From: Jeff Lucovsky <jlucovsky@oisf.net>
Date: Mon, 10 Jul 2023 14:33:15 +0000 (-0400)
Subject: file/htp: Add logic for file access
X-Git-Tag: suricata-7.0.0~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f2e2576ff4d7a602fe2d16230bb24cb3636bfb0b;p=thirdparty%2Fsuricata.git

file/htp: Add logic for file access

Set file inspection sizes and marker for use with detect logic when
opening files by name or as part of a range.

Issue: 4145
---

diff --git a/src/app-layer-htp-file.c b/src/app-layer-htp-file.c
index 095b5903ca..867d47ff01 100644
--- a/src/app-layer-htp-file.c
+++ b/src/app-layer-htp-file.c
@@ -67,9 +67,19 @@ int HTPFileOpen(HtpState *s, HtpTxUserData *tx, const uint8_t *filename, uint16_
         flags = FileFlowFlagsToFlags(tx->tx_data.file_flags, STREAM_TOSERVER);
     }
 
+    flags |= FILE_USE_DETECT;
+
     if (FileOpenFileWithId(files, &htp_sbcfg, s->file_track_id++, filename, filename_len, data,
                 data_len, flags) != 0) {
         retval = -1;
+    } else {
+        const HTPCfgDir *cfg;
+        if (direction & STREAM_TOCLIENT) {
+            cfg = &s->cfg->response;
+        } else {
+            cfg = &s->cfg->request;
+        }
+        FileSetInspectSizes(files->tail, cfg->inspect_window, cfg->inspect_min_size);
     }
 
     tx->tx_data.files_opened++;
@@ -156,10 +166,15 @@ int HTPFileOpenWithRange(HtpState *s, HtpTxUserData *txud, const uint8_t *filena
     flags = FileFlowToFlags(s->f, STREAM_TOCLIENT);
     FileContainer *files = &txud->files_tc;
 
+    flags |= FILE_USE_DETECT;
+
     // we open a file for this specific range
     if (FileOpenFileWithId(files, &htp_sbcfg, s->file_track_id++, filename, filename_len, data,
                 data_len, flags) != 0) {
         SCReturnInt(-1);
+    } else {
+        const HTPCfgDir *cfg = &s->cfg->response;
+        FileSetInspectSizes(files->tail, cfg->inspect_window, cfg->inspect_min_size);
     }
     txud->tx_data.files_opened++;