suricata
app-layer-htp-libhtp.c
Go to the documentation of this file.
1 /*
2  * We are using this file to hold APIs copied from libhtp 0.5.x.
3  */
4 
5 /***************************************************************************
6  * Copyright (c) 2009-2010 Open Information Security Foundation
7  * Copyright (c) 2010-2013 Qualys, Inc.
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions are
12  * met:
13  *
14  * - Redistributions of source code must retain the above copyright
15  * notice, this list of conditions and the following disclaimer.
16  *
17  * - Redistributions in binary form must reproduce the above copyright
18  * notice, this list of conditions and the following disclaimer in the
19  * documentation and/or other materials provided with the distribution.
20  *
21  * - Neither the name of the Qualys, Inc. nor the names of its
22  * contributors may be used to endorse or promote products derived from
23  * this software without specific prior written permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
31  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
35  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36  ***************************************************************************/
37 
38 /**
39  * Anoop Saldanha <anoopsaldanha@gmail.com>
40  */
41 
42 #include "suricata.h"
43 #include "suricata-common.h"
44 #include "app-layer-htp-libhtp.h"
45 
46 /**
47  * \brief Generates the normalized uri.
48  *
49  * Libhtp doesn't recreate the whole normalized uri and save it.
50  * That duty has now been passed to us. A lot of this code has been
51  * copied from libhtp.
52  *
53  * Keep an eye out on the tx->parsed_uri struct and how the parameters
54  * in it are generated, just in case some modifications are made to
55  * them in the future.
56  *
57  * \param uri_include_all boolean to indicate if scheme, username/password,
58  hostname and port should be part of the buffer
59  */
60 bstr *SCHTPGenerateNormalizedUri(htp_tx_t *tx, htp_uri_t *uri, int uri_include_all)
61 {
62  if (uri == NULL)
63  return NULL;
64 
65  // On the first pass determine the length of the final string
66  size_t len = 0;
67 
68  if (uri_include_all) {
69  if (uri->scheme != NULL) {
70  len += bstr_len(uri->scheme);
71  len += 3; // "://"
72  }
73 
74  if ((uri->username != NULL) || (uri->password != NULL)) {
75  if (uri->username != NULL) {
76  len += bstr_len(uri->username);
77  }
78 
79  len += 1; // ":"
80 
81  if (uri->password != NULL) {
82  len += bstr_len(uri->password);
83  }
84 
85  len += 1; // "@"
86  }
87 
88  if (uri->hostname != NULL) {
89  len += bstr_len(uri->hostname);
90  }
91 
92  if (uri->port != NULL) {
93  len += 1; // ":"
94  len += bstr_len(uri->port);
95  }
96  }
97 
98  if (uri->path != NULL) {
99  len += bstr_len(uri->path);
100  }
101 
102  if (uri->query != NULL) {
103  len += 1; // "?"
104  len += bstr_len(uri->query);
105  }
106 
107  if (uri->fragment != NULL) {
108  len += 1; // "#"
109  len += bstr_len(uri->fragment);
110  }
111 
112  // On the second pass construct the string
113  /* FIXME in memcap */
114  bstr *r = bstr_alloc(len);
115  if (r == NULL) {
116  return NULL;
117  }
118 
119  if (uri_include_all) {
120  if (uri->scheme != NULL) {
121  bstr_add_noex(r, uri->scheme);
122  bstr_add_c_noex(r, "://");
123  }
124 
125  if ((uri->username != NULL) || (uri->password != NULL)) {
126  if (uri->username != NULL) {
127  bstr_add_noex(r, uri->username);
128  }
129 
130  bstr_add_c_noex(r, ":");
131 
132  if (uri->password != NULL) {
133  bstr_add_noex(r, uri->password);
134  }
135 
136  bstr_add_c_noex(r, "@");
137  }
138 
139  if (uri->hostname != NULL) {
140  bstr_add_noex(r, uri->hostname);
141  }
142 
143  if (uri->port != NULL) {
144  bstr_add_c_noex(r, ":");
145  bstr_add_noex(r, uri->port);
146  }
147  }
148 
149  if (uri->path != NULL) {
150  bstr_add_noex(r, uri->path);
151  }
152 
153  if (uri->query != NULL) {
154  bstr *query = bstr_dup(uri->query);
155  if (query) {
156  uint64_t flags = 0;
157  htp_urldecode_inplace(tx->cfg, HTP_DECODER_URLENCODED, query, &flags);
158  bstr_add_c_noex(r, "?");
159  bstr_add_noex(r, query);
160  bstr_free(query);
161  }
162  }
163 
164  if (uri->fragment != NULL) {
165  bstr_add_c_noex(r, "#");
166  bstr_add_noex(r, uri->fragment);
167  }
168 
169  return r;
170 }
uint16_t flags
bstr * SCHTPGenerateNormalizedUri(htp_tx_t *tx, htp_uri_t *uri, int uri_include_all)
Generates the normalized uri.
uint8_t len