From: Chris Sherwin (chsherwi) Date: Wed, 5 Nov 2025 12:49:15 +0000 (+0000) Subject: Pull request #4925: appid: SNI and CNAME patterns matching fix X-Git-Tag: 3.9.7.0~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=115f0bc06ecd56462caf0b11bef2b586111b1111;p=thirdparty%2Fsnort3.git Pull request #4925: appid: SNI and CNAME patterns matching fix Merge in SNORT/snort3 from ~AMILASH/snort3:cname_sni_pattern_matching to master Squashed commit of the following: commit 6b2ac4841f641790fce314bb369289009b977907 Author: Artur Date: Tue Sep 30 08:08:56 2025 -0400 appid: SNI and CNAME patterns matching fix --- diff --git a/src/network_inspectors/appid/detector_plugins/host_patterns.cc b/src/network_inspectors/appid/detector_plugins/host_patterns.cc index 5de5d7f64..9879703f3 100644 --- a/src/network_inspectors/appid/detector_plugins/host_patterns.cc +++ b/src/network_inspectors/appid/detector_plugins/host_patterns.cc @@ -127,11 +127,10 @@ inline bool host_pattern_validate_url_match(const MatchedHostPatterns * const mp data[mp->match_start_pos-1] == '.'; } -inline bool is_perfect_literal_match(const MatchedHostPatterns * const mp, const size_t& data_size) -{ - return mp->mpattern->is_literal and mp->match_start_pos == 0 and - (mp->match_start_pos + mp->mpattern->pattern_size == data_size); - +inline bool is_perfect_literal_match(const MatchedHostPatterns * const mp, const size_t& data_size, const HostPatternType& type) +{ + return mp->mpattern->is_literal and mp->match_start_pos == 0 and + mp->mpattern->pattern_size == data_size and mp->mpattern->pattern_type == type; } template @@ -158,7 +157,7 @@ bool scan_patterns(SearchTool& matcher, const uint8_t* data, size_t size, { if ( T != HostPatternType::HOST_PATTERN_TYPE_URL) { - if ( is_perfect_literal_match(tmp, size) ) + if ( is_perfect_literal_match(tmp, size, T) ) { best_match = match; break;