#include "suricata.h"#include "suricata-common.h"#include "debug.h"#include "util-validate.h"#include "decode.h"#include "threads.h"#include "util-print.h"#include "util-pool.h"#include "util-radix-tree.h"#include "stream-tcp-private.h"#include "stream-tcp-reassemble.h"#include "stream-tcp.h"#include "stream.h"#include "app-layer.h"#include "app-layer-protos.h"#include "app-layer-parser.h"#include "app-layer-htp.h"#include "app-layer-htp-file.h"#include "util-spm.h"#include "util-debug.h"#include "util-time.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "flow-util.h"#include "detect-engine.h"#include "detect-engine-state.h"#include "detect-parse.h"#include "conf.h"#include "util-memcmp.h"#include "tests/app-layer-htp-file.c"
Go to the source code of this file.
Functions | |
| int | HTPFileOpen (HtpState *s, HtpTxUserData *tx, const uint8_t *filename, uint16_t filename_len, const uint8_t *data, uint32_t data_len, uint64_t txid, uint8_t direction) |
| Open the file with "filename" and pass the first chunk of data if any. More... | |
| int | HTPParseContentRange (bstr *rawvalue, HTTPContentRange *range) |
| int | HTPFileOpenWithRange (HtpState *s, HtpTxUserData *txud, const uint8_t *filename, uint16_t filename_len, const uint8_t *data, uint32_t data_len, uint64_t txid, bstr *rawvalue, HtpTxUserData *htud) |
| Sets range for a file. More... | |
| int | HTPFileStoreChunk (HtpState *s, const uint8_t *data, uint32_t data_len, uint8_t direction) |
| Store a chunk of data in the flow. More... | |
| bool | HTPFileCloseHandleRange (FileContainer *files, const uint16_t flags, HttpRangeContainerBlock *c, const uint8_t *data, uint32_t data_len) |
| close range, add reassembled file if possible More... | |
| int | HTPFileClose (HtpState *s, HtpTxUserData *htud, const uint8_t *data, uint32_t data_len, uint8_t flags, uint8_t direction) |
| Close the file in the flow. More... | |
| void | AppLayerHtpFileRegisterTests (void) |
| this function registers unit tests for AppLayerHtpFile More... | |
| void | HTPFileParserRegisterTests (void) |
Detailed Description
This file provides HTTP protocol file handling support for the engine using HTP library.
Definition in file app-layer-htp-file.c.
Function Documentation
◆ AppLayerHtpFileRegisterTests()
| void AppLayerHtpFileRegisterTests | ( | void | ) |
this function registers unit tests for AppLayerHtpFile
Definition at line 87 of file app-layer-htp-file.c.
References UtRegisterTest().
◆ HTPFileClose()
| int HTPFileClose | ( | HtpState * | s, |
| HtpTxUserData * | htud, | ||
| const uint8_t * | data, | ||
| uint32_t | data_len, | ||
| uint8_t | flags, | ||
| uint8_t | direction | ||
| ) |
Close the file in the flow.
- Parameters
-
s http state data data chunk if any data_len length of the data portion flags flags to indicate events direction flow direction
Currently on the FLOW_FILE_TRUNCATED flag is implemented, indicating that the file isn't complete but we're stopping storing it.
- Return values
-
0 ok -1 error -2 not storing files on this flow/tx
Definition at line 393 of file app-layer-htp-file.c.
References HtpState_::file_range, FileCloseFile(), HtpState_::files_tc, HtpState_::files_ts, flags, HTPFileCloseHandleRange(), HttpRangeFreeBlock(), SCEnter, SCReturnInt, and HtpTxUserData_::tx_data.
◆ HTPFileCloseHandleRange()
| bool HTPFileCloseHandleRange | ( | FileContainer * | files, |
| const uint16_t | flags, | ||
| HttpRangeContainerBlock * | c, | ||
| const uint8_t * | data, | ||
| uint32_t | data_len | ||
| ) |
close range, add reassembled file if possible
- Return values
-
true if reassembled file was added false if no reassembled file was added
Definition at line 351 of file app-layer-htp-file.c.
References HttpRangeContainerBlock::container, HttpRangeAppendData(), and SCLogDebug.
Referenced by HTPFileClose(), and InitGlobal().
◆ HTPFileOpen()
| int HTPFileOpen | ( | HtpState * | s, |
| HtpTxUserData * | tx, | ||
| const uint8_t * | filename, | ||
| uint16_t | filename_len, | ||
| const uint8_t * | data, | ||
| uint32_t | data_len, | ||
| uint64_t | txid, | ||
| uint8_t | direction | ||
| ) |
Open the file with "filename" and pass the first chunk of data if any.
- Parameters
-
s http state filename name of the file filename_len length of the name data data chunk (if any) data_len length of the data portion direction flow direction
- Return values
-
0 ok -1 error -2 not handling files on this flow
Definition at line 80 of file app-layer-htp-file.c.
References flags.
◆ HTPFileOpenWithRange()
| int HTPFileOpenWithRange | ( | HtpState * | s, |
| HtpTxUserData * | txud, | ||
| const uint8_t * | filename, | ||
| uint16_t | filename_len, | ||
| const uint8_t * | data, | ||
| uint32_t | data_len, | ||
| uint64_t | txid, | ||
| bstr * | rawvalue, | ||
| HtpTxUserData * | htud | ||
| ) |
Sets range for a file.
- Parameters
-
s http state rawvalue raw header value
- Return values
-
0 ok -1 error
Definition at line 217 of file app-layer-htp-file.c.
References DEBUG_VALIDATE_BUG_ON, flags, and SCEnter.
◆ HTPFileParserRegisterTests()
| void HTPFileParserRegisterTests | ( | void | ) |
Definition at line 1287 of file app-layer-htp-file.c.
References UtRegisterTest().
◆ HTPFileStoreChunk()
| int HTPFileStoreChunk | ( | HtpState * | s, |
| const uint8_t * | data, | ||
| uint32_t | data_len, | ||
| uint8_t | direction | ||
| ) |
Store a chunk of data in the flow.
- Parameters
-
s http state data data chunk (if any) data_len length of the data portion direction flow direction
- Return values
-
0 ok -1 error -2 file doesn't need storing
Definition at line 304 of file app-layer-htp-file.c.
References HtpState_::file_range, FileAppendData(), HtpState_::files_tc, HtpState_::files_ts, HttpRangeAppendData(), SCEnter, SCLogDebug, and SCReturnInt.
◆ HTPParseContentRange()
| int HTPParseContentRange | ( | bstr * | rawvalue, |
| HTTPContentRange * | range | ||
| ) |
Performs parsing of the content-range value
- Parameters
-
[in] rawvalue [out] range
- Returns
- HTP_OK on success, HTP_ERROR on failure.
Definition at line 164 of file app-layer-htp-file.c.
References len.
