hstate->flags &= ~HTP_FLAG_STATE_DATA; - hstate->flags &= ~HTP_NEW_BODY_SET; - } + hstate->flags |= HTP_FLAG_STATE_ERROR; + hstate->flags &= ~HTP_FLAG_STATE_DATA; + hstate->flags &= ~HTP_NEW_BODY_SET; + ret = -1; + break; + case STREAM_STATE_DATA: + hstate->flags |= HTP_FLAG_STATE_DATA; + break; + case STREAM_STATE_DATA_OTHER: + SCLogDebug("CONNECT not supported yet"); + hstate->flags |= HTP_FLAG_STATE_ERROR; + hstate->flags &= ~HTP_FLAG_STATE_DATA; + hstate->flags &= ~HTP_NEW_BODY_SET; + ret = -1; + break; + default: + hstate->flags &= ~HTP_FLAG_STATE_DATA; + hstate->flags &= ~HTP_NEW_BODY_SET; + } /* if we the TCP connection is closed, then close the HTTP connection */ if ((pstate->flags & APP_LAYER_PARSER_EOF) && @@ -252,32 +259,38 @@ static int HTPHandleResponseData(Flow *f, void *htp_state, hstate->flags &= ~HTP_NEW_BODY_SET; r = htp_connp_res_data(hstate->connp, 0, input, input_len); - if (r == STREAM_STATE_ERROR || r == STREAM_STATE_DATA_OTHER) - { - if (r == STREAM_STATE_DATA_OTHER) { - SCLogDebug("CONNECT not supported yet"); - } else { - + switch(r) { + case STREAM_STATE_ERROR: if (hstate->connp->last_error != NULL) { - SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server response: " - "[%"PRId32"] [%s] [%"PRId32"] %s", hstate->connp->last_error->level, - hstate->connp->last_error->file, hstate->connp->last_error->line, - hstate->connp->last_error->msg); + SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server " + "response: [%"PRId32"] [%s] [%"PRId32"] %s", + hstate->connp->last_error->level, + hstate->connp->last_error->file, + hstate->connp->last_error->line, + hstate->connp->last_error->msg); } else { - SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server response"); + SCLogError(SC_ERR_ALPARSER, "Error in parsing HTTP server " + "response"); } - } - hstate->flags = HTP_FLAG_STATE_ERROR; - hstate->flags &= ~HTP_FLAG_STATE_DATA; - hstate->flags &= ~HTP_NEW_BODY_SET; - ret = -1; - - } else if (r == STREAM_STATE_DATA) { - hstate->flags |= HTP_FLAG_STATE_DATA; - } else { - hstate->flags &= ~HTP_FLAG_STATE_DATA; - hstate->flags &= ~HTP_NEW_BODY_SET; - } + hstate->flags = HTP_FLAG_STATE_ERROR; + hstate->flags &= ~HTP_FLAG_STATE_DATA; + hstate->flags &= ~HTP_NEW_BODY_SET; + ret = -1; + break; + case STREAM_STATE_DATA: + hstate->flags |= HTP_FLAG_STATE_DATA; + break; + case STREAM_STATE_DATA_OTHER: + SCLogDebug("CONNECT not supported yet"); + hstate->flags = HTP_FLAG_STATE_ERROR; + hstate->flags &= ~HTP_FLAG_STATE_DATA; + hstate->flags &= ~HTP_NEW_BODY_SET; + ret = -1; + break; + default: + hstate->flags &= ~HTP_FLAG_STATE_DATA; + hstate->flags &= ~HTP_NEW_BODY_SET; + } /* if we the TCP connection is closed, then close the HTTP connection */ if ((pstate->flags & APP_LAYER_PARSER_EOF) && @@ -500,6 +513,14 @@ static int HTPCallbackResponse(htp_connp_t *connp) { } } + /* Clear the trasactions which are processed by the engine from libhtp. + This helps in reducing the meory consumptions of libhtp */ + while (list_size(hstate->connp->conn->transactions) > 0) { + htp_tx_t *tx = list_pop(hstate->connp->conn->transactions); + if (tx != NULL) + htp_tx_destroy(tx); + } + SCReturnInt(0); } diff --git a/src/flow.c b/src/flow.c index 7fec7ca57e..206855b432 100644 --- a/src/flow.c +++ b/src/flow.c @@ -628,7 +628,7 @@ void *FlowManagerThread(void *td) uint32_t sleeping = 0; uint8_t emerg = FALSE; - memset(&tsdiff, 0, sizeof(tsdiff)); + memset(&ts, 0, sizeof(ts)); SCLogDebug("%s started...", th_v->name); @@ -702,6 +702,7 @@ void *FlowManagerThread(void *td) } else { /* If we are reading a pcap, how long the pcap timestamps * says that has passed */ + memset(&tsdiff, 0, sizeof(tsdiff)); TimeGet(&tsdiff); if (tsdiff.tv_sec == ts.tv_sec &&