81 const uint8_t *data, uint32_t data_len, uint64_t txid, uint8_t direction)
88 SCLogDebug(
"data %p data_len %"PRIu32, data, data_len);
94 if (direction & STREAM_TOCLIENT) {
143 filename, filename_len,
144 data, data_len,
flags) != 0)
166 uint32_t
len = bstr_len(rawvalue);
167 return rs_http_parse_content_range(range, bstr_ptr(rawvalue),
len);
178 static int HTPParseAndCheckContentRange(
185 SCLogDebug(
"parsing range failed, going back to normal file");
193 if (range->end <= 0 || range->size <= 0) {
196 }
else if (range->end == range->size - 1 && range->start == 0) {
199 }
else if (range->start > range->end || range->end > range->size - 1) {
218 uint16_t filename_len,
const uint8_t *data, uint32_t data_len, uint64_t txid,
227 HTTPContentRange crparsed;
228 if (HTPParseAndCheckContentRange(rawvalue, &crparsed, s, htud) != 0) {
230 return HTPFileOpen(s, txud, filename, filename_len, data, data_len, txid, STREAM_TOCLIENT);
253 filename_len, data, data_len,
flags) != 0) {
259 if (
FileSetRange(files, crparsed.start, crparsed.end) < 0) {
264 htp_tx_t *tx = htp_list_get(s->
conn->transactions, txid);
270 if (tx->request_hostname != NULL) {
271 keylen = bstr_len(tx->request_hostname) + filename_len;
273 if (keyurl == NULL) {
276 memcpy(keyurl, bstr_ptr(tx->request_hostname), bstr_len(tx->request_hostname));
277 memcpy(keyurl + bstr_len(tx->request_hostname), filename, filename_len);
317 if (direction & STREAM_TOCLIENT) {
339 }
else if (result == -2) {
352 const uint8_t *data, uint32_t data_len)
366 if (ranged && files) {
394 uint8_t
flags, uint8_t direction)
406 if (direction & STREAM_TOCLIENT) {
420 }
else if (result == -2) {
438 static int HTPFileParserTest01(
void)
440 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
441 "Host: www.server.lan\r\n"
442 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
443 "Content-Length: 215\r\n"
445 "-----------------------------277531038314945\r\n"
446 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
447 "Content-Type: image/jpeg\r\n"
450 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
451 uint8_t httpbuf2[] =
"filecontent\r\n"
452 "-----------------------------277531038314945--";
453 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
458 memset(&ssn, 0,
sizeof(ssn));
463 f->
proto = IPPROTO_TCP;
468 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
473 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
485 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
493 static int HTPFileParserTest02(
void)
495 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
496 "Host: www.server.lan\r\n"
497 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
498 "Content-Length: 337\r\n"
500 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
502 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
503 "Content-Disposition: form-data; name=\"email\"\r\n"
505 "someaddress@somedomain.lan\r\n";
506 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
508 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
509 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
510 "Content-Type: image/jpeg\r\n"
512 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
514 uint8_t httpbuf4[] =
"filecontent\r\n"
515 "-----------------------------277531038314945--";
516 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
522 memset(&ssn, 0,
sizeof(ssn));
527 f->
proto = IPPROTO_TCP;
532 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
537 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
542 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
547 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
558 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
569 static int HTPFileParserTest03(
void)
571 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
572 "Host: www.server.lan\r\n"
573 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
574 "Content-Length: 337\r\n"
576 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
578 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
579 "Content-Disposition: form-data; name=\"email\"\r\n"
581 "someaddress@somedomain.lan\r\n";
582 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
584 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
585 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
586 "Content-Type: image/jpeg\r\n"
588 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
590 uint8_t httpbuf4[] =
"file";
591 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
593 uint8_t httpbuf5[] =
"content\r\n";
594 uint32_t httplen5 =
sizeof(httpbuf5) - 1;
596 uint8_t httpbuf6[] =
"-----------------------------277531038314945--";
597 uint32_t httplen6 =
sizeof(httpbuf6) - 1;
603 memset(&ssn, 0,
sizeof(ssn));
608 f->
proto = IPPROTO_TCP;
613 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
618 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
623 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
628 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
633 SCLogDebug(
