suricata
Macros | Functions
util-decode-mime.c File Reference
#include "suricata-common.h"
#include "suricata.h"
#include "app-layer-smtp.h"
#include "util-decode-mime.h"
#include "util-ip.h"
#include "util-spm-bs.h"
#include "util-unittest.h"
#include "util-memcmp.h"
#include "util-print.h"
#include "util-validate.h"
#include "rust.h"
Include dependency graph for util-decode-mime.c:

Go to the source code of this file.

Macros

#define CR   13
 
#define LF   10
 
#define CRLF   "\r\n"
 
#define COLON   58
 
#define DASH   45
 
#define PRINTABLE_START   33
 
#define PRINTABLE_END   126
 
#define UC_START   65
 
#define UC_END   90
 
#define LC_START   97
 
#define LC_END   122
 
#define UC_LC_DIFF   32
 
#define EOL_LEN   2
 
#define BASE64_STR   "Base64"
 
#define MAX_LINE_LEN   998 /* Def in RFC 2045, excluding CRLF sequence */
 
#define MAX_ENC_LINE_LEN   76 /* Def in RFC 2045, excluding CRLF sequence */
 
#define MAX_HEADER_NAME   75 /* 75 + ":" = 76 */
 
#define MAX_HEADER_VALUE   2000 /* Default - arbitrary limit */
 
#define BOUNDARY_BUF   256
 
#define CTNT_TYPE_STR   "content-type"
 
#define CTNT_DISP_STR   "content-disposition"
 
#define CTNT_TRAN_STR   "content-transfer-encoding"
 
#define MSG_ID_STR   "message-id"
 
#define MSG_STR   "message/"
 
#define MULTIPART_STR   "multipart/"
 
#define QP_STR   "quoted-printable"
 
#define TXT_STR   "text/plain"
 
#define HTML_STR   "text/html"
 
#define STACK_FREE_NODES   10
 
#define MAX_IP4_CHARS   15
 
#define MAX_IP6_CHARS   39
 
#define TEST(str, len, expect)
 
#define TEST(str, len, expect)
 

Functions

void MimeDecSetConfig (MimeDecConfig *config)
 Set global config policy. More...
 
MimeDecConfigMimeDecGetConfig (void)
 Get global config policy. More...
 
void MimeDecFreeEntity (MimeDecEntity *entity)
 Frees a mime entity tree. More...
 
void MimeDecFreeField (MimeDecField *field)
 Iteratively frees a header field entry list. More...
 
void MimeDecFreeUrl (MimeDecUrl *url)
 Iteratively frees a URL entry list. More...
 
MimeDecFieldMimeDecAddField (MimeDecEntity *entity)
 Creates and adds a header field entry to an entity. More...
 
int MimeDecFindFieldsForEach (const MimeDecEntity *entity, const char *name, int(*DataCallback)(const uint8_t *val, const size_t, void *data), void *data)
 Searches for header fields with the specified name. More...
 
MimeDecFieldMimeDecFindField (const MimeDecEntity *entity, const char *name)
 Searches for a header field with the specified name. More...
 
MimeDecEntityMimeDecAddEntity (MimeDecEntity *parent)
 Creates and adds a child entity to the specified parent entity. More...
 
const char * MimeDecParseStateGetStatus (MimeDecParseState *state)
 
MimeDecParseStateMimeDecInitParser (void *data, int(*DataChunkProcessorFunc)(const uint8_t *chunk, uint32_t len, MimeDecParseState *state))
 Init the parser by allocating memory for the state and top-level entity. More...
 
void MimeDecDeInitParser (MimeDecParseState *state)
 De-Init parser by freeing up any residual memory. More...
 
int MimeDecParseComplete (MimeDecParseState *state)
 Called to indicate that the last message line has been processed and the parsing operation is complete. More...
 
int MimeDecParseLine (const uint8_t *line, const uint32_t len, const uint8_t delim_len, MimeDecParseState *state)
 Parse a line of a MIME message and update the parser state. More...
 
