suricata
app-layer-htp-libhtp.c
Go to the documentation of this file.
1 /*
2  * We are using this file to hold APIs copied from libhtp 0.5.x.
3  */
4 
5 /***************************************************************************
6  * Copyright (c) 2009-2010 Open Information Security Foundation
7  * Copyright (c) 2010-2013 Qualys, Inc.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions are
12  * met:
13  *
14  * - Redistributions of source code must retain the above copyright
15  * notice, this list of conditions and the following disclaimer.
16  *
17  * - Redistributions in binary form must reproduce the above copyright
18  * notice, this list of conditions and the following disclaimer in the
19  * documentation and/or other materials provided with the distribution.
20  *
21  * - Neither the name of the Qualys, Inc. nor the names of its
22  * contributors may be used to endorse or promote products derived from
23  * this software without specific prior written permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
31  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
35  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36  ***************************************************************************/
37 
38 /**
39  * \file
40  *
41  * \author Anoop Saldanha <anoopsaldanha@gmail.com>
42  *
43  * APIs from libhtp 0.5.x.
44  */
45 
46 #include "suricata-common.h"
47 #include <htp/htp.h>
48 #include "app-layer-htp-libhtp.h"
49 
50 /**
51  * \brief Generates the normalized uri.
52  *
53  * Libhtp doesn't recreate the whole normalized uri and save it.
54  * That duty has now been passed to us. A lot of this code has been
55  * copied from libhtp.
56  *
57  * Keep an eye out on the tx->parsed_uri struct and how the parameters
58  * in it are generated, just in case some modifications are made to
59  * them in the future.
60  *
61  * \param uri_include_all boolean to indicate if scheme, username/password,
62  hostname and port should be part of the buffer
63  */
64 bstr *SCHTPGenerateNormalizedUri(htp_tx_t *tx, htp_uri_t *uri, bool uri_include_all)
65 {
66  if (uri == NULL)
67  return NULL;
68 
69  // On the first pass determine the length of the final string
70  size_t len = 0;
71 
72  if (uri_include_all) {
73  if (uri->scheme != NULL) {
74  len += bstr_len(uri->scheme);
75  len += 3; // "://"
76  }
77 
78  if ((uri->username != NULL) || (uri->password != NULL)) {
79  if (uri->username != NULL) {
80  len += bstr_len(uri->username);
81  }
82 
83  len += 1; // ":"
84 
85  if (uri->password != NULL) {
86  len += bstr_len(uri->password);
87  }
88 
89  len += 1; // "@"
90  }
91 
92  if (uri->hostname != NULL) {
93  len += bstr_len(uri->hostname);
94  }
95 
96  if (uri->port != NULL) {
97  len += 1; // ":"
98  len += bstr_len(uri->port);
99  }
100  }
101 
102  if (uri->path != NULL) {
103  len += bstr_len(uri->path);
104  }
105 
106  if (uri->query != NULL) {
107  len += 1; // "?"
108  len += bstr_len(uri->query);
109  }
110 
111  if (uri->fragment != NULL) {
112  len += 1; // "#"
113  len += bstr_len(uri->fragment);
114  }
115 
116  // On the second pass construct the string
117  /* FIXME in memcap */
118  bstr *r = bstr_alloc(len);
119  if (r == NULL) {
120  return NULL;
121  }
122 
123  if (uri_include_all) {
124  if (uri->scheme != NULL) {
125  bstr_add_noex(r, uri->scheme);
126  bstr_add_c_noex(r, "://");
127  }
128 
129  if ((uri->username != NULL) || (uri->password != NULL)) {
130  if (uri->username != NULL) {
131  bstr_add_noex(r, uri->username);
132  }
133 
134  bstr_add_c_noex(r, ":");
135 
136  if (uri->password != NULL) {
137  bstr_add_noex(r, uri->password);
138  }
139 
140  bstr_add_c_noex(r, "@");
141  }
142 
143  if (uri->hostname != NULL) {
144  bstr_add_noex(r, uri->hostname);
145  }
146 
147  if (uri->port != NULL) {
148  bstr_add_c_noex(r, ":");
149  bstr_add_noex(r, uri->port);
150  }
151  }
152 
153  if (uri->path != NULL) {
154  bstr_add_noex(r, uri->path);
155  }
156 
157  if (uri->query != NULL) {
158  bstr *query = bstr_dup(uri->query);
159  if (query) {
160  uint64_t flags = 0;
161  htp_urldecode_inplace(tx->cfg, HTP_DECODER_URLENCODED, query, &flags);
162  bstr_add_c_noex(r, "?");
163  bstr_add_noex(r, query);
164  bstr_free(query);
165  }
166  }
167 
168  if (uri->fragment != NULL) {
169  bstr_add_c_noex(r, "#");
170  bstr_add_noex(r, uri->fragment);
171  }
172 
173  return r;
174 }
len
uint8_t len
Definition: app-layer-dnp3.h:2
flags
uint8_t flags
Definition: decode-gre.h:0
suricata-common.h
app-layer-htp-libhtp.h
SCHTPGenerateNormalizedUri
bstr * SCHTPGenerateNormalizedUri(htp_tx_t *tx, htp_uri_t *uri, bool uri_include_all)
Generates the normalized uri.
Definition: app-layer-htp-libhtp.c:64