]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: acec24a)
files: always initialize inspect_window and min_inspect_depth
authorVictor Julien <vjulien@oisf.net>
Wed, 23 Nov 2022 13:29:39 +0000 (14:29 +0100)
committerVictor Julien <vjulien@oisf.net>
Sat, 26 Nov 2022 06:07:15 +0000 (07:07 +0100)
This is to make sure the files buffers are properly managed even
when there are no rules or when there are no file.data rules.

Bug: #5703.
(cherry picked from commit e601ebdfd8efa9a36e5d0d9a1539945c6498bd7c)

src/detect-file-data.c patch | blob | blame | history
src/util-file.c patch | blob | blame | history
src/util-file.h patch | blob | blame | history

diff --git a/src/detect-file-data.c b/src/detect-file-data.c
index 8536b9394223e11615f16f7e24443c0aea56ad14..b326e0c92f1bfcf850e979451bf34f7bd4d1e4bd 100644 (file)
--- a/src/detect-file-data.c
+++ b/src/detect-file-data.c
@@ -139,10 +139,6 @@ void DetectFiledataRegister(void)
     g_file_data_buffer_id = DetectBufferTypeGetByName("file_data");
 }
 
-#define FILEDATA_CONTENT_LIMIT 100000
-#define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
-#define FILEDATA_CONTENT_INSPECT_WINDOW 4096
-
 static void SetupDetectEngineConfig(DetectEngineCtx *de_ctx) {
     if (de_ctx->filedata_config_initialized)
         return;
diff --git a/src/util-file.c b/src/util-file.c
index f41c1b075047fa548aee3728e093075cbfa749e6..9e8e64c3765363e8785b1f813596a671d6bbd369 100644 (file)
--- a/src/util-file.c
+++ b/src/util-file.c
@@ -913,6 +913,9 @@ static File *FileOpenFile(FileContainer *ffc, const StreamingBufferConfig *sbcfg
 
     FileContainerAdd(ffc, ff);
 
+    /* set default window and min inspection size */
+    FileSetInspectSizes(ff, FILEDATA_CONTENT_INSPECT_WINDOW, FILEDATA_CONTENT_INSPECT_MIN_SIZE);
+
     ff->size += data_len;
     if (data != NULL) {
         if (AppendData(ff, data, data_len) != 0) {
diff --git a/src/util-file.h b/src/util-file.h
index a4e3c6a10ee9b4550c20aefe2ad082ad7bf991ac..5730e94fad594f08fb797f037a4a9f5b9de9ab8d 100644 (file)
--- a/src/util-file.h
+++ b/src/util-file.h
@@ -49,6 +49,10 @@
 #define FILE_USE_DETECT BIT_U16(13) /**< use content_inspected tracker */
 #define FILE_HAS_GAPS   BIT_U16(15)
 
+#define FILEDATA_CONTENT_LIMIT            100000
+#define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768
+#define FILEDATA_CONTENT_INSPECT_WINDOW   4096
+
 typedef enum FileState_ {
     FILE_STATE_NONE = 0,    /**< no state */
     FILE_STATE_OPENED,      /**< flow file is opened */
Mirror of https://github.com/OISF/suricata.git