MimeDecEntityMimeDecParseFullMsg (const uint8_t *buf, uint32_t blen, void *data, int(*dcpfunc)(const uint8_t *chunk, uint32_t len, MimeDecParseState *state))
 Parses an entire message when available in its entirety (wraps the line-based parsing functions) More...
 
void MimeDecRegisterTests (void)
 

Detailed Description

Author
David Abarbanel david.nosp@m..aba.nosp@m.rbane.nosp@m.l@ba.nosp@m.esyst.nosp@m.ems..nosp@m.com

Definition in file util-decode-mime.c.

Macro Definition Documentation

◆ BASE64_STR

#define BASE64_STR   "Base64"

Definition at line 58 of file util-decode-mime.c.

◆ BOUNDARY_BUF

#define BOUNDARY_BUF   256

Definition at line 65 of file util-decode-mime.c.

◆ COLON

#define COLON   58

Definition at line 46 of file util-decode-mime.c.

◆ CR

#define CR   13

Definition at line 41 of file util-decode-mime.c.

◆ CRLF

#define CRLF   "\r\n"

Definition at line 45 of file util-decode-mime.c.

◆ CTNT_DISP_STR

#define CTNT_DISP_STR   "content-disposition"

Definition at line 67 of file util-decode-mime.c.

◆ CTNT_TRAN_STR

#define CTNT_TRAN_STR   "content-transfer-encoding"

Definition at line 68 of file util-decode-mime.c.

◆ CTNT_TYPE_STR

#define CTNT_TYPE_STR   "content-type"

Definition at line 66 of file util-decode-mime.c.

◆ DASH

#define DASH   45

Definition at line 47 of file util-decode-mime.c.

◆ EOL_LEN

#define EOL_LEN   2

Definition at line 55 of file util-decode-mime.c.

◆ HTML_STR

#define HTML_STR   "text/html"

Definition at line 74 of file util-decode-mime.c.

◆ LC_END

#define LC_END   122

Definition at line 53 of file util-decode-mime.c.

◆ LC_START

#define LC_START   97

Definition at line 52 of file util-decode-mime.c.

◆ LF

#define LF   10

Definition at line 42 of file util-decode-mime.c.

◆ MAX_ENC_LINE_LEN

#define MAX_ENC_LINE_LEN   76 /* Def in RFC 2045, excluding CRLF sequence */

Definition at line 62 of file util-decode-mime.c.

◆ MAX_HEADER_NAME

#define MAX_HEADER_NAME   75 /* 75 + ":" = 76 */

Definition at line 63 of file util-decode-mime.c.

◆ MAX_HEADER_VALUE

#define MAX_HEADER_VALUE   2000 /* Default - arbitrary limit */

Definition at line 64 of file util-decode-mime.c.

◆ MAX_IP4_CHARS

#define MAX_IP4_CHARS   15

Definition at line 80 of file util-decode-mime.c.

◆ MAX_IP6_CHARS

#define MAX_IP6_CHARS   39

Definition at line 81 of file util-decode-mime.c.

◆ MAX_LINE_LEN

#define MAX_LINE_LEN   998 /* Def in RFC 2045, excluding CRLF sequence */

Definition at line 61 of file util-decode-mime.c.

◆ MSG_ID_STR

#define MSG_ID_STR   "message-id"

Definition at line 69 of file util-decode-mime.c.

◆ MSG_STR

#define MSG_STR   "message/"

Definition at line 70 of file util-decode-mime.c.

◆ MULTIPART_STR

#define MULTIPART_STR   "multipart/"

Definition at line 71 of file util-decode-mime.c.

◆ PRINTABLE_END

#define PRINTABLE_END   126

Definition at line 49 of file util-decode-mime.c.

◆ PRINTABLE_START

#define PRINTABLE_START   33

Definition at line 48 of file util-decode-mime.c.

