22550902417

Committed 01 Mar 2026 07:32PM UTC coverage: 68.401% (-5.3%) from 73.687%

Build # 22550902417

Build Type

Pull #14922

github

Committed by

web-flow

Commit Message

github-actions: bump actions/upload-artifact from 6.0.0 to 7.0.0

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Pull Request Pull Request #14922: github-actions: bump actions/upload-artifact from 6.0.0 to 7.0.0

Coverage Stats

218243 of 319063 relevant lines covered (68.4%)

3284926.58 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

94.59

/src/detect-http-cookie.c

/* Copyright (C) 2007-2018 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
 * Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * version 2 along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301, USA.
 */

/**
 * \ingroup httplayer
 *
 * @{
 */


/**
 * \file
 *
 * \author Gurvinder Singh <gurvindersinghdahiya@gmail.com>
 *
 * Implements the http_cookie keyword
 */

#include "suricata-common.h"
#include "threads.h"
#include "decode.h"
#include "detect.h"

#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-buffer.h"
#include "detect-engine-mpm.h"
#include "detect-engine-prefilter.h"
#include "detect-content.h"
#include "detect-pcre.h"

#include "flow.h"
#include "flow-var.h"
#include "flow-util.h"

#include "util-debug.h"
#include "util-error.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-spm.h"
#include "util-print.h"

#include "app-layer.h"
#include "app-layer-parser.h"

#include "app-layer-htp.h"
#include "detect-http-cookie.h"
#include "stream-tcp.h"

static int DetectHttpCookieSetup (DetectEngineCtx *, Signature *, const char *);
static int DetectHttpCookieSetupSticky (DetectEngineCtx *, Signature *, const char *);
#ifdef UNITTESTS
static void DetectHttpCookieRegisterTests(void);
#endif
static int g_http_cookie_buffer_id = 0;

static InspectionBuffer *GetRequestData(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms,
        Flow *_f, const uint8_t _flow_flags,
        void *txv, const int list_id);
static InspectionBuffer *GetResponseData(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms,
        Flow *_f, const uint8_t _flow_flags,
        void *txv, const int list_id);
static InspectionBuffer *GetRequestData2(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms, Flow *_f, const uint8_t _flow_flags, void *txv,
        const int list_id);
static InspectionBuffer *GetResponseData2(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms, Flow *_f, const uint8_t _flow_flags, void *txv,
        const int list_id);
/**
 * \brief Registration function for keyword: http_cookie
 */
void DetectHttpCookieRegister(void)
{
    /* http_cookie content modifier */
    sigmatch_table[DETECT_HTTP_COOKIE_CM].name = "http_cookie";
    sigmatch_table[DETECT_HTTP_COOKIE_CM].desc =
            "content modifier to match only on the HTTP cookie-buffer";
    sigmatch_table[DETECT_HTTP_COOKIE_CM].url = "/rules/http-keywords.html#http-cookie";
    sigmatch_table[DETECT_HTTP_COOKIE_CM].Setup = DetectHttpCookieSetup;
#ifdef UNITTESTS
    sigmatch_table[DETECT_HTTP_COOKIE_CM].RegisterTests = DetectHttpCookieRegisterTests;
#endif
    sigmatch_table[DETECT_HTTP_COOKIE_CM].flags |= SIGMATCH_NOOPT;
    sigmatch_table[DETECT_HTTP_COOKIE_CM].flags |= SIGMATCH_INFO_CONTENT_MODIFIER;
    sigmatch_table[DETECT_HTTP_COOKIE_CM].alternative = DETECT_HTTP_COOKIE;

    /* http.cookie sticky buffer */
    sigmatch_table[DETECT_HTTP_COOKIE].name = "http.cookie";
    sigmatch_table[DETECT_HTTP_COOKIE].desc = "sticky buffer to match on the HTTP Cookie/Set-Cookie buffers";
    sigmatch_table[DETECT_HTTP_COOKIE].url = "/rules/http-keywords.html#http-cookie";
    sigmatch_table[DETECT_HTTP_COOKIE].Setup = DetectHttpCookieSetupSticky;
    sigmatch_table[DETECT_HTTP_COOKIE].flags |= SIGMATCH_NOOPT;
    sigmatch_table[DETECT_HTTP_COOKIE].flags |= SIGMATCH_INFO_STICKY_BUFFER;

    DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP1, SIG_FLAG_TOSERVER,
            HTP_REQUEST_PROGRESS_HEADERS, DetectEngineInspectBufferGeneric, GetRequestData);
    DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP1, SIG_FLAG_TOCLIENT,
            HTP_REQUEST_PROGRESS_HEADERS, DetectEngineInspectBufferGeneric, GetResponseData);

    DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOSERVER, 2, PrefilterGenericMpmRegister,
            GetRequestData, ALPROTO_HTTP1, HTP_REQUEST_PROGRESS_HEADERS);
    DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOCLIENT, 2, PrefilterGenericMpmRegister,
            GetResponseData, ALPROTO_HTTP1, HTP_REQUEST_PROGRESS_HEADERS);

    DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP2, SIG_FLAG_TOSERVER,
            HTTP2StateDataClient, DetectEngineInspectBufferGeneric, GetRequestData2);
    DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP2, SIG_FLAG_TOCLIENT,
            HTTP2StateDataServer, DetectEngineInspectBufferGeneