]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
projects / thirdparty / snort3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4fd0f43)
Pull request #3654: http_inspect: remove port from xff header
authorKaushal Bhandankar (kbhandan) <kbhandan@cisco.com>
Fri, 18 Nov 2022 17:49:39 +0000 (17:49 +0000)
committerKaushal Bhandankar (kbhandan) <kbhandan@cisco.com>
Fri, 18 Nov 2022 17:49:39 +0000 (17:49 +0000)
Merge in SNORT/snort3 from ~ABHRAWAT/snort3:xff_port to master

Squashed commit of the following:

commit 303ea6d9c86555861cb1e7af7fe771b7b5168293
Author: abhrawat <abhrawat@cisco.com>
Date:   Sun Nov 6 14:32:13 2022 +0000

    http_inspect: remove port from xff header

src/service_inspectors/http_inspect/http_msg_header.cc patch | blob | blame | history
src/sfip/sf_ip.cc patch | blob | blame | history

diff --git a/src/service_inspectors/http_inspect/http_msg_header.cc b/src/service_inspectors/http_inspect/http_msg_header.cc
index 15bda008ef60a36e321af958eb00864044601947..f36688abced0bf47017213b7b557d6c996eb9704 100755 (executable)
--- a/src/service_inspectors/http_inspect/http_msg_header.cc
+++ b/src/service_inspectors/http_inspect/http_msg_header.cc
@@ -122,6 +122,12 @@ const Field& HttpMsgHeader::get_true_ip_addr()
     addr_str[true_ip.length()] = '\0';
 
     SfIp tmp_sfip;
+    
+    /* remove port number from ip address */
+    char* colon_port = strrchr((char*)addr_str, ':');
+    if (colon_port && (strpbrk((char*)addr_str, "[.")))
+        *colon_port = '\0';
+    
     const SfIpRet status = tmp_sfip.set((char*)addr_str);
     delete[] addr_str;
     if (status != SFIP_SUCCESS)
diff --git a/src/sfip/sf_ip.cc b/src/sfip/sf_ip.cc
index 04c960cbf320ff2be4f75cdf6eaa9c67c0f7785d..41329ded6279e6df12793bca493a458b53167d59 100644 (file)
--- a/src/sfip/sf_ip.cc
+++ b/src/sfip/sf_ip.cc
@@ -187,6 +187,8 @@ static inline int _netmask_str_to_bit_count(char* mask, int family)
 /* Parses "src" and stores results in "dst" */
 SfIpRet SfIp::set(const char* src, uint16_t* srcBits)
 {
+    bool ob = 0;
+    char* cb;
     char* mask;
     char* sfip_buf;
     char* ip;
@@ -200,8 +202,11 @@ SfIpRet SfIp::set(const char* src, uint16_t* srcBits)
     family = sfip_str_to_fam(src);
 
     /* skip whitespace or opening bracket */
-    while (isspace((int)*ip) || (*ip == '['))
+    while (isspace((int)*ip) || ((*ip == '[') ? ob = 1 : 0))
         ip++;
+    
+    if (ob && (cb = strrchr(ip, ']')))
+        *cb = '\0';
 
     /* check for and extract a mask in CIDR form */
     if ( (mask = strchr(ip, (int)'/')) != nullptr )
Mirror of https://github.com/snort3/snort3.git