◆ QP_STR

#define QP_STR   "quoted-printable"

Definition at line 72 of file util-decode-mime.c.

◆ STACK_FREE_NODES

#define STACK_FREE_NODES   10

Definition at line 77 of file util-decode-mime.c.

◆ TEST [1/2]

#define TEST (   str,
  len,
  expect 
)
Value:
{ \
SCLogDebug("str %s", (str)); \
int r = IsIpv4Host((const uint8_t *)(str),(len)); \
FAIL_IF_NOT(r == (expect)); \
}

Definition at line 3211 of file util-decode-mime.c.

◆ TEST [2/2]

#define TEST (   str,
  len,
  expect 
)
Value:
{ \
SCLogDebug("str %s", (str)); \
int r = IsIpv6Host((const uint8_t *)(str),(len)); \
FAIL_IF_NOT(r == (expect)); \
}

Definition at line 3211 of file util-decode-mime.c.

◆ TXT_STR

#define TXT_STR   "text/plain"

Definition at line 73 of file util-decode-mime.c.

◆ UC_END

#define UC_END   90

Definition at line 51 of file util-decode-mime.c.

◆ UC_LC_DIFF

#define UC_LC_DIFF   32

Definition at line 54 of file util-decode-mime.c.

◆ UC_START

#define UC_START   65

Definition at line 50 of file util-decode-mime.c.

Function Documentation

◆ MimeDecAddEntity()

MimeDecEntity* MimeDecAddEntity ( MimeDecEntity parent)

Creates and adds a child entity to the specified parent entity.

Parameters
parentThe parent entity
Returns
The child entity, or NULL if the operation fails

Definition at line 385 of file util-decode-mime.c.

References MimeDecEntity::child, MimeDecEntity::next, SCMalloc, and unlikely.

◆ MimeDecAddField()

MimeDecField* MimeDecAddField ( MimeDecEntity entity)

Creates and adds a header field entry to an entity.

The entity is optional. If NULL is specified, than a new stand-alone field is created.

Parameters
entityThe parent entity
Returns
The field object, or NULL if the operation fails

Definition at line 267 of file util-decode-mime.c.

References MimeDecEntity::field_list, MimeDecField::next, SCMalloc, and unlikely.

◆ MimeDecDeInitParser()

void MimeDecDeInitParser ( MimeDecParseState state)

De-Init parser by freeing up any residual memory.

Parameters
stateThe parser state
Returns
none

Definition at line 2442 of file util-decode-mime.c.

◆ MimeDecFindField()

MimeDecField* MimeDecFindField ( const MimeDecEntity entity,
const char *  name 
)

Searches for a header field with the specified name.

Parameters
entityThe entity to search
nameThe header name (lowercase)
Returns
The field object, or NULL if not found

Definition at line 326 of file util-decode-mime.c.

References MimeDecEntity::field_list, MimeDecField::name, MimeDecField::name_len, MimeDecField::next, and SCMemcmp.

◆ MimeDecFindFieldsForEach()

int MimeDecFindFieldsForEach ( const MimeDecEntity entity,
const char *  name,
int(*)(const uint8_t *val, const size_t, void *data)  DataCallback,
void *  data 
)

Searches for header fields with the specified name.

Parameters
entityThe entity to search
nameThe header name (lowercase)
Returns
number of items found

Definition at line 298 of file util-decode-mime.c.

References MimeDecEntity::field_list, MimeDecField::name, MimeDecField::name_len, MimeDecField::next, SCMemcmp, MimeDecField::value, and MimeDecField::value_len.

◆ MimeDecFreeEntity()

void MimeDecFreeEntity ( MimeDecEntity entity)

Frees a mime entity tree.

Parameters
entityThe root entity
Returns
none

Definition at line 176 of file util-decode-mime.c.

◆ MimeDecFreeField()

void MimeDecFreeField ( MimeDecField field)

Iteratively frees a header field entry list.

Parameters
fieldThe header field
Returns
none

Definition at line 209 of file util-decode-mime.c.

