51 const uint8_t *data, uint32_t data_len, uint8_t direction)
57 SCLogDebug(
"data %p data_len %"PRIu32, data, data_len);
59 if (direction & STREAM_TOCLIENT) {
71 data_len,
flags) != 0) {
75 if (direction & STREAM_TOCLIENT) {
98 uint32_t
len = bstr_len(rawvalue);
99 return rs_http_parse_content_range(range, bstr_ptr(rawvalue),
len);
110 static int HTPParseAndCheckContentRange(
117 SCLogDebug(
"parsing range failed, going back to normal file");
125 if (range->end <= 0 || range->size <= 0) {
128 }
else if (range->end == range->size - 1 && range->start == 0) {
131 }
else if (range->start > range->end || range->end > range->size - 1) {
150 uint16_t filename_len,
const uint8_t *data, uint32_t data_len, htp_tx_t *tx, bstr *rawvalue,
159 HTTPContentRange crparsed;
160 if (HTPParseAndCheckContentRange(rawvalue, &crparsed, s, htud) != 0) {
162 return HTPFileOpen(s, txud, filename, filename_len, data, data_len, STREAM_TOCLIENT);
169 data_len,
flags) != 0) {
177 if (
FileSetRange(files, crparsed.start, crparsed.end) < 0) {
184 if (tx->request_hostname != NULL) {
185 keylen = bstr_len(tx->request_hostname) + filename_len;
187 if (keyurl == NULL) {
190 memcpy(keyurl, bstr_ptr(tx->request_hostname), bstr_len(tx->request_hostname));
191 memcpy(keyurl + bstr_len(tx->request_hostname), filename, filename_len);
198 filename, filename_len,
flags, data, data_len);
228 if (direction & STREAM_TOCLIENT) {
233 SCLogDebug(
"files %p data %p data_len %" PRIu32, files, data, data_len);
251 }
else if (result == -2) {
279 if (ranged && files) {
307 uint8_t
flags, uint8_t direction)
317 if (direction & STREAM_TOCLIENT) {
323 SCLogDebug(
"files %p data %p data_len %" PRIu32, files, data, data_len);
333 }
else if (result == -2) {
357 static int HTPFileParserTest01(
void)
359 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
360 "Host: www.server.lan\r\n"
361 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
362 "Content-Length: 215\r\n"
364 "-----------------------------277531038314945\r\n"
365 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
366 "Content-Type: image/jpeg\r\n"
369 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
370 uint8_t httpbuf2[] =
"filecontent\r\n"
371 "-----------------------------277531038314945--";
372 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
377 memset(&ssn, 0,
sizeof(ssn));
382 f->
proto = IPPROTO_TCP;
387 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
392 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
404 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
412 static int HTPFileParserTest02(
void)
414 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
415 "Host: www.server.lan\r\n"
416 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
417 "Content-Length: 337\r\n"
419 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
421 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
422 "Content-Disposition: form-data; name=\"email\"\r\n"
424 "someaddress@somedomain.lan\r\n";
425 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
427 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
428 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
429 "Content-Type: image/jpeg\r\n"
431 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
433 uint8_t httpbuf4[] =
"filecontent\r\n"
434 "-----------------------------277531038314945--";
435 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
441 memset(&ssn, 0,
sizeof(ssn));
446 f->
proto = IPPROTO_TCP;
451 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
456 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
461 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
466 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
477 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
489 static int HTPFileParserTest03(
void)
491 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
492 "Host: www.server.lan\r\n"
493 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
494 "Content-Length: 337\r\n"
496 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
498 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
499 "Content-Disposition: form-data; name=\"email\"\r\n"
501 "someaddress@somedomain.lan\r\n";
502 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
504 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
505 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
506 "Content-Type: image/jpeg\r\n"
508 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
510 uint8_t httpbuf4[] =
"file";
511 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
513 uint8_t httpbuf5[] =
"content\r\n";
514 uint32_t httplen5 =
sizeof(httpbuf5) - 1;
516 uint8_t httpbuf6[] =
"-----------------------------277531038314945--";
517 uint32_t httplen6 =
sizeof(httpbuf6) - 1;
523 memset(&ssn, 0,
sizeof(ssn));
528 f->
proto = IPPROTO_TCP;
533 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
538 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
543 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
548 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
553 SCLogDebug(
"\n>>>> processing chunk 5 size %u <<<<\n", httplen5);
558 SCLogDebug(
"\n>>>> processing chunk 6 size %u <<<<\n", httplen6);
570 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
585 static int HTPFileParserTest04(
void)
587 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
588 "Host: www.server.lan\r\n"
589 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
590 "Content-Length: 373\r\n"
592 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
594 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
595 "Content-Disposition: form-data; name=\"email\"\r\n"
597 "someaddress@somedomain.lan\r\n";
598 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
600 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
601 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
602 "Content-Type: image/jpeg\r\n"
604 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
606 uint8_t httpbuf4[] =
"file0123456789abcdefghijklmnopqrstuvwxyz";
607 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
609 uint8_t httpbuf5[] =
"content\r\n";
610 uint32_t httplen5 =
sizeof(httpbuf5) - 1;
612 uint8_t httpbuf6[] =
"-----------------------------277531038314945--";
613 uint32_t httplen6 =
sizeof(httpbuf6) - 1;
619 memset(&ssn, 0,
sizeof(ssn));
624 f->
proto = IPPROTO_TCP;
629 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
634 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
639 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
644 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
649 SCLogDebug(
"\n>>>> processing chunk 5 size %u <<<<\n", httplen5);
654 SCLogDebug(
"\n>>>> processing chunk 6 size %u <<<<\n", httplen6);
666 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
680 static int HTPFileParserTest05(
void)
682 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
683 "Host: www.server.lan\r\n"
684 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
685 "Content-Length: 544\r\n"
687 "-----------------------------277531038314945\r\n"
688 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
689 "Content-Type: image/jpeg\r\n"
692 "-----------------------------277531038314945\r\n";
693 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
694 uint8_t httpbuf2[] =
