From: Maya Dagon <mdagon@cisco.com>
Date: Mon, 1 Aug 2022 14:46:11 +0000 (-0400)
Subject: http_inspect: request and response shouldn't be available for pkt_data
X-Git-Tag: 3.1.39.0~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6ea170cc2692a3e1773b13ff713db6ea4628ace9;p=thirdparty%2Fsnort3.git

http_inspect: request and response shouldn't be available for pkt_data
---

diff --git a/src/service_inspectors/http_inspect/http_inspect.cc b/src/service_inspectors/http_inspect/http_inspect.cc
index 805fb54a1..467bfb9c2 100755
--- a/src/service_inspectors/http_inspect/http_inspect.cc
+++ b/src/service_inspectors/http_inspect/http_inspect.cc
@@ -556,9 +556,11 @@ void HttpInspect::eval(Packet* p, SourceId source_id, const uint8_t* data, uint1
 
     session_data->octets_reassembled[source_id] = STAT_NOT_PRESENT;
 
-    // Don't make pkt_data for headers available to detection
+    // Don't make pkt_data for headers, request and response available to detection
     if ((session_data->section_type[source_id] == SEC_HEADER) ||
-        (session_data->section_type[source_id] == SEC_TRAILER))
+        (session_data->section_type[source_id] == SEC_TRAILER) ||
+        (session_data->section_type[source_id] == SEC_REQUEST) ||
+        (session_data->section_type[source_id] == SEC_STATUS))
     {
         p->set_detect_limit(0);
     }