Squashed commit of the following:
commit
e68cab344dfd15d2c1abbfb214409c6c22d0c741
Author: deramada <deramada@cisco.com>
Date: Tue Oct 15 15:40:55 2019 -0400
http2_inspect: abort on header decode error
static const uint32_t HTTP2_GID = 121;
// Frame type codes (fourth octet of frame header)
-enum FrameType { FT_DATA=0, FT_HEADERS=1, FT_PRIORITY=2, FT_RST_STREAM=3, FT_SETTINGS=4,
- FT_PUSH_PROMISE=5, FT_PING=6, FT_GOAWAY=7, FT_WINDOW_UPDATE=8, FT_CONTINUATION=9, FT__NONE=255 };
+enum FrameType : uint8_t { FT_DATA=0, FT_HEADERS=1, FT_PRIORITY=2, FT_RST_STREAM=3, FT_SETTINGS=4,
+ FT_PUSH_PROMISE=5, FT_PING=6, FT_GOAWAY=7, FT_WINDOW_UPDATE=8, FT_CONTINUATION=9, FT__ABORT=254,
+ FT__NONE=255 };
// Message buffers available to clients
// This enum must remain synchronized with Http2Api::classic_buffer_names[]
bool header_coming[2] = { false, false };
bool payload_discard[2] = { false, false };
uint32_t frames_aggregated[2] = { 0, 0 };
+
+ // Used by scan, reassemble and eval to communicate
+ uint8_t frame_type[2] = { Http2Enums::FT__NONE, Http2Enums::FT__NONE };
// Internal to reassemble()
Http2Hpack hpack[2];
Http2FlowData* const session_data =
(Http2FlowData*)p->flow->get_flow_data(Http2FlowData::inspector_id);
+ // FIXIT-H Workaround for unexpected eval() calls
+ // Avoid eval if scan/reassemble aborts
+ if (session_data->frame_type[source_id] == FT__NONE)
+ return;
+
+ session_data->frame_type[source_id] = FT__NONE;
+
set_file_data(session_data->frame_data[source_id],
session_data->frame_data_size[source_id]);
session_data->frame_in_detection = true;
Http2Module::increment_peg_counts(PEG_FLOW);
}
+ // General mechanism to abort using scan
+ if (session_data->frame_type[source_id] == FT__ABORT)
+ {
+ session_data->frame_type[source_id] = FT__NONE;
+ return HttpStreamSplitter::status_value(StreamSplitter::ABORT, true);
+ }
+
#ifdef REG_TEST
uint32_t dummy_flush_offset;
// Since this doesn't go to detection, clear() doesn't get called, so need to
// clear frame data from flow data directly
session_data->clear_frame_data(source_id);
+
+ session_data->frame_type[source_id] = FT__ABORT;
return frame_buf;
}
}
// create pkt_data buffer
frame_buf.data = (const uint8_t*)"";
}
+ session_data->frame_type[source_id] = get_frame_type(session_data->frame_header[source_id]);
return frame_buf;
}
projects / thirdparty / snort3.git / commitdiff