"\n>>>> processing chunk 5 size %u <<<<\n", httplen5);
638 SCLogDebug(
"\n>>>> processing chunk 6 size %u <<<<\n", httplen6);
650 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
664 static int HTPFileParserTest04(
void)
666 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
667 "Host: www.server.lan\r\n"
668 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
669 "Content-Length: 373\r\n"
671 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
673 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
674 "Content-Disposition: form-data; name=\"email\"\r\n"
676 "someaddress@somedomain.lan\r\n";
677 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
679 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
680 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
681 "Content-Type: image/jpeg\r\n"
683 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
685 uint8_t httpbuf4[] =
"file0123456789abcdefghijklmnopqrstuvwxyz";
686 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
688 uint8_t httpbuf5[] =
"content\r\n";
689 uint32_t httplen5 =
sizeof(httpbuf5) - 1;
691 uint8_t httpbuf6[] =
"-----------------------------277531038314945--";
692 uint32_t httplen6 =
sizeof(httpbuf6) - 1;
698 memset(&ssn, 0,
sizeof(ssn));
703 f->
proto = IPPROTO_TCP;
708 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
713 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
718 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
723 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
728 SCLogDebug(
"\n>>>> processing chunk 5 size %u <<<<\n", httplen5);
733 SCLogDebug(
"\n>>>> processing chunk 6 size %u <<<<\n", httplen6);
745 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
758 static int HTPFileParserTest05(
void)
760 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
761 "Host: www.server.lan\r\n"
762 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
763 "Content-Length: 544\r\n"
765 "-----------------------------277531038314945\r\n"
766 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
767 "Content-Type: image/jpeg\r\n"
770 "-----------------------------277531038314945\r\n";
771 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
772 uint8_t httpbuf2[] =
"Content-Disposition: form-data; name=\"uploadfile_1\"; filename=\"somepicture2.jpg\"\r\n"
773 "Content-Type: image/jpeg\r\n"
776 "-----------------------------277531038314945--";
777 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
783 memset(&ssn, 0,
sizeof(ssn));
788 f->
proto = IPPROTO_TCP;
793 SCLogDebug(
"\n>>>> processing chunk 1 size %u <<<<\n", httplen1);
798 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
810 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
821 (uint8_t *)
"filecontent", 11) != 1);
824 (uint8_t *)
"FILECONTENT", 11) != 1);
832 static int HTPFileParserTest06(
void)
834 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
835 "Host: www.server.lan\r\n"
836 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
837 "Content-Length: 544\r\n"
839 "-----------------------------277531038314945\r\n"
840 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
841 "Content-Type: image/jpeg\r\n"
844 "-----------------------------27753103831494";
845 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
846 uint8_t httpbuf2[] =
"5\r\nContent-Disposition: form-data; name=\"uploadfile_1\"; filename=\"somepicture2.jpg\"\r\n"
847 "Content-Type: image/jpeg\r\n"
850 "-----------------------------277531038314945--";
851 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
857 memset(&ssn, 0,
sizeof(ssn));
862 f->
proto = IPPROTO_TCP;
867 SCLogDebug(
"\n>>>> processing chunk 1 size %u <<<<\n", httplen1);
872 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
884 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
895 (uint8_t *)
"filecontent", 11) != 1);
898 (uint8_t *)
"FILECONTENT", 11) != 1);
907 static int HTPFileParserTest07(
void)
909 uint8_t httpbuf1[] =
"POST /filename HTTP/1.1\r\n"
910 "Host: www.server.lan\r\n"
911 "Content-Length: 11\r\n"
913 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
914 uint8_t httpbuf2[] =
"FILECONTENT";
915 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
921 memset(&ssn, 0,
sizeof(ssn));
926 f->
proto = IPPROTO_TCP;
931 SCLogDebug(
"\n>>>> processing chunk 1 size %u <<<<\n", httplen1);
936 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
947 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
954 (uint8_t *)
"FILECONTENT", 11) != 1);
962 static int HTPFileParserTest08(
void)
964 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
965 "Host: www.server.lan\r\n"
966 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
967 "Content-Length: 215\r\n"
969 "-----------------------------277531038314945\r\n"
970 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
971 "Content-Type: image/jpeg\r\n";
973 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
974 uint8_t httpbuf2[] =
"filecontent\r\n\r\n"
975 "-----------------------------277531038314945--";
