]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
http_inspect: request and response shouldn't be available for pkt_data
authorMaya Dagon <mdagon@cisco.com>
Mon, 1 Aug 2022 14:46:11 +0000 (10:46 -0400)
committerTom Peters (thopeter) <thopeter@cisco.com>
Tue, 2 Aug 2022 18:04:39 +0000 (18:04 +0000)
src/service_inspectors/http_inspect/http_inspect.cc

index 805fb54a1a97c4fb72b6dceeeaa692c3c1ad30f1..467bfb9c2cc8efb904e4d3c2758e28d5185b2e4f 100755 (executable)
@@ -556,9 +556,11 @@ void HttpInspect::eval(Packet* p, SourceId source_id, const uint8_t* data, uint1
 
     session_data->octets_reassembled[source_id] = STAT_NOT_PRESENT;
 
-    // Don't make pkt_data for headers available to detection
+    // Don't make pkt_data for headers, request and response available to detection
     if ((session_data->section_type[source_id] == SEC_HEADER) ||
-        (session_data->section_type[source_id] == SEC_TRAILER))
+        (session_data->section_type[source_id] == SEC_TRAILER) ||
+        (session_data->section_type[source_id] == SEC_REQUEST) ||
+        (session_data->section_type[source_id] == SEC_STATUS))
     {
         p->set_detect_limit(0);
     }