From: Tom Peters (thopeter) <thopeter@cisco.com>
Date: Wed, 30 Jun 2021 21:34:13 +0000 (+0000)
Subject: Merge pull request #2962 in SNORT/snort3 from ~KATHARVE/snort3:h2i_flow_depth_fix... 
X-Git-Tag: 3.1.8.0~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=781c52e904b68b541d37533da126bfc60ca372cd;p=thirdparty%2Fsnort3.git

Merge pull request #2962 in SNORT/snort3 from ~KATHARVE/snort3:h2i_flow_depth_fix to master

Squashed commit of the following:

commit 260a2df1f41085de49e947507deb45a4c42f334b
Author: Katura Harvey <katharve@cisco.com>
Date:   Tue Jun 29 14:59:48 2021 -0400

    http2_inspect: clean data cutter internal state after exhausting flow depth
---

diff --git a/src/service_inspectors/http2_inspect/http2_data_cutter.cc b/src/service_inspectors/http2_inspect/http2_data_cutter.cc
index 6bba5d79e..3966be60d 100644
--- a/src/service_inspectors/http2_inspect/http2_data_cutter.cc
+++ b/src/service_inspectors/http2_inspect/http2_data_cutter.cc
@@ -244,3 +244,9 @@ void Http2DataCutter::reassemble(const uint8_t* data, unsigned len)
     return;
 }
 
+void Http2DataCutter::discard_cleanup()
+{
+    frame_bytes_seen = 0;
+    reassemble_data_bytes_read = 0;
+    reassemble_state = GET_FRAME_HDR;
+}
diff --git a/src/service_inspectors/http2_inspect/http2_data_cutter.h b/src/service_inspectors/http2_inspect/http2_data_cutter.h
index ffccad615..55b750238 100644
--- a/src/service_inspectors/http2_inspect/http2_data_cutter.h
+++ b/src/service_inspectors/http2_inspect/http2_data_cutter.h
@@ -34,6 +34,7 @@ public:
     snort::StreamSplitter::Status scan(const uint8_t* data, uint32_t length,
         uint32_t* flush_offset, uint32_t& data_offset, uint8_t frame_flags);
     void reassemble(const uint8_t* data, unsigned len);
+    void discard_cleanup();
 
 private:
     Http2FlowData* const session_data;
diff --git a/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc b/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc
index 964fdd596..425147d46 100644
--- a/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc
+++ b/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc
@@ -234,14 +234,14 @@ StreamSplitter::Status Http2StreamSplitter::implement_scan(Http2FlowData* sessio
                         session_data->scan_frame_header[source_id], FRAME_HEADER_LENGTH);
                 }
                 else
-		{
-		    if (!session_data->continuation_expected[source_id])
+                {
+                    if (!session_data->continuation_expected[source_id])
                     {
                         *session_data->infractions[source_id] += INF_UNEXPECTED_CONTINUATION;
                         session_data->events[source_id]->create_event(EVENT_UNEXPECTED_CONTINUATION);
                         return StreamSplitter::ABORT;
-		    }
-		    // Do flags check for continuation frame, since it is not saved
+                    }
+                    // Do flags check for continuation frame, since it is not saved
                     // as lead frame for later.
                     if ((frame_flags & FLAG_END_HEADERS) != frame_flags)
                     {
@@ -532,8 +532,11 @@ const StreamBuffer Http2StreamSplitter::implement_reassemble(Http2FlowData* sess
     return frame_buf;
 }
 
-void Http2StreamSplitter::discarded_data_frame_cleanup(Http2FlowData* session_data, HttpCommon::SourceId source_id, Http2Stream* stream)
+void Http2StreamSplitter::discarded_data_frame_cleanup(Http2FlowData* session_data,
+    HttpCommon::SourceId source_id, Http2Stream* stream)
 {
+    session_data->data_cutter[source_id].discard_cleanup();
+
     if (stream->get_state(source_id) == STREAM_ERROR ||
         !stream->is_end_stream_on_data_flush(source_id))
         return;