From: Tom Peters (thopeter) Date: Mon, 9 Oct 2017 14:32:51 +0000 (-0400) Subject: Merge pull request #1037 in SNORT/snort3 from nhttp92 to master X-Git-Tag: 3.0.0-240~21 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e2995df4a13642188a4dc5fb6dbeffa122cb098a;p=thirdparty%2Fsnort3.git Merge pull request #1037 in SNORT/snort3 from nhttp92 to master Squashed commit of the following: commit e4eedc6d287ad3a66e5e47f5bf2144fb417669d1 Author: Tom Peters Date: Wed Oct 4 14:15:14 2017 -0400 http_inspect: add random increment to message body division points stream: random increment fix --- diff --git a/src/service_inspectors/http_inspect/http_cutter.cc b/src/service_inspectors/http_inspect/http_cutter.cc index aa0e5480a..9ce877d89 100644 --- a/src/service_inspectors/http_inspect/http_cutter.cc +++ b/src/service_inspectors/http_inspect/http_cutter.cc @@ -282,7 +282,6 @@ ScanResult HttpBodyClCutter::cut(const uint8_t*, uint32_t length, HttpInfraction } else { - // FIXIT-M need to implement random increments num_flush = flow_target; remaining -= num_flush; return SCAN_FOUND_PIECE; @@ -299,7 +298,6 @@ ScanResult HttpBodyOldCutter::cut(const uint8_t*, uint32_t, HttpInfractions*, Ht return SCAN_END; } - // FIXIT-M need to implement random increments num_flush = flow_target; return SCAN_FOUND_PIECE; } diff --git a/src/service_inspectors/http_inspect/http_msg_section.cc b/src/service_inspectors/http_inspect/http_msg_section.cc index 320b6c19f..07bb17dc5 100644 --- a/src/service_inspectors/http_inspect/http_msg_section.cc +++ b/src/service_inspectors/http_inspect/http_msg_section.cc @@ -30,6 +30,7 @@ #include "http_msg_status.h" #include "http_msg_trailer.h" #include "http_test_manager.h" +#include "stream/flush_bucket.h" using namespace HttpEnums; @@ -78,17 +79,20 @@ void HttpMsgSection::update_depth() const return; } + const int random_increment = FlushBucket::get_size() - 192; + assert((random_increment >= -64) && (random_increment <= 63)); + switch (session_data->compression[source_id]) { case CMP_NONE: { - session_data->section_size_target[source_id] = DATA_BLOCK_SIZE; + session_data->section_size_target[source_id] = DATA_BLOCK_SIZE + random_increment; session_data->section_size_max[source_id] = FINAL_BLOCK_SIZE; break; } case CMP_GZIP: case CMP_DEFLATE: - session_data->section_size_target[source_id] = GZIP_BLOCK_SIZE; + session_data->section_size_target[source_id] = GZIP_BLOCK_SIZE + random_increment; session_data->section_size_max[source_id] = FINAL_GZIP_BLOCK_SIZE; break; default: diff --git a/src/stream/flush_bucket.cc b/src/stream/flush_bucket.cc index 433972a55..67ec97265 100644 --- a/src/stream/flush_bucket.cc +++ b/src/stream/flush_bucket.cc @@ -109,7 +109,8 @@ StaticFlushBucket::StaticFlushBucket() RandomFlushBucket::RandomFlushBucket() { - std::default_random_engine generator; + std::random_device random_dev; + std::default_random_engine generator(random_dev()); std::uniform_int_distribution distribution(128, 255); for ( int i = 0; i < NUM_FLUSH_POINTS; i++ )