return jsret_codes[ret];
}
-JSNorm::JSNorm(JSNormConfig* jsn_config, bool ext_script_type) :
- alive(true), pdu_cnt(0), src_ptr(nullptr), src_end(nullptr),
- idn_ctx(nullptr), jsn_ctx(nullptr), ext_script_type(ext_script_type)
+JSNorm::JSNorm(JSNormConfig* jsn_config, bool ext_script_type, uint32_t generation_id) :
+ alive(true), pdu_cnt(0), src_ptr(nullptr), src_end(nullptr), idn_ctx(nullptr),
+ jsn_ctx(nullptr), ext_script_type(ext_script_type), generation_id(generation_id)
{
config = jsn_config;
alive = (bool)config;
class SO_PUBLIC JSNorm
{
public:
- JSNorm(JSNormConfig*, bool ext_script_type = false);
+ JSNorm(JSNormConfig*, bool ext_script_type = false, uint32_t generation_id = 0);
JSNorm(const JSNorm&) = delete;
virtual ~JSNorm();
void flush_data(const void*&, size_t&);
void flush_data();
+ uint32_t get_generation_id() const
+ { return generation_id; }
+
protected:
virtual bool pre_proc();
virtual bool post_proc(int);
JSEvents events;
JSNormConfig* config;
+ uint32_t generation_id;
};
}
return magic_len < len and !strncmp((const char*)data, magic, magic_len);
}
- PDFJSNorm(JSNormConfig* cfg) :
- JSNorm(cfg), pdf_in(&buf_pdf_in), pdf_out(&buf_pdf_out), extractor(pdf_in, pdf_out)
+ PDFJSNorm(JSNormConfig* cfg, uint32_t gen_id) :
+ JSNorm(cfg, false, gen_id),
+ pdf_in(&buf_pdf_in), pdf_out(&buf_pdf_out), extractor(pdf_in, pdf_out)
{ }
protected:
{
public:
HttpInlineJSNorm(JSNormConfig* jsn_config, uint64_t tid, snort::SearchTool* mpse_open_tag,
- snort::SearchTool* mpse_tag_attr) :
- JSNorm(jsn_config), mpse_otag(mpse_open_tag), mpse_attr(mpse_tag_attr), output_size(0), ext_ref_type(false)
+ snort::SearchTool* mpse_tag_attr, uint32_t gen_id) :
+ JSNorm(jsn_config, false, gen_id), mpse_otag(mpse_open_tag),
+ mpse_attr(mpse_tag_attr), output_size(0), ext_ref_type(false)
{ trans_num = tid; }
snort::JSNorm& ctx() override
class HttpExternalJSNorm : public snort::JSNorm, public HttpJSNorm
{
public:
- HttpExternalJSNorm(JSNormConfig* jsn_config, uint64_t tid) : JSNorm(jsn_config)
+ HttpExternalJSNorm(JSNormConfig* jsn_config, uint64_t tid, uint32_t gen_id) :
+ JSNorm(jsn_config, false, gen_id)
{ trans_num = tid; }
snort::JSNorm& ctx() override
class HttpPDFJSNorm : public snort::PDFJSNorm, public HttpJSNorm
{
public:
- HttpPDFJSNorm(JSNormConfig* jsn_config, uint64_t tid) :
- PDFJSNorm(jsn_config)
+ HttpPDFJSNorm(JSNormConfig* jsn_config, uint64_t tid, uint32_t gen_id) :
+ PDFJSNorm(jsn_config, gen_id)
{ trans_num = tid; }
snort::JSNorm& ctx() override
if (js_ctx)
{
- if (js_ctx->get_trans_num() == trans_num)
+ if (js_ctx->get_trans_num() == trans_num and
+ js_ctx->ctx().get_generation_id() == SnortConfig::get_conf()->get_reload_id())
return js_ctx;
delete js_ctx;
case CT_TEXT_JSCRIPT:
case CT_TEXT_LIVESCRIPT:
// an external script should be processed from the beginning
- js_ctx = first_body ? new HttpExternalJSNorm(jsn_config, trans_num) : nullptr;
+ js_ctx = first_body ? new HttpExternalJSNorm(jsn_config, trans_num,
+ SnortConfig::get_conf()->get_reload_id()) : nullptr;
break;
case CT_APPLICATION_XHTML_XML:
case CT_TEXT_HTML:
js_ctx = new HttpInlineJSNorm(jsn_config, trans_num, params->js_norm_param.mpse_otag,
- params->js_norm_param.mpse_attr);
+ params->js_norm_param.mpse_attr, SnortConfig::get_conf()->get_reload_id());
break;
case CT_APPLICATION_PDF:
- js_ctx = new HttpPDFJSNorm(jsn_config, trans_num);
+ js_ctx = new HttpPDFJSNorm(jsn_config, trans_num, SnortConfig::get_conf()->get_reload_id());
break;
case CT_APPLICATION_OCTET_STREAM:
- js_ctx = first_body and HttpPDFJSNorm::is_pdf(decompressed_file_body.start(), decompressed_file_body.length()) ?
