git.ipfire.org Git - people/ms/suricata.git/commit

author	Victor Julien <victor@inliniac.net>
	Wed, 10 Jan 2018 18:17:33 +0000 (19:17 +0100)
committer	Victor Julien <victor@inliniac.net>
	Fri, 19 Jan 2018 09:15:03 +0000 (10:15 +0100)
commit	1df00749df6b250db79e9ad3760dea1a2b99cfb9
tree	356a03ac8bc4d8edc00085cec7ba2d96b4029634	tree \| snapshot
parent	7a96d18f36817ec8280546b248ef0d0afe16f88a	commit \| diff

detect: fix multiple files per tx inspect

Fix the inspection of multiple files in a single TX, where new files
may be added to the TX after inspection started.

Assign the hard coded id DE_STATE_FLAG_FILE_INSPECT to the file
inspect engine.

Make sure that sigs that do file inspection and don't match on the
current file always store a detailed state. This state will include
the DE_STATE_FLAG_FILE_INSPECT flag.

When the app-layer indicates a new file is available, for each sig
that has the DE_STATE_FLAG_FILE_INSPECT flag set, reset part of the
state so that the sig is evaluated again.

src/app-layer-htp.c		diff \| blob \| blame \| history
src/app-layer-smtp.c		diff \| blob \| blame \| history
src/detect-engine-state.c		diff \| blob \| blame \| history
src/detect-engine-state.h		diff \| blob \| blame \| history
src/detect-engine.c		diff \| blob \| blame \| history
src/detect.c		diff \| blob \| blame \| history