From: Mike Stepanek (mstepane) <mstepane@cisco.com>
Date: Tue, 5 May 2020 13:32:34 +0000 (+0000)
Subject: Merge pull request #2196 in SNORT/snort3 from ~KATHARVE/snort3:hpack_fix to master
X-Git-Tag: 3.0.1-3~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93abb7720ae037193c88e01cc5bd7440b4547115;p=thirdparty%2Fsnort3.git

Merge pull request #2196 in SNORT/snort3 from ~KATHARVE/snort3:hpack_fix to master

Squashed commit of the following:

commit 1d7269ff9265e9f562ce980fed45b19afbed394f
Author: Katura Harvey <katharve@cisco.com>
Date:   Fri May 1 10:25:37 2020 -0400

    http2_inspect: protect against unexpected eval calls
---

diff --git a/src/service_inspectors/http2_inspect/http2_headers_frame.cc b/src/service_inspectors/http2_inspect/http2_headers_frame.cc
index 8cb71d6ae..3ac0d0a11 100644
--- a/src/service_inspectors/http2_inspect/http2_headers_frame.cc
+++ b/src/service_inspectors/http2_inspect/http2_headers_frame.cc
@@ -48,6 +48,10 @@ Http2HeadersFrame::Http2HeadersFrame(const uint8_t* header_buffer, const int32_t
     if (get_flags() & END_STREAM)
         stream->set_end_stream(source_id);
 
+    // No need to process an empty headers frame
+    if (data.length() <= 0)
+        return;
+
     uint8_t hpack_headers_offset = 0;
 
     // Remove stream dependency if present
@@ -207,7 +211,8 @@ void Http2HeadersFrame::print_frame(FILE* output)
         fprintf(output, "Error decoding headers.\n");
     if (start_line)
         start_line->print(output, "Decoded start-line");
-    http1_header->print(output, "Decoded header");
+    if (http1_header)
+        http1_header->print(output, "Decoded header");
     Http2Frame::print_frame(output);
 }
 #endif
diff --git a/src/service_inspectors/http2_inspect/http2_inspect.cc b/src/service_inspectors/http2_inspect/http2_inspect.cc
index aeb05ad21..607910d65 100644
--- a/src/service_inspectors/http2_inspect/http2_inspect.cc
+++ b/src/service_inspectors/http2_inspect/http2_inspect.cc
@@ -120,8 +120,12 @@ void Http2Inspect::eval(Packet* p)
 
     // FIXIT-E Workaround for unexpected eval() calls
     // Avoid eval if scan/reassemble aborts
-    if (session_data->frame_type[source_id] == FT__ABORT)
+    if (session_data->frame_type[source_id] == FT__ABORT or
+        ((session_data->frame_header[source_id] == nullptr ) and
+        (session_data->frame_data[source_id] == nullptr)))
+    {
         return;
+    }
 
     Http2Stream* stream = session_data->get_current_stream(source_id);