suricata
app-layer-htp-file.c File Reference
Include dependency graph for app-layer-htp-file.c:

Go to the source code of this file.

Functions

int HTPFileOpen (HtpState *s, HtpTxUserData *tx, const uint8_t *filename, uint16_t filename_len, const uint8_t *data, uint32_t data_len, uint8_t direction)
 Open the file with "filename" and pass the first chunk of data if any. More...
 
int HTPParseContentRange (bstr *rawvalue, HTTPContentRange *range)
 
int HTPFileOpenWithRange (HtpState *s, HtpTxUserData *txud, const uint8_t *filename, uint16_t filename_len, const uint8_t *data, uint32_t data_len, htp_tx_t *tx, bstr *rawvalue, HtpTxUserData *htud)
 Sets range for a file. More...
 
int HTPFileStoreChunk (HtpState *s, HtpTxUserData *tx, const uint8_t *data, uint32_t data_len, uint8_t direction)
 Store a chunk of data in the flow. More...
 
bool HTPFileCloseHandleRange (const StreamingBufferConfig *sbcfg, FileContainer *files, const uint16_t flags, HttpRangeContainerBlock *c, const uint8_t *data, uint32_t data_len)
 close range, add reassembled file if possible More...
 
int HTPFileClose (HtpState *s, HtpTxUserData *tx, const uint8_t *data, uint32_t data_len, uint8_t flags, uint8_t direction)
 Close the file in the flow. More...
 
void AppLayerHtpFileRegisterTests (void)
 this function registers unit tests for AppLayerHtpFile More...
 
void HTPFileParserRegisterTests (void)
 

Variables

StreamingBufferConfig htp_sbcfg
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

This file provides HTTP protocol file handling support for the engine using the HTP library.

Definition in file app-layer-htp-file.c.

Function Documentation

◆ AppLayerHtpFileRegisterTests()

void AppLayerHtpFileRegisterTests ( void  )

this function registers unit tests for AppLayerHtpFile

Definition at line 86 of file app-layer-htp-file.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ HTPFileClose()

int HTPFileClose ( HtpState s,
HtpTxUserData tx,
const uint8_t *  data,
uint32_t  data_len,
uint8_t  flags,
uint8_t  direction 
)

Close the file in the flow.

Parameters
txHtpTxUserData
datadata chunk if any
data_lenlength of the data portion
flagsflags to indicate events
directionflow direction

Currently on the FLOW_FILE_TRUNCATED flag is implemented, indicating that the file isn't complete but we're stopping storing it.

Return values
0ok
-1error
-2not storing files on this flow/tx

Definition at line 306 of file app-layer-htp-file.c.

References HtpTxUserData_::file_range, FILE_TRUNCATED, FileCloseFile(), HtpTxUserData_::files_tc, HtpTxUserData_::files_ts, flags, htp_sbcfg, HTPFileCloseHandleRange(), HttpRangeFreeBlock(), SCEnter, SCLogDebug, SCReturnInt, and HtpTxUserData_::tx_data.

Here is the call graph for this function:

◆ HTPFileCloseHandleRange()

bool HTPFileCloseHandleRange ( const StreamingBufferConfig sbcfg,
FileContainer files,
const uint16_t  flags,
HttpRangeContainerBlock c,
const uint8_t *  data,
uint32_t  data_len 
)

close range, add reassembled file if possible

Return values
trueif reassembled file was added
falseif no reassembled file was added

Definition at line 264 of file app-layer-htp-file.c.

Referenced by HTPFileClose().

Here is the caller graph for this function:

◆ HTPFileOpen()

int HTPFileOpen ( HtpState s,
HtpTxUserData tx,
const uint8_t *  filename,
uint16_t  filename_len,
const uint8_t *  data,
uint32_t  data_len,
uint8_t  direction 
)

Open the file with "filename" and pass the first chunk of data if any.

Parameters
shttp state
filenamename of the file
filename_lenlength of the name
datadata chunk (if any)
data_lenlength of the data portion
directionflow direction
Return values
0ok
-1error
-2not handling files on this flow

Definition at line 50 of file app-layer-htp-file.c.

References HtpState_::cfg, DEBUG_VALIDATE_BUG_ON, HtpTxUserData_::file_range, HtpState_::file_track_id, FileFlowFlagsToFlags(), FileOpenFileWithId(), HtpTxUserData_::files_tc, HtpTxUserData_::files_ts, FileSetInspectSizes(), flags, htp_sbcfg, HTPCfgDir_::inspect_min_size, HTPCfgDir_::inspect_window, HTPCfgRec_::request, HTPCfgRec_::response, SCLogDebug, SCReturnInt, FileContainer_::tail, and HtpTxUserData_::tx_data.

Here is the call graph for this function:

◆ HTPFileOpenWithRange()

int HTPFileOpenWithRange ( HtpState s,
HtpTxUserData txud,
const uint8_t *  filename,
uint16_t  filename_len,
const uint8_t *  data,
uint32_t  data_len,
htp_tx_t *  tx,
bstr *  rawvalue,
HtpTxUserData htud 
)

Sets range for a file.

Parameters
shttp state
rawvalueraw header value
Return values
0ok
-1error

Definition at line 149 of file app-layer-htp-file.c.

References DEBUG_VALIDATE_BUG_ON, flags, and SCEnter.

◆ HTPFileParserRegisterTests()

void HTPFileParserRegisterTests ( void  )

Definition at line 1215 of file app-layer-htp-file.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ HTPFileStoreChunk()

int HTPFileStoreChunk ( HtpState s,
HtpTxUserData tx,
const uint8_t *  data,
uint32_t  data_len,
uint8_t  direction 
)

Store a chunk of data in the flow.

Parameters
sHtpState
txHtpTxUserData
datadata chunk (if any)
data_lenlength of the data portion
directionflow direction
Return values
0ok
-1error
-2file doesn't need storing

Definition at line 219 of file app-layer-htp-file.c.

References HtpTxUserData_::file_range, FileAppendData(), HtpTxUserData_::files_tc, HtpTxUserData_::files_ts, htp_sbcfg, HttpRangeAppendData(), SCEnter, SCLogDebug, and SCReturnInt.

Here is the call graph for this function:

◆ HTPParseContentRange()

int HTPParseContentRange ( bstr *  rawvalue,
HTTPContentRange *  range 
)

Performs parsing of the content-range value

Parameters
[in]rawvalue
[out]range
Returns
HTP_OK on success, HTP_ERROR on failure.

Definition at line 96 of file app-layer-htp-file.c.

References len.

Variable Documentation

◆ htp_sbcfg

Definition at line 96 of file app-layer-htp.c.

Referenced by HTPFileClose(), HTPFileOpen(), and HTPFileStoreChunk().