From c229621be4abccad50cc123fc95ac2e6fa4a020d Mon Sep 17 00:00:00 2001
From: Shivani Bhardwaj <shivani@oisf.net>
Date: Mon, 5 Jun 2023 16:17:37 +0530
Subject: [PATCH] ftp: mark LF found per line

Currently, there is no way to mark if LF was found and then the line was
truncated. It becomes difficult to spot in the callers whether the line
was truncated despite LF being found or not. So, label it clearly with a
variable.
---
 src/app-layer-ftp.c | 11 +++++++++--
 src/app-layer-ftp.h |  1 +
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/app-layer-ftp.c b/src/app-layer-ftp.c
index 14572059ae..db2b47c8da 100644
--- a/src/app-layer-ftp.c
+++ b/src/app-layer-ftp.c
@@ -391,6 +391,7 @@ static AppLayerResult FTPGetLineForDirection(
         input->consumed = lf_idx - input->buf + 1;
         line->len = input->consumed - o_consumed;
         input->len -= line->len;
+        line->lf_found = true;
         DEBUG_VALIDATE_BUG_ON((input->consumed + input->len) != input->orig_len);
         line->buf = input->buf + o_consumed;
         if (line->len >= ftp_max_line_len) {
@@ -511,7 +512,7 @@ static AppLayerResult FTPParseRequest(Flow *f, void *ftp_state, AppLayerParserSt
     }
 
     FtpInput ftpi = { .buf = input, .len = input_len, .orig_len = input_len, .consumed = 0 };
-    FtpLineState line = { .buf = NULL, .len = 0, .delim_len = 0 };
+    FtpLineState line = { .buf = NULL, .len = 0, .delim_len = 0, .lf_found = false };
 
     uint8_t direction = STREAM_TOSERVER;
     AppLayerResult res;
@@ -539,6 +540,9 @@ static AppLayerResult FTPParseRequest(Flow *f, void *ftp_state, AppLayerParserSt
         tx->request_length = CopyCommandLine(&tx->request, &line);
         tx->request_truncated = state->current_line_truncated_ts;
 
+        if (line.lf_found) {
+            state->current_line_truncated_ts = false;
+        }
         if (tx->request_truncated) {
             AppLayerDecoderEventsSetEventRaw(&tx->tx_data.events, FtpEventRequestCommandTooLong);
         }
@@ -701,7 +705,7 @@ static AppLayerResult FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserS
         SCReturnStruct(APP_LAYER_OK);
     }
     FtpInput ftpi = { .buf = input, .len = input_len, .orig_len = input_len, .consumed = 0 };
-    FtpLineState line = { .buf = NULL, .len = 0, .delim_len = 0 };
+    FtpLineState line = { .buf = NULL, .len = 0, .delim_len = 0, .lf_found = false };
 
     FTPTransaction *lasttx = TAILQ_FIRST(&state->tx_list);
     AppLayerResult res;
@@ -782,6 +786,9 @@ static AppLayerResult FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserS
                     AppLayerDecoderEventsSetEventRaw(
                             &tx->tx_data.events, FtpEventResponseCommandTooLong);
                 }
+                if (line.lf_found) {
+                    state->current_line_truncated_tc = false;
+                }
                 TAILQ_INSERT_TAIL(&tx->response_list, response, next);
             }
         }
diff --git a/src/app-layer-ftp.h b/src/app-layer-ftp.h
index 677011f694..f79c5c9e76 100644
--- a/src/app-layer-ftp.h
+++ b/src/app-layer-ftp.h
@@ -105,6 +105,7 @@ typedef struct FtpLineState_ {
     const uint8_t *buf;
     uint32_t len;
     uint8_t delim_len;
+    bool lf_found;
 } FtpLineState;
 
 typedef struct FTPString_ {