Pull request #3198: BUG #715019: Hitting assert - HttpMsgBody::clean_partial

author Tom Peters (thopeter) <thopeter@cisco.com>

Fri, 10 Dec 2021 22:22:08 +0000 (22:22 +0000)

committer Tom Peters (thopeter) <thopeter@cisco.com>

Fri, 10 Dec 2021 22:22:08 +0000 (22:22 +0000)
author Tom Peters (thopeter) <thopeter@cisco.com>
Fri, 10 Dec 2021 22:22:08 +0000 (22:22 +0000)
committer Tom Peters (thopeter) <thopeter@cisco.com>
Fri, 10 Dec 2021 22:22:08 +0000 (22:22 +0000)
diff --git a/src/pub_sub/test/pub_sub_http_request_body_event_test.cc b/src/pub_sub/test/pub_sub_http_request_body_event_test.cc

index 80177c0e09d860f86e2110e4cb8ad512f6fceaa5..173a3d638d04889406505ce122c994846bde6d81 100644 (file)
--- a/src/pub_sub/test/pub_sub_http_request_body_event_test.cc
+++ b/src/pub_sub/test/pub_sub_http_request_body_event_test.cc
@@ -56,7 +56,7 @@ void HttpMsgBody::do_file_processing(const Field&) {}
  void HttpMsgBody::do_utf_decoding(const Field&, Field&) {}
  void HttpMsgBody::do_file_decompression(const Field&, Field&) {}
  void HttpMsgBody::do_enhanced_js_normalization(const Field&, Field&) {}
-void HttpMsgBody::clean_partial(uint32_t&, uint32_t&, uint8_t*&, uint32_t&, int32_t) {}
+void HttpMsgBody::clean_partial(uint32_t&, uint32_t&, uint8_t*&, uint32_t&) {}
  void HttpMsgBody::bookkeeping_regular_flush(uint32_t&, uint8_t*&, uint32_t&, int32_t) {}
  #ifdef REG_TEST
  void HttpMsgBody::print_body_section(FILE*, const char*) {}
diff --git a/src/service_inspectors/http_inspect/http_msg_body.cc b/src/service_inspectors/http_inspect/http_msg_body.cc

index f2df2ae97329401d63eda27b78a768ff84e116de..3d0d8a64f9f825e1543659a1262e484fe3460d2e 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body.cc
+++ b/src/service_inspectors/http_inspect/http_msg_body.cc
@@ -89,7 +89,7 @@ void HttpMsgBody::bookkeeping_regular_flush(uint32_t& partial_detect_length,
  }
  
  void HttpMsgBody::clean_partial(uint32_t& partial_inspected_octets, uint32_t& partial_detect_length,
-    uint8_t*& partial_detect_buffer, uint32_t& partial_js_detect_length, int32_t detect_length)
+    uint8_t*& partial_detect_buffer, uint32_t& partial_js_detect_length)
  {
      body_octets += msg_text.length();
      partial_inspected_octets = session_data->partial_flush[source_id] ? msg_text.length() : 0;
@@ -100,7 +100,9 @@ void HttpMsgBody::clean_partial(uint32_t& partial_inspected_octets, uint32_t& pa
      if (session_data->detect_depth_remaining[source_id] > 0)
      {
          delete[] partial_detect_buffer;
-        assert(detect_length <= session_data->detect_depth_remaining[source_id]);
+        const int32_t detect_length =
+            (partial_js_detect_length <= session_data->detect_depth_remaining[source_id]) ?
+            partial_js_detect_length : session_data->detect_depth_remaining[source_id];
          bookkeeping_regular_flush(partial_detect_length, partial_detect_buffer,
              partial_js_detect_length, detect_length);
      }
@@ -170,10 +172,14 @@ void HttpMsgBody::analyze()
                      decompressed_file_body.length());
                  cumulative_data.set(total_length, cumulative_buffer, true);
                  do_legacy_js_normalization(cumulative_data, js_norm_body);
-                if ((int32_t)partial_js_detect_length == js_norm_body.length())
+                // Partial inspections don't update detect_depth_remaining.
+                // If there is no new data or same data will be sent to detection because
+                // we already reached detect_depth, don't do another detection
+                if ((int32_t)partial_js_detect_length == js_norm_body.length() ||
+                    partial_js_detect_length >= session_data->detect_depth_remaining[source_id])
                  {
                      clean_partial(partial_inspected_octets, partial_detect_length,
-                        partial_detect_buffer, partial_js_detect_length, js_norm_body.length());
+                        partial_detect_buffer, partial_js_detect_length);
                      return;
                  }
              }
diff --git a/src/service_inspectors/http_inspect/http_msg_body.h b/src/service_inspectors/http_inspect/http_msg_body.h

index 664c148af88d8de590da56f6b675c11a2ccf2e11..e19d1454f0c2422190cd969868ad2aa6b979b4f7 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body.h
+++ b/src/service_inspectors/http_inspect/http_msg_body.h
@@ -66,8 +66,7 @@ private:
      void do_enhanced_js_normalization(const Field& input, Field& output);
      void do_legacy_js_normalization(const Field& input, Field& output);
      void clean_partial(uint32_t& partial_inspected_octets, uint32_t& partial_detect_length,
-        uint8_t*& partial_detect_buffer,  uint32_t& partial_js_detect_length,
-        int32_t detect_length);
+        uint8_t*& partial_detect_buffer,  uint32_t& partial_js_detect_length);
      void bookkeeping_regular_flush(uint32_t& partial_detect_length,
          uint8_t*& partial_detect_buffer, uint32_t& partial_js_detect_length,
          int32_t detect_length);
author	Tom Peters (thopeter) <thopeter@cisco.com>
	Fri, 10 Dec 2021 22:22:08 +0000 (22:22 +0000)
committer	Tom Peters (thopeter) <thopeter@cisco.com>
	Fri, 10 Dec 2021 22:22:08 +0000 (22:22 +0000)
src/pub_sub/test/pub_sub_http_request_body_event_test.cc		patch \| blob \| blame \| history
src/service_inspectors/http_inspect/http_msg_body.cc		patch \| blob \| blame \| history
src/service_inspectors/http_inspect/http_msg_body.h		patch \| blob \| blame \| history