References MimeDecField::name, MimeDecField::next, SCFree, and MimeDecField::value.

◆ MimeDecFreeUrl()

void MimeDecFreeUrl ( MimeDecUrl url)

Iteratively frees a URL entry list.

Parameters
urlThe url entry
Returns
none

Definition at line 238 of file util-decode-mime.c.

References MimeDecUrl::next, SCFree, and MimeDecUrl::url.

◆ MimeDecGetConfig()

MimeDecConfig* MimeDecGetConfig ( void  )

Get global config policy.

Returns
config data structure

Definition at line 146 of file util-decode-mime.c.

◆ MimeDecInitParser()

MimeDecParseState* MimeDecInitParser ( void *  data,
int(*)(const uint8_t *chunk, uint32_t len, MimeDecParseState *state)  DataChunkProcessorFunc 
)

Init the parser by allocating memory for the state and top-level entity.

Parameters
dataA caller-specified pointer to data for access within the data chunk processor callback function
dcpfuncThe data chunk processor callback function
Returns
A pointer to the state object, or NULL if the operation fails

Definition at line 2390 of file util-decode-mime.c.

References MimeDecEntity::ctnt_flags, CTNT_IS_MSG, MimeDecParseState::msg, SCFree, SCMalloc, MimeDecParseState::stack, and unlikely.

Referenced by MimeDecParseFullMsg().

Here is the caller graph for this function:

◆ MimeDecParseComplete()

int MimeDecParseComplete ( MimeDecParseState state)

Called to indicate that the last message line has been processed and the parsing operation is complete.

This function should be called directly by the caller.

Parameters
stateThe parser state
Returns
MIME_DEC_OK on success, otherwise < 0 on failure

Definition at line 2478 of file util-decode-mime.c.

References MIME_DEC_ERR_STATE, MIME_DEC_OK, PARSE_ERROR, SCLogDebug, and MimeDecParseState::state_flag.

◆ MimeDecParseFullMsg()

MimeDecEntity* MimeDecParseFullMsg ( const uint8_t *  buf,
uint32_t  blen,
void *  data,
int(*)(const uint8_t *chunk, uint32_t len, MimeDecParseState *state)  dcpfunc 
)

Parses an entire message when available in its entirety (wraps the line-based parsing functions)

Parameters
bufBuffer pointing to the full message
blenLength of the buffer
dataCaller data to be available in callback
dcpfuncCallback for processing each decoded body data chunk
Returns
A pointer to the decoded MIME message, or NULL if the operation fails

Definition at line 2580 of file util-decode-mime.c.

References MIME_DEC_OK, MimeDecInitParser(), MimeDecParseState::msg, msg, and SCLogDebug.

Here is the call graph for this function:

◆ MimeDecParseLine()

int MimeDecParseLine ( const uint8_t *  line,
const uint32_t  len,
const uint8_t  delim_len,
MimeDecParseState state 
)

Parse a line of a MIME message and update the parser state.

Parameters
lineA string representing the line (w/out CRLF)
lenThe length of the line
delim_lenThe length of the line end delimiter
stateThe parser state
Returns
MIME_DEC_OK on success, otherwise < 0 on failure

Definition at line 2546 of file util-decode-mime.c.

References len, and MIME_DEC_OK.

◆ MimeDecParseStateGetStatus()

const char* MimeDecParseStateGetStatus ( MimeDecParseState state)

Definition at line 2317 of file util-decode-mime.c.

◆ MimeDecRegisterTests()

void MimeDecRegisterTests ( void  )

Definition at line 3555 of file util-decode-mime.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ MimeDecSetConfig()

void MimeDecSetConfig ( MimeDecConfig config)

Set global config policy.

Parameters
configConfig policy to set
Returns
none

Definition at line 127 of file util-decode-mime.c.

len
uint8_t len
Definition: app-layer-dnp3.h:2
str
#define str(s)
Definition: suricata-common.h:286