From: Russ Combs (rucombs) Date: Tue, 22 Nov 2016 00:53:48 +0000 (-0500) Subject: Merge pull request #711 in SNORT/snort3 from appid_bug_fix_lua to master X-Git-Tag: 3.0.0-233~181 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c1bf8828b9496b310751d5e2782ea728dcb307e;p=thirdparty%2Fsnort3.git Merge pull request #711 in SNORT/snort3 from appid_bug_fix_lua to master Squashed commit of the following: commit f4a91423f22ff5e3104ae0f67e7f7ebf38c6b5f9 Author: shaslad Date: Thu Nov 17 18:40:31 2016 -0500 Fixing Index issue for few more Client Headers Changed code based on review comment --- diff --git a/src/network_inspectors/appid/detector_plugins/detector_http.cc b/src/network_inspectors/appid/detector_plugins/detector_http.cc index 038349d5b..ac854ca01 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_http.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_http.cc @@ -657,7 +657,7 @@ static int http_pattern_match(void* id, void*, int index, void* data, void*) { cm = (MatchedPatterns*)snort_calloc(sizeof(MatchedPatterns)); cm->mpattern = target; - cm->index = index; + cm->index = index + 1; cm->next = nullptr; *tmp = cm; } @@ -1722,7 +1722,7 @@ static inline int optionallyReplaceWithStrdup(char** optionalStr, const char* st static inline uint8_t* continue_buffer_scan(const uint8_t* start, const uint8_t* end, MatchedPatterns* mp, DetectorHTTPPattern* match) { - uint8_t* bp = (uint8_t*) (start) + mp->index + match->pattern_size; + uint8_t* bp = (uint8_t*) (start) + mp->index; if( (bp >= end) || (*bp != ' ' && *bp != 0x09 && *bp != '/') ) return nullptr; else @@ -1860,7 +1860,11 @@ void identify_user_agent(const uint8_t* start, int size, AppId* serviceAppId, Ap goto done; case APP_ID_GOOGLE_DESKTOP: - buffPtr = (uint8_t*)start + tmp->index + match->pattern_size; + buffPtr = (uint8_t*)start + tmp->index; + + if(buffPtr >= end) + break; + if (*buffPtr != ')') { if (*buffPtr != ' ' && *buffPtr != 0x09 && *buffPtr != '/') @@ -1911,7 +1915,9 @@ void identify_user_agent(const uint8_t* start, int size, AppId* serviceAppId, Ap break; case APP_ID_WGET: - buffPtr = (uint8_t*)start + tmp->index + match->pattern_size; + buffPtr = (uint8_t*)start + tmp->index; + if(buffPtr >= end) + break; while (i < MAX_VERSION_SIZE - 1 && buffPtr < end) { temp_ver[i++] = *buffPtr++; @@ -1960,7 +1966,11 @@ void identify_user_agent(const uint8_t* start, int size, AppId* serviceAppId, Ap temp_ver[0] = 0; i = 0; } - buffPtr = (uint8_t*)start + tmp->index + match->pattern_size; + buffPtr = (uint8_t*)start + tmp->index; + + if(buffPtr >= end) + break; + if (*buffPtr == (uint8_t)'/') { buffPtr++; @@ -1985,7 +1995,9 @@ void identify_user_agent(const uint8_t* start, int size, AppId* serviceAppId, Ap i =0; /* if we already collected temp_ver information after seeing 'Version', let's use that*/ - buffPtr = (uint8_t*)start + tmp->index + match->pattern_size; + buffPtr = (uint8_t*)start + tmp->index; + if(buffPtr >= end) + break; /* we may have to enter the pattern with the / in it. */ if (*buffPtr == (uint8_t)'/' || *buffPtr == (uint8_t)' ') buffPtr++; @@ -2063,7 +2075,11 @@ int get_appid_by_pattern(const uint8_t* data, unsigned size, char** version) switch (match->service_id) { case APP_ID_SQUID: - data_ptr = (uint8_t*)data + mp->index + match->pattern_size; + data_ptr = (uint8_t*)data + mp->index; + + if (data_ptr >= end) + break; + if (*data_ptr == '/') { data_ptr++;