From: Denys Zikratyi -X (dzikraty - SOFTSERVE INC at Cisco) <dzikraty@cisco.com>
Date: Mon, 7 Jul 2025 14:46:15 +0000 (+0000)
Subject: Pull request #4789: http_param: fix memory management issue
X-Git-Tag: 3.9.2.0~8
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=f3c3dd760d74eb1a90bd7025ec8fc9a68f5b6010;p=thirdparty%2Fsnort3.git

Pull request #4789: http_param: fix memory management issue

Merge in SNORT/snort3 from ~DZIKRATY/snort3:fix_http_param_2 to master

Squashed commit of the following:

commit 2a31c83bb0c0dea22e12f89f11d812e6067f5bc7
Author: Denys Zikratyi -X (dzikraty - SOFTSERVE INC at Cisco) <dzikraty@cisco.com>
Date:   Thu Jun 26 09:20:08 2025 -0400

    http_param: clear body http_param after each flush
---

diff --git a/src/service_inspectors/http_inspect/http_msg_body.cc b/src/service_inspectors/http_inspect/http_msg_body.cc
index 2f6ac57b5..593350609 100644
--- a/src/service_inspectors/http_inspect/http_msg_body.cc
+++ b/src/service_inspectors/http_inspect/http_msg_body.cc
@@ -853,6 +853,9 @@ void HttpMsgBody::clear()
         session_data->partial_mime_last_complete[source_id] = last_attachment_complete;
     }
 
+    if (request != nullptr)
+        request->clear_body_params();
+        
     HttpMsgSection::clear();
 }
 
diff --git a/src/service_inspectors/http_inspect/http_msg_request.cc b/src/service_inspectors/http_inspect/http_msg_request.cc
index 223fd97be..9d3275e39 100644
--- a/src/service_inspectors/http_inspect/http_msg_request.cc
+++ b/src/service_inspectors/http_inspect/http_msg_request.cc
@@ -211,6 +211,12 @@ ParameterMap& HttpMsgRequest::get_body_params()
     return *body_params;
 }
 
+void HttpMsgRequest::clear_body_params()
+{
+    if (body_params != nullptr)
+        body_params->clear();
+}
+
 void HttpMsgRequest::gen_events()
 {
     if (*transaction->get_infractions(source_id) & INF_BAD_REQ_LINE)
diff --git a/src/service_inspectors/http_inspect/http_msg_request.h b/src/service_inspectors/http_inspect/http_msg_request.h
index 250024d56..5591e9876 100644
--- a/src/service_inspectors/http_inspect/http_msg_request.h
+++ b/src/service_inspectors/http_inspect/http_msg_request.h
@@ -55,6 +55,7 @@ public:
     HttpUri* get_http_uri() { return uri; }
     ParameterMap& get_query_params();
     ParameterMap& get_body_params();
+    void clear_body_params();
 
     static bool is_webdav(HttpEnums::MethodId method)
     {
diff --git a/src/service_inspectors/http_inspect/http_msg_section.cc b/src/service_inspectors/http_inspect/http_msg_section.cc
index 903697716..d1a5d3f93 100644
--- a/src/service_inspectors/http_inspect/http_msg_section.cc
+++ b/src/service_inspectors/http_inspect/http_msg_section.cc
@@ -329,7 +329,7 @@ const Field& HttpMsgSection::get_param_buffer(Cursor& c, const HttpParam& param)
         const Field& rb = body->get_detect_data();
         const Field& nb = body->get_classic_client_body();
 
-        if (rb.length() > 0 && nb.length() > 0 && body->is_first())
+        if (rb.length() > 0 && nb.length() > 0)
         {
             HttpQueryParser parser(rb.start(), rb.length(),
                 nb.start(), nb.length(), uri_config,