|
|
|
@ -2169,11 +2169,12 @@ static int HTPCallbackRequestComplete(htp_tx_t *tx)
|
|
|
|
SCReturnInt(HTP_ERROR);
|
|
|
|
SCReturnInt(HTP_ERROR);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
const uint64_t abs_right_edge =
|
|
|
|
|
|
|
|
hstate->slice->offset + htp_connp_req_data_consumed(hstate->connp);
|
|
|
|
|
|
|
|
|
|
|
|
if (hstate->request_frame_id > 0) {
|
|
|
|
if (hstate->request_frame_id > 0) {
|
|
|
|
Frame *frame = AppLayerFrameGetById(hstate->f, 0, hstate->request_frame_id);
|
|
|
|
Frame *frame = AppLayerFrameGetById(hstate->f, 0, hstate->request_frame_id);
|
|
|
|
if (frame) {
|
|
|
|
if (frame) {
|
|
|
|
const uint64_t abs_right_edge =
|
|
|
|
|
|
|
|
hstate->slice->offset + htp_connp_req_data_consumed(hstate->connp);
|
|
|
|
|
|
|
|
const uint64_t request_size = abs_right_edge - hstate->last_request_data_stamp;
|
|
|
|
const uint64_t request_size = abs_right_edge - hstate->last_request_data_stamp;
|
|
|
|
|
|
|
|
|
|
|
|
SCLogDebug("HTTP request complete: data offset %" PRIu64 ", request_size %" PRIu64,
|
|
|
|
SCLogDebug("HTTP request complete: data offset %" PRIu64 ", request_size %" PRIu64,
|
|
|
|
@ -2198,12 +2199,14 @@ static int HTPCallbackRequestComplete(htp_tx_t *tx)
|
|
|
|
SCLogDebug("closing file that was being stored");
|
|
|
|
SCLogDebug("closing file that was being stored");
|
|
|
|
(void)HTPFileClose(hstate, NULL, 0, 0, STREAM_TOSERVER);
|
|
|
|
(void)HTPFileClose(hstate, NULL, 0, 0, STREAM_TOSERVER);
|
|
|
|
htud->tsflags &= ~HTP_FILENAME_SET;
|
|
|
|
htud->tsflags &= ~HTP_FILENAME_SET;
|
|
|
|
StreamTcpReassemblySetMinInspectDepth(hstate->f->protoctx, STREAM_TOSERVER,
|
|
|
|
if (abs_right_edge < (uint64_t)UINT32_MAX) {
|
|
|
|
(uint32_t)hstate->conn->in_data_counter);
|
|
|
|
StreamTcpReassemblySetMinInspectDepth(
|
|
|
|
|
|
|
|
hstate->f->protoctx, STREAM_TOSERVER, (uint32_t)abs_right_edge);
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
hstate->last_request_data_stamp = (uint64_t)hstate->conn->in_data_counter;
|
|
|
|
hstate->last_request_data_stamp = abs_right_edge;
|
|
|
|
/* request done, do raw reassembly now to inspect state and stream
|
|
|
|
/* request done, do raw reassembly now to inspect state and stream
|
|
|
|
* at the same time. */
|
|
|
|
* at the same time. */
|
|
|
|
AppLayerParserTriggerRawStreamReassembly(hstate->f, STREAM_TOSERVER);
|
|
|
|
AppLayerParserTriggerRawStreamReassembly(hstate->f, STREAM_TOSERVER);
|
|
|
|
@ -2228,11 +2231,12 @@ static int HTPCallbackResponseComplete(htp_tx_t *tx)
|
|
|
|
/* we have one whole transaction now */
|
|
|
|
/* we have one whole transaction now */
|
|
|
|
hstate->transaction_cnt++;
|
|
|
|
hstate->transaction_cnt++;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
const uint64_t abs_right_edge =
|
|
|
|
|
|
|
|
hstate->slice->offset + htp_connp_res_data_consumed(hstate->connp);
|
|
|
|
|
|
|
|
|
|
|
|
if (hstate->response_frame_id > 0) {
|
|
|
|
if (hstate->response_frame_id > 0) {
|
|
|
|
Frame *frame = AppLayerFrameGetById(hstate->f, 1, hstate->response_frame_id);
|
|
|
|
Frame *frame = AppLayerFrameGetById(hstate->f, 1, hstate->response_frame_id);
|
|
|
|
if (frame) {
|
|
|
|
if (frame) {
|
|
|
|
const uint64_t abs_right_edge =
|
|
|
|
|
|
|
|
hstate->slice->offset + htp_connp_res_data_consumed(hstate->connp);
|
|
|
|
|
|
|
|
const uint64_t response_size = abs_right_edge - hstate->last_response_data_stamp;
|
|
|
|
const uint64_t response_size = abs_right_edge - hstate->last_response_data_stamp;
|
|
|
|
|
|
|
|
|
|
|
|
SCLogDebug("HTTP response complete: data offset %" PRIu64 ", response_size %" PRIu64,
|
|
|
|
SCLogDebug("HTTP response complete: data offset %" PRIu64 ", response_size %" PRIu64,
|
|
|
|
@ -2275,7 +2279,7 @@ static int HTPCallbackResponseComplete(htp_tx_t *tx)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
hstate->last_response_data_stamp = (uint64_t)hstate->conn->out_data_counter;
|
|
|
|
hstate->last_response_data_stamp = abs_right_edge;
|
|
|
|
SCReturnInt(HTP_OK);
|
|
|
|
SCReturnInt(HTP_OK);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
Victor Julien
3 years ago