Pull request #3455: JS Normalizer: add explicit check for HTML script opening tag...

Merge in SNORT/snort3 from ~OSERHIIE/snort3:js_inline_scripts to master

Squashed commit of the following:

commit f8e2c07bc730f705941d659fb8eb2e70c8e4c00d
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Thu Jun 2 15:28:06 2022 +0300

    http_inspect: add explicit check for HTML script opening tag ending

diff --git a/src/service_inspectors/http_inspect/http_js_norm.cc b/src/service_inspectors/http_inspect/http_js_norm.cc
index 8a6a671618ef8478d5a6274157fd4bc561b2e32a..8423fc5ac35919458496a5a6d349d4bdbbfdf988 100644 (file)
--- a/src/service_inspectors/http_inspect/http_js_norm.cc
+++ b/src/service_inspectors/http_inspect/http_js_norm.cc
@@ -268,7 +268,7 @@ void HttpJsNorm::do_inline(const Field& input, Field& output,
                 ptr++;
             else
             {
-                if (!mpse_attr->find(ptr, end - ptr, match_attr, false, &sctx))
+                if (!mpse_attr->find(ptr, end - ptr, match_attr, false, &sctx) || ptr == sctx.next)
                     break; // the opening tag never ends
                 ptr = sctx.next;
             }
@@ -570,9 +570,9 @@ int HttpJsNorm::match_attr(void* pid, void*, int index, void* sctx, void*)
         return 0;
 
     default:
+        assert(false);
         ctx->is_external = false;
         ctx->is_javascript = false;
-        ctx->next += index;
         return 1;
     }
 }