#include "suricata.h"
#include "suricata-common.h"
#include "debug.h"
#include "decode.h"
#include "threads.h"
#include "util-print.h"
#include "util-pool.h"
#include "util-radix-tree.h"
#include "stream-tcp-private.h"
#include "stream-tcp-reassemble.h"
#include "stream-tcp.h"
#include "stream.h"
#include "app-layer.h"
#include "app-layer-protos.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "app-layer-htp-file.h"
#include "util-spm.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "flow-util.h"
#include "detect-engine.h"
#include "detect-engine-state.h"
#include "detect-parse.h"
#include "conf.h"
#include "util-memcmp.h"
#include "tests/app-layer-htp-file.c"

Include dependency graph for app-layer-htp-file.c:

Functions
int	HTPFileOpen (HtpState s, HtpTxUserData tx, const uint8_t filename, uint16_t filename_len, const uint8_t data, uint32_t data_len, uint64_t txid, uint8_t direction)
	Open the file with "filename" and pass the first chunk of data if any. More...

int	HTPParseContentRange (bstr rawvalue, HtpContentRange range)

int	HTPFileSetRange (HtpState s, bstr rawvalue)
	Sets range for a file. More...

int	HTPFileStoreChunk (HtpState s, const uint8_t data, uint32_t data_len, uint8_t direction)
	Store a chunk of data in the flow. More...

int	HTPFileClose (HtpState s, const uint8_t data, uint32_t data_len, uint8_t flags, uint8_t direction)
	Close the file in the flow. More...

void	AppLayerHtpFileRegisterTests (void)
	this function registers unit tests for AppLayerHtpFile More...

void	HTPFileParserRegisterTests (void)

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

This file provides HTTP protocol file handling support for the engine using HTP library.

Definition in file app-layer-htp-file.c.

Function Documentation

◆ AppLayerHtpFileRegisterTests()

void AppLayerHtpFileRegisterTests ( void )

this function registers unit tests for AppLayerHtpFile

Definition at line 87 of file app-layer-htp-file.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ HTPFileClose()

int HTPFileClose	(	HtpState *	s,
		const uint8_t *	data,
		uint32_t	data_len,
		uint8_t	flags,
		uint8_t	direction
	)

Close the file in the flow.

Parameters

s	http state
data	data chunk if any
data_len	length of the data portion
flags	flags to indicate events
direction	flow direction

Currently on the FLOW_FILE_TRUNCATED flag is implemented, indicating that the file isn't complete but we're stopping storing it.

Return values

0	ok
-1	error
-2	not storing files on this flow/tx

Definition at line 323 of file app-layer-htp-file.c.

References FileCloseFile(), HtpState_::files_tc, HtpState_::files_ts, flags, SCEnter, SCReturnInt, and STREAM_TOCLIENT.

Here is the call graph for this function:

◆ HTPFileOpen()

int HTPFileOpen	(	HtpState *	s,
		HtpTxUserData *	tx,
		const uint8_t *	filename,
		uint16_t	filename_len,
		const uint8_t *	data,
		uint32_t	data_len,
		uint64_t	txid,
		uint8_t	direction
	)

Open the file with "filename" and pass the first chunk of data if any.

Parameters

s	http state
filename	name of the file
filename_len	length of the name
data	data chunk (if any)
data_len	length of the data portion
direction	flow direction

Return values

0	ok
-1	error
-2	not handling files on this flow

Definition at line 79 of file app-layer-htp-file.c.

References flags.

◆ HTPFileParserRegisterTests()

void HTPFileParserRegisterTests ( void )

Definition at line 1208 of file app-layer-htp-file.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ HTPFileSetRange()

int HTPFileSetRange	(	HtpState *	s,
		bstr *	rawvalue
	)

Sets range for a file.

Parameters

s	http state
rawvalue	raw header value

Return values

0	ok
-1	error
-2	error parsing
-3	error negative end in range

Definition at line 228 of file app-layer-htp-file.c.

References HtpContentRange_::end, HtpState_::files_tc, FileSetRange(), HTPParseContentRange(), SCEnter, SCLogDebug, SCReturnInt, and HtpContentRange_::start.

Here is the call graph for this function:

◆ HTPFileStoreChunk()

int HTPFileStoreChunk	(	HtpState *	s,
		const uint8_t *	data,
		uint32_t	data_len,
		uint8_t	direction
	)

Store a chunk of data in the flow.

Parameters

s	http state
data	data chunk (if any)
data_len	length of the data portion
direction	flow direction

Return values

0	ok
-1	error
-2	file doesn't need storing

Definition at line 270 of file app-layer-htp-file.c.

References FileAppendData(), HtpState_::files_tc, HtpState_::files_ts, SCEnter, SCLogDebug, SCReturnInt, and STREAM_TOCLIENT.

Here is the call graph for this function:

◆ HTPParseContentRange()

int HTPParseContentRange	(	bstr *	rawvalue,
		HtpContentRange *	range
	)

Performs parsing of the content-range value

Parameters

[in]	rawvalue
[out]	range

Returns: HTP_OK on success, HTP_ERROR on failure.

Definition at line 161 of file app-layer-htp-file.c.

References HtpContentRange_::end, len, HtpContentRange_::size, and HtpContentRange_::start.

Referenced by HTPFileSetRange().

Here is the caller graph for this function:

Functions

Detailed Description

Function Documentation

◆ AppLayerHtpFileRegisterTests()

◆ HTPFileClose()

◆ HTPFileOpen()

◆ HTPFileParserRegisterTests()

◆ HTPFileSetRange()

◆ HTPFileStoreChunk()

◆ HTPParseContentRange()