976 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
981 memset(&ssn, 0,
sizeof(ssn));
986 f->
proto = IPPROTO_TCP;
991 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
996 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
1020 static int HTPFileParserTest09(
void)
1022 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
1023 "Host: www.server.lan\r\n"
1024 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
1025 "Content-Length: 337\r\n"
1027 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
1029 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
1030 "Content-Disposition: form-data; name=\"email\"\r\n"
1032 "someaddress@somedomain.lan\r\n";
1033 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
1035 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
1036 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
1037 "Somereallylongheaderstr:\r\n"
1039 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
1041 uint8_t httpbuf4[] =
"filecontent\r\n"
1042 "-----------------------------277531038314945--";
1043 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
1049 memset(&ssn, 0,
sizeof(ssn));
1054 f->
proto = IPPROTO_TCP;
1059 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
1064 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
1069 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
1074 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
1098 static int HTPFileParserTest10(
void)
1100 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
1101 "Host: www.server.lan\r\n"
1102 "Content-Type: multipart/form-data; boundary=---------------------------277531038314945\r\n"
1103 "Content-Length: 337\r\n"
1105 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
1107 uint8_t httpbuf2[] =
"-----------------------------277531038314945\r\n"
1109 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
1111 uint8_t httpbuf3[] =
"-----------------------------277531038314945\r\n"
1112 "Content-Disposition: form-data; name=\"uploadfile_0\"; filename=\"somepicture1.jpg\"\r\n"
1113 "Somereallylongheaderstr: with a good value\r\n"
1115 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
1117 uint8_t httpbuf4[] =
"filecontent\r\n"
1118 "-----------------------------277531038314945--";
1119 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
1125 memset(&ssn, 0,
sizeof(ssn));
1130 f->
proto = IPPROTO_TCP;
1135 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
1140 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
1145 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
1150 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
1171 static int HTPFileParserTest11(
void)
1173 uint8_t httpbuf1[] =
"POST /upload.cgi HTTP/1.1\r\n"
1174 "Host: www.server.lan\r\n"
1175 "Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1176 "Content-Length: 1102\r\n"
1178 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
1180 uint8_t httpbuf2[] =
"------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n";
1181 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
1183 uint8_t httpbuf3[] =
"Content-Disposition: form-data; name=\"PROGRESS_URL\"\r\n"
1185 "http://somserver.com/progress.php?UPLOAD_IDENTIFIER=XXXXXXXXX.XXXXXXXXXX.XXXXXXXX.XX.X\r\n"
1186 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1187 "Content-Disposition: form-data; name=\"DESTINATION_DIR\"\r\n"
1190 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1191 "Content-Disposition: form-data; name=\"js_enabled\"\r\n"
1194 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1195 "Content-Disposition: form-data; name=\"signature\"\r\n"
1197 "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\r\n"
1198 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1199 "Content-Disposition: form-data; name=\"upload_files\"\r\n"
1201 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1202 "Content-Disposition: form-data; name=\"terms\"\r\n"
1205 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1206 "Content-Disposition: form-data; name=\"file[]\"\r\n"
1208 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1209 "Content-Disposition: form-data; name=\"description[]\"\r\n"
1211 "------WebKitFormBoundaryBRDbP74mBhBxsIdo\r\n"
1212 "Content-Disposition: form-data; name=\"upload_file[]\"; filename=\"filename.doc\"\r\n"
1213 "Content-Type: application/msword\r\n"
1216 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
1218 uint8_t httpbuf4[] =
"CONTENT\r\n"
1219 "------WebKitFormBoundaryBRDbP74mBhBxsIdo--";
1220 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
1226 memset(&ssn, 0,
sizeof(ssn));
1231 f->
proto = IPPROTO_TCP;
1236 SCLogDebug(
"\n>>>> processing chunk 1 <<<<\n");
1241 SCLogDebug(
"\n>>>> processing chunk 2 size %u <<<<\n", httplen2);
1245 SCLogDebug(
"\n>>>> processing chunk 3 size %u <<<<\n", httplen3);
1249 SCLogDebug(
"\n>>>> processing chunk 4 size %u <<<<\n", httplen4);
1268 FAIL_IF(memcmp(bstr_util_strdup_to_c(tx->request_method),
"POST", 4) != 0);
1275 (uint8_t *)
"FILECONTENT", 11) != 1);