suricata
app-layer-htp-file.c File Reference
#include "suricata.h"
#include "suricata-common.h"
#include "debug.h"
#include "decode.h"
#include "threads.h"
#include "util-print.h"
#include "util-pool.h"
#include "util-radix-tree.h"
#include "stream-tcp-private.h"
#include "stream-tcp-reassemble.h"
#include "stream-tcp.h"
#include "stream.h"
#include "app-layer.h"
#include "app-layer-protos.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "app-layer-htp-file.h"
#include "util-spm.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "flow-util.h"
#include "detect-engine.h"
#include "detect-engine-state.h"
#include "detect-parse.h"
#include "conf.h"
#include "util-memcmp.h"
#include "tests/app-layer-htp-file.c"
Include dependency graph for app-layer-htp-file.c:

Go to the source code of this file.

Functions

int HTPFileOpen (HtpState *s, const uint8_t *filename, uint16_t filename_len, const uint8_t *data, uint32_t data_len, uint64_t txid, uint8_t direction)
 Open the file with "filename" and pass the first chunk of data if any. More...
 
int HTPParseContentRange (bstr *rawvalue, HtpContentRange *range)
 
int HTPFileSetRange (HtpState *s, bstr *rawvalue)
 Sets range for a file. More...
 
int HTPFileStoreChunk (HtpState *s, const uint8_t *data, uint32_t data_len, uint8_t direction)
 Store a chunk of data in the flow. More...
 
int HTPFileClose (HtpState *s, const uint8_t *data, uint32_t data_len, uint8_t flags, uint8_t direction)
 Close the file in the flow. More...
 
void AppLayerHtpFileRegisterTests (void)
 this function registers unit tests for AppLayerHtpFile More...
 
void HTPFileParserRegisterTests (void)
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

This file provides HTTP protocol file handling support for the engine using HTP library.

Definition in file app-layer-htp-file.c.

Function Documentation

void AppLayerHtpFileRegisterTests ( void  )

this function registers unit tests for AppLayerHtpFile

Definition at line 87 of file app-layer-htp-file.c.

References UtRegisterTest().

Referenced by HTPFileClose().

Here is the call graph for this function:

Here is the caller graph for this function:

int HTPFileClose ( HtpState s,
const uint8_t *  data,
uint32_t  data_len,
uint8_t  flags,
uint8_t  direction 
)

Close the file in the flow.

Parameters
shttp state
datadata chunk if any
data_lenlength of the data portion
flagsflags to indicate events
directionflow direction

Currently on the FLOW_FILE_TRUNCATED flag is implemented, indicating that the file isn't complete but we're stopping storing it.

Return values
0ok
-1error
-2not storing files on this flow/tx

Definition at line 323 of file app-layer-htp-file.c.

References Flow_::alproto, ALPROTO_HTTP, Flow_::alstate, AppLayerHtpFileRegisterTests(), AppLayerParserGetEventsByTx(), AppLayerParserGetTx(), AppLayerParserParse(), AppLayerParserThreadCtxAlloc(), AppLayerParserThreadCtxFree(), AppLayerDecoderEvents_::cnt, FILE_STATE_CLOSED, FileCloseFile(), FileDataSize(), HtpState_::files_tc, HtpState_::files_ts, FLOWLOCK_UNLOCK, FLOWLOCK_WRLOCK, FileContainer_::head, File_::next, Flow_::proto, Flow_::protoctx, File_::sb, SCEnter, SCLogDebug, SCReturnInt, File_::state, STREAM_EOF, STREAM_START, STREAM_TOCLIENT, STREAM_TOSERVER, StreamingBufferCompareRawData(), StreamTcpFreeConfig(), StreamTcpInitConfig(), FileContainer_::tail, TRUE, UTHBuildFlow(), and UTHFreeFlow().

Referenced by HTPFreeConfig().

Here is the call graph for this function:

Here is the caller graph for this function:

int HTPFileOpen ( HtpState s,
const uint8_t *  filename,
uint16_t  filename_len,
const uint8_t *  data,
uint32_t  data_len,
uint64_t  txid,
uint8_t  direction 
)

Open the file with "filename" and pass the first chunk of data if any.

Parameters
shttp state
filenamename of the file
filename_lenlength of the name
datadata chunk (if any)
data_lenlength of the data portion
directionflow direction
Return values
0ok
-1error
-2not handling files on this flow

Definition at line 79 of file app-layer-htp-file.c.

References HtpState_::cfg, HtpState_::f, Flow_::file_flags, FILE_NOSTORE, FILE_STORE, HtpState_::file_track_id, FileContainerAlloc(), FileFlowToFlags(), FileOpenFileWithId(), HtpState_::files_tc, HtpState_::files_ts, FileSetTx(), HtpState_::flags, flags, FLOWFILE_NO_STORE_TC, FLOWFILE_NO_STORE_TS, HTP_FLAG_STORE_FILES_TC, HTP_FLAG_STORE_FILES_TS, HTP_FLAG_STORE_FILES_TX_TC, HTP_FLAG_STORE_FILES_TX_TS, HTPCfgRec_::request, HTPCfgRec_::response, HTPCfgDir_::sbcfg, SCLogDebug, SCReturnInt, HtpState_::store_tx_id, STREAM_TOCLIENT, STREAM_TOSERVER, and FileContainer_::tail.

Here is the call graph for this function:

void HTPFileParserRegisterTests ( void  )

Definition at line 1692 of file app-layer-htp-file.c.

References UtRegisterTest().

Referenced by HTPParserRegisterTests().

Here is the call graph for this function:

Here is the caller graph for this function:

int HTPFileSetRange ( HtpState s,
bstr *  rawvalue 
)

Sets range for a file.

Parameters
shttp state
rawvalueraw header value
Return values
0ok
-1error
-2error parsing
-3error negative end in range

Definition at line 228 of file app-layer-htp-file.c.

References HtpContentRange_::end, HtpState_::files_tc, FileSetRange(), HTPParseContentRange(), SCEnter, SCLogDebug, SCReturnInt, and HtpContentRange_::start.

Here is the call graph for this function:

int HTPFileStoreChunk ( HtpState s,
const uint8_t *  data,
uint32_t  data_len,
uint8_t  direction 
)

Store a chunk of data in the flow.

Parameters
shttp state
datadata chunk (if any)
data_lenlength of the data portion
directionflow direction
Return values
0ok
-1error
-2file doesn't need storing

Definition at line 270 of file app-layer-htp-file.c.

References FileAppendData(), HtpState_::files_tc, HtpState_::files_ts, SCEnter, SCLogDebug, SCReturnInt, and STREAM_TOCLIENT.

Here is the call graph for this function:

int HTPParseContentRange ( bstr *  rawvalue,
HtpContentRange range 
)

Performs parsing of the content-range value

Parameters
[in]rawvalue
[out]range
Returns
HTP_OK on success, HTP_ERROR on failure.

Definition at line 161 of file app-layer-htp-file.c.

References HtpContentRange_::end, len, HtpContentRange_::size, and HtpContentRange_::start.

Referenced by HTPFileSetRange().

Here is the caller graph for this function: