const FileDirection dir = upload ? FILE_UPLOAD : FILE_DOWNLOAD;
continue_inspecting_file = file_flows->file_process(p, get_file_cache_file_id(), data,
data_size, file_offset, dir, get_multiprocessing_file_id(), position, (const uint8_t*)filename.c_str(),
- filename.length());
+ filename.length(), uri, uri_length, host_name);
}
else
{
}
}
}
+
+void MimeSession::set_host_name(const std::string& host)
+{
+ if (host.empty())
+ return;
+
+ host_name = host;
+ host_set = true;
+}
+
+bool MimeSession::is_host_set() const
+{
+ return host_set;
+}
MailLogState* get_log_state();
void set_mime_stats(MimeStats*);
+ void set_host_name(const std::string& host);
+ bool is_host_set() const;
+
const BufferData& get_ole_buf();
const BufferData& get_vba_inspect_buf();
MimeStats* mime_stats = nullptr;
FilenameState filename_state = CONT_DISP_FILENAME_PARAM_NAME;
std::string filename;
+ std::string host_name {""};
+ bool host_set = false;
bool continue_inspecting_file = true;
// This counter is not an accurate count of files; used only for creating a unique mime_file_id
uint32_t file_counter = 0;
const int32_t uri_length;
uint64_t get_file_cache_file_id();
uint64_t get_multiprocessing_file_id();
- void mime_file_process(Packet* p, const uint8_t* data, int data_size,
- FilePosition position, bool upload);
+ void mime_file_process(Packet* p, const uint8_t* data, int data_size, FilePosition position, bool upload);
void reset_part_state();
// Individual service inspectors may have different implementations for these
}
else
mime_bufs = new std::list<MimeBufs>;
-
+
while (ptr < section_end)
{
// After process_mime_data(), ptr will point to the last byte processed in the current MIME part
- ptr = session_data->mime_state[source_id]->process_mime_data(p, ptr,
+ ptr = session_data->mime_state[source_id]->process_mime_data(p, ptr,
(section_end - ptr), true, SNORT_FILE_POSITION_UNKNOWN);
ptr++;
const FileDirection dir = source_id == SRC_SERVER ? FILE_DOWNLOAD : FILE_UPLOAD;
uint64_t file_index = get_header(source_id)->get_file_cache_index();
- const std::string host = get_header(source_id)->get_host_header_field();
+ // Get host from the header field.
+ std::string host = get_header(source_id)->get_host_header_field();
+
const uint8_t* filename_buffer = nullptr;
uint32_t filename_length = 0;
const uint8_t* uri_buffer = nullptr;
if (request != nullptr)
get_file_info(dir, filename_buffer, filename_length, uri_buffer, uri_length);
+ // Get host from the uri.
+ if (host.empty() and request != nullptr)
+ host = request->get_host_string();
+
bool continue_processing_file = file_flows->file_process(p, file_index, file_data.start(),
fp_length, session_data->file_octets[source_id], dir,
get_header(source_id)->get_multi_file_processing_id(), file_position,
session_data->mime_state[source_id] = new MimeSession(p,
params->mime_decode_conf, &mime_conf, get_multi_file_processing_id());
+ // Get host from the header field.
+ if (!session_data->mime_state[source_id]->is_host_set())
+ {
+ std::string host = get_host_header_field();
+ // Get host from the uri.
+ if (host.empty())
+ host = request->get_host_string();
+
+ session_data->mime_state[source_id]->set_host_name(host);
+ }
+
+
// Show file processing the Content-Type header as if it were regular data.
// This will enable it to find the boundary string.
// FIXIT-L develop a proper interface for passing the boundary string.
return ip_str;
}
+std::string HttpMsgRequest::get_host_string()
+{
+ if (!uri)
+ return "";
+
+ const Field& host = uri->get_host();
+ if (host.length() > STAT_EMPTY_STRING)
+ return string((const char*)host.start(), (size_t)host.length());
+ return "";
+}
+
#ifdef REG_TEST
void HttpMsgRequest::print_section(FILE* output)
const Field& get_uri();
const Field& get_uri_norm_classic();
std::string get_aux_ip();
+ std::string get_host_string();
HttpUri* get_http_uri() { return uri; }
ParameterMap& get_query_params();
ParameterMap& get_body_params();
projects / thirdparty / snort3.git / commitdiff