- new HttpPDFJSNorm(jsn_config, trans_num) : nullptr;
+ js_ctx = first_body and
+ HttpPDFJSNorm::is_pdf(decompressed_file_body.start(), decompressed_file_body.length()) ?
+ new HttpPDFJSNorm(jsn_config, trans_num, SnortConfig::get_conf()->get_reload_id()) : nullptr;
break;
}
if (js_ctx)
{
- if (js_ctx->get_trans_num() == trans_num)
+ if (js_ctx->get_trans_num() == trans_num and
+ js_ctx->ctx().get_generation_id() == SnortConfig::get_conf()->get_reload_id())
return js_ctx;
delete js_ctx;
JSNormConfig* jsn_config = get_inspection_policy()->jsn_config;
js_ctx = HttpPDFJSNorm::is_pdf(decompressed_file_body.start(), decompressed_file_body.length()) ?
- new HttpPDFJSNorm(jsn_config, trans_num) : nullptr;
+ new HttpPDFJSNorm(jsn_config, trans_num, SnortConfig::get_conf()->get_reload_id()) : nullptr;
session_data->js_ctx_mime[source_id] = js_ctx;
return js_ctx;
static inline PDFJSNorm* acquire_js_ctx(IMAPData& imap_ssn, const void* data, size_t len)
{
- if (imap_ssn.jsn)
+ auto reload_id = SnortConfig::get_conf()->get_reload_id();
+
+ if (imap_ssn.jsn and imap_ssn.jsn->get_generation_id() == reload_id)
return imap_ssn.jsn;
+ delete imap_ssn.jsn;
+ imap_ssn.jsn = nullptr;
+
JSNormConfig* cfg = get_inspection_policy()->jsn_config;
if (cfg and PDFJSNorm::is_pdf(data, len))
{
- imap_ssn.jsn = new PDFJSNorm(cfg);
+ imap_ssn.jsn = new PDFJSNorm(cfg, reload_id);
++imapstats.js_pdf_scripts;
}
static inline PDFJSNorm* acquire_js_ctx(POPData& pop_ssn, const void* data, size_t len)
{
- if (pop_ssn.jsn)
+ auto reload_id = SnortConfig::get_conf()->get_reload_id();
+
+ if (pop_ssn.jsn and pop_ssn.jsn->get_generation_id() == reload_id)
return pop_ssn.jsn;
+ delete pop_ssn.jsn;
+ pop_ssn.jsn = nullptr;
+
JSNormConfig* cfg = get_inspection_policy()->jsn_config;
if (cfg and PDFJSNorm::is_pdf(data, len))
{
- pop_ssn.jsn = new PDFJSNorm(cfg);
+ pop_ssn.jsn = new PDFJSNorm(cfg, reload_id);
++popstats.js_pdf_scripts;
}
static inline PDFJSNorm* acquire_js_ctx(SMTPData& smtp_ssn, const void* data, size_t len)
{
- if (smtp_ssn.jsn)
+ auto reload_id = SnortConfig::get_conf()->get_reload_id();
+
+ if (smtp_ssn.jsn and smtp_ssn.jsn->get_generation_id() == reload_id)
return smtp_ssn.jsn;
+ delete smtp_ssn.jsn;
+ smtp_ssn.jsn = nullptr;
+
JSNormConfig* cfg = get_inspection_policy()->jsn_config;
if (cfg and PDFJSNorm::is_pdf(data, len))
{
- smtp_ssn.jsn = new PDFJSNorm(cfg);
+ smtp_ssn.jsn = new PDFJSNorm(cfg, reload_id);
++smtpstats.js_pdf_scripts;
}
projects / thirdparty / snort3.git / commitdiff
