From: Victor Julien <victor@inliniac.net>
Date: Fri, 3 May 2019 10:10:14 +0000 (+0200)
Subject: files: open files with track id only
X-Git-Tag: suricata-5.0.0-rc1~517
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9132e4032ab8b33f4886428e1a7b6a44908427da;p=thirdparty%2Fsuricata.git

files: open files with track id only
---

diff --git a/src/app-layer-ftp.c b/src/app-layer-ftp.c
index 67a7c41a23..a26258ed63 100644
--- a/src/app-layer-ftp.c
+++ b/src/app-layer-ftp.c
@@ -821,10 +821,12 @@ static int FTPDataParse(Flow *f, FtpDataState *ftpdata_state,
                 break;
         }
 
-        if (FileOpenFile(ftpdata_state->files, &sbcfg,
-                         (uint8_t *) ftpdata_state->file_name,
+        /* open with fixed track_id 0 as we can have just one
+         * file per ftp-data flow. */
+        if (FileOpenFileWithId(ftpdata_state->files, &sbcfg,
+                         0ULL, (uint8_t *) ftpdata_state->file_name,
                          ftpdata_state->file_len,
-                         input, input_len, flags) == NULL) {
+                         input, input_len, flags) != 0) {
             SCLogDebug("Can't open file");
             ret = -1;
         }
diff --git a/src/app-layer-htp-file.c b/src/app-layer-htp-file.c
index ce5599381e..16574cf369 100644
--- a/src/app-layer-htp-file.c
+++ b/src/app-layer-htp-file.c
@@ -137,8 +137,9 @@ int HTPFileOpen(HtpState *s, const uint8_t *filename, uint16_t filename_len,
         sbcfg = &s->cfg->request.sbcfg;
     }
 
-    if (FileOpenFile(files, sbcfg, filename, filename_len,
-                data, data_len, flags) == NULL)
+    if (FileOpenFileWithId(files, sbcfg, s->file_track_id++,
+                filename, filename_len,
+                data, data_len, flags) != 0)
     {
         retval = -1;
     }
diff --git a/src/app-layer-htp.h b/src/app-layer-htp.h
index 8e14307712..17dcc84e54 100644
--- a/src/app-layer-htp.h
+++ b/src/app-layer-htp.h
@@ -235,6 +235,7 @@ typedef struct HtpState_ {
     uint16_t flags;
     uint16_t events;
     uint16_t htp_messages_offset; /**< offset into conn->messages list */
+    uint32_t file_track_id;             /**< used to assign file track ids to files */
     uint64_t last_request_data_stamp;
     uint64_t last_response_data_stamp;
 } HtpState;
diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c
index 318264f23e..a8cf94b93a 100644
--- a/src/app-layer-smtp.c
+++ b/src/app-layer-smtp.c
@@ -461,8 +461,9 @@ int SMTPProcessDataChunk(const uint8_t *chunk, uint32_t len,
                 flags |= FILE_STORE;
             }
 
-            if (FileOpenFile(files, &smtp_config.sbcfg, (uint8_t *) entity->filename, entity->filename_len,
-                    (uint8_t *) chunk, len, flags) == NULL) {
+            if (FileOpenFileWithId(files, &smtp_config.sbcfg, smtp_state->file_track_id++,
+                        (uint8_t *) entity->filename, entity->filename_len,
+                        (uint8_t *) chunk, len, flags) != 0) {
                 ret = MIME_DEC_ERR_DATA;
                 SCLogDebug("FileOpenFile() failed");
             }
@@ -1207,10 +1208,12 @@ static int SMTPProcessRequest(SMTPState *state, Flow *f,
                     TAILQ_INSERT_TAIL(&state->tx_list, tx, next);
                     tx->tx_id = state->tx_cnt++;
                 }
-                FileOpenFile(state->files_ts, &smtp_config.sbcfg,
+                if (FileOpenFileWithId(state->files_ts, &smtp_config.sbcfg,
+                        state->file_track_id++,
                         (uint8_t*) msgname, strlen(msgname), NULL, 0,
-                        FILE_NOMD5|FILE_NOMAGIC);
-                FlagDetectStateNewFile(state->curr_tx);
+                        FILE_NOMD5|FILE_NOMAGIC) == 0) {
+                    FlagDetectStateNewFile(state->curr_tx);
+                }
             } else if (smtp_config.decode_mime) {
                 if (tx->mime_state) {
                     /* We have 2 chained mails and did not detect the end
diff --git a/src/app-layer-smtp.h b/src/app-layer-smtp.h
index 35dd72c2e3..f244d625cb 100644
--- a/src/app-layer-smtp.h
+++ b/src/app-layer-smtp.h
@@ -159,13 +159,14 @@ typedef struct SMTPState_ {
      *  handler */
     uint16_t cmds_idx;
 
+    /* HELO of HELO message content */
+    uint16_t helo_len;
+    uint8_t *helo;
+
     /* SMTP Mime decoding and file extraction */
     /** the list of files sent to the server */
     FileContainer *files_ts;
-
-    /* HELO of HELO message content */
-    uint8_t *helo;
-    uint16_t helo_len;
+    uint32_t file_track_id;
 } SMTPState;
 
 /* Create SMTP config structure */
diff --git a/src/util-file.c b/src/util-file.c
index f322970e72..305044f8b6 100644
--- a/src/util-file.c
+++ b/src/util-file.c
@@ -775,7 +775,7 @@ int FileSetRange(FileContainer *ffc, uint64_t start, uint64_t end)
  *
  *  \note filename is not a string, so it's not nul terminated.
  */
-File *FileOpenFile(FileContainer *ffc, const StreamingBufferConfig *sbcfg,
+static File *FileOpenFile(FileContainer *ffc, const StreamingBufferConfig *sbcfg,
         const uint8_t *name, uint16_t name_len,
         const uint8_t *data, uint32_t data_len, uint16_t flags)
 {
diff --git a/src/util-file.h b/src/util-file.h
index 01bff145b2..ef8b034018 100644
--- a/src/util-file.h
+++ b/src/util-file.h
@@ -129,9 +129,6 @@ void FileContainerAdd(FileContainer *, File *);
  *  It's the responsibility of the API user to make sure this tracker is
  *  properly updated.
  */
-File *FileOpenFile(FileContainer *, const StreamingBufferConfig *,
-        const uint8_t *name, uint16_t name_len,
-        const uint8_t *data, uint32_t data_len, uint16_t flags);
 int FileOpenFileWithId(FileContainer *, const StreamingBufferConfig *,
         uint32_t track_id, const uint8_t *name, uint16_t name_len,
         const uint8_t *data, uint32_t data_len, uint16_t flags);