"Content-Disposition: form-data; name=\"uploadfile_1\"; filename=\"somepicture2.jpg\"\r\n"
695 "Content-Type: image/jpeg\r\n"
698 "-----------------------------277531038314945--";
699 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
705 memset(&ssn, 0,
sizeof(ssn));
710 f->
proto = IPPROTO_TCP;
715 SCLogDebug(
"\n>>>> processing chunk 1 size %u <<<<\n", httplen1);
720 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
732 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
755 static int HTPFileParserTest06(
void)
757 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
758 "Host: www.server.lan\r\n"
759 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
760 "Content-Length: 544\r\n"
762 "-----------------------------277531038314945\r\n"
763 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
764 "Content-Type: image/jpeg\r\n"
767 "-----------------------------27753103831494";
768 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
769 uint8_t httpbuf2[] =
"5\r\nContent-Disposition: form-data; name=\"uploadfile_1\"; filename=\"somepicture2.jpg\"\r\n"
770 "Content-Type: image/jpeg\r\n"
773 "-----------------------------277531038314945--";
774 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
780 memset(&ssn, 0,
sizeof(ssn));
785 f->
proto = IPPROTO_TCP;
790 SCLogDebug(
"\n>>>> processing chunk 1 size %u <<<<\n", httplen1);
795 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
807 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
831 static int HTPFileParserTest07(
void)
833 uint8_t httpbuf1[] =
"POST /filename HTTP/1.1\r\n"
834 "Host: www.server.lan\r\n"
835 "Content-Length: 11\r\n"
837 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
838 uint8_t httpbuf2[] =
"FILECONTENT";
839 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
845 memset(&ssn, 0,
sizeof(ssn));
850 f->
proto = IPPROTO_TCP;
855 SCLogDebug(
"\n>>>> processing chunk 1 size %u <<<<\n", httplen1);
860 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
871 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
888 static int HTPFileParserTest08(
void)
890 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
891 "Host: www.server.lan\r\n"
892 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
893 "Content-Length: 215\r\n"
895 "-----------------------------277531038314945\r\n"
896 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
897 "Content-Type: image/jpeg\r\n";
899 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
900 uint8_t httpbuf2[] =
"filecontent\r\n\r\n"
901 "-----------------------------277531038314945--";
902 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
907 memset(&ssn, 0,
sizeof(ssn));
912 f->
proto = IPPROTO_TCP;
917 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
922 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
946 static int HTPFileParserTest09(
void)
948 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
949 "Host: www.server.lan\r\n"
950 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
951 "Content-Length: 337\r\n"
953 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
955 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
956 "Content-Disposition: form-data; name=\"email\"\r\n"
958 "someaddress@somedomain.lan\r\n";
959 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
961 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
962 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
963 "Somereallylongheaderstr:\r\n"
965 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
967 uint8_t httpbuf4[] =
"filecontent\r\n"
968 "-----------------------------277531038314945--";
969 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
975 memset(&ssn, 0,
sizeof(ssn));
980 f->
proto = IPPROTO_TCP;
985 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
990 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
995 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
1000 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
1024 static int HTPFileParserTest10(
void)
1026 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
1027 "Host: www.server.lan\r\n"
1028 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
1029 "Content-Length: 337\r\n"
1031 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
1033 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
1035 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
1037 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
1038 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
1039 "Somereallylongheaderstr: with a good value\r\n"
1041 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
1043 uint8_t httpbuf4[] =
"filecontent\r\n"
1044 "-----------------------------277531038314945--";
1045 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
1051 memset(&ssn, 0,
sizeof(ssn));
1056 f->
proto = IPPROTO_TCP;
1061 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
1066 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
1071 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
1076 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
1097 static int HTPFileParserTest11(
void)
1099 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
1100 "Host: www.server.lan\r\n"
1101 "Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1102 "Content-Length: 1102\r\n"
1104 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
1106 uint8_t httpbuf2[] =
"------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n";
1107 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
1109 uint8_t httpbuf3[] =
"Content-Disposition: form-data; name=\"PROGRESS_URL\"\r\n"
1111 "http://somserver.com/progress.php?UPLOAD_IDENTIFIER=XXXXXXXXX.XXXXXXXXXX.XXXXXXXX.XX.X\r\n"
1112 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1113 "Content-Disposition: form-data; name=\"DESTINATION_DIR\"\r\n"
1116 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1117 "Content-Disposition: form-data; name=\"js_enabled\"\r\n"
1120 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1121 "Content-Disposition: form-data; name=\"signature\"\r\n"
1123 "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\r\n"
1124 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1125 "Content-Disposition: form-data; name=\"upload_files\"\r\n"
1127 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1128 "Content-Disposition: form-data; name=\"terms\"\r\n"
1131 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1132 "Content-Disposition: form-data; name=\"file[]\"\r\n"
1134 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1135 "Content-Disposition: form-data; name=\"description[]\"\r\n"
1137 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1138 "Content-Disposition: form-data; name=\"upload_file[]\"; filename=\"filename.doc\"\r\n"
1139 "Content-Type: application/msword\r\n"
1142 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
1144 uint8_t httpbuf4[] =
"CONTENT\r\n"
1145 "------WebKitFormBoundaryBRDbP74mBhBxsIdo--";
1146 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
1152 memset(&ssn, 0,
sizeof(ssn));
1157 f->
proto = IPPROTO_TCP;
1162 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
1167 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
1171 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
1175 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
1194 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);