Merge pull request #1037 in SNORT/snort3 from nhttp92 to master

Squashed commit of the following:

commit e4eedc6d287ad3a66e5e47f5bf2144fb417669d1
Author: Tom Peters <thopeter@cisco.com>
Date:   Wed Oct 4 14:15:14 2017 -0400

    http_inspect: add random increment to message body division points

    stream: random increment fix

diff --git a/src/service_inspectors/http_inspect/http_cutter.cc b/src/service_inspectors/http_inspect/http_cutter.cc
index aa0e5480a832b40b2f1cedd3b1b8bd169187c089..9ce877d89291267d631bf92fca684088e00e2da2 100644 (file)
--- a/src/service_inspectors/http_inspect/http_cutter.cc
+++ b/src/service_inspectors/http_inspect/http_cutter.cc
@@ -282,7 +282,6 @@ ScanResult HttpBodyClCutter::cut(const uint8_t*, uint32_t length, HttpInfraction
     }
     else
     {
-        // FIXIT-M need to implement random increments
         num_flush = flow_target;
         remaining -= num_flush;
         return SCAN_FOUND_PIECE;
@@ -299,7 +298,6 @@ ScanResult HttpBodyOldCutter::cut(const uint8_t*, uint32_t, HttpInfractions*, Ht
         return SCAN_END;
     }
 
-    // FIXIT-M need to implement random increments
     num_flush = flow_target;
     return SCAN_FOUND_PIECE;
 }

diff --git a/src/service_inspectors/http_inspect/http_msg_section.cc b/src/service_inspectors/http_inspect/http_msg_section.cc
index 320b6c19f4bfa77935faeeb52678fa5fd602c373..07bb17dc587f4d3e17b4dd347e24a4a712c33f97 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_section.cc
+++ b/src/service_inspectors/http_inspect/http_msg_section.cc
@@ -30,6 +30,7 @@
 #include "http_msg_status.h"
 #include "http_msg_trailer.h"
 #include "http_test_manager.h"
+#include "stream/flush_bucket.h"
 
 using namespace HttpEnums;
 
@@ -78,17 +79,20 @@ void HttpMsgSection::update_depth() const
         return;
     }
 
+    const int random_increment = FlushBucket::get_size() - 192;
+    assert((random_increment >= -64) && (random_increment <= 63));
+
     switch (session_data->compression[source_id])
     {
     case CMP_NONE:
       {
-        session_data->section_size_target[source_id] = DATA_BLOCK_SIZE;
+        session_data->section_size_target[source_id] = DATA_BLOCK_SIZE + random_increment;
         session_data->section_size_max[source_id] = FINAL_BLOCK_SIZE;
         break;
       }
     case CMP_GZIP:
     case CMP_DEFLATE:
-        session_data->section_size_target[source_id] = GZIP_BLOCK_SIZE;
+        session_data->section_size_target[source_id] = GZIP_BLOCK_SIZE + random_increment;
         session_data->section_size_max[source_id] = FINAL_GZIP_BLOCK_SIZE;
         break;
     default:

diff --git a/src/stream/flush_bucket.cc b/src/stream/flush_bucket.cc
index 433972a556f8f2290d153f8a4ad8b7c6671d99c6..67ec972654cfcb725ad41a48605e392dd947806a 100644 (file)
--- a/src/stream/flush_bucket.cc
+++ b/src/stream/flush_bucket.cc
@@ -109,7 +109,8 @@ StaticFlushBucket::StaticFlushBucket()
 
 RandomFlushBucket::RandomFlushBucket()
 {
-    std::default_random_engine generator;
+    std::random_device random_dev;
+    std::default_random_engine generator(random_dev());
     std::uniform_int_distribution<int> distribution(128, 255);
 
     for ( int i = 0; i < NUM_FLUSH_POINTS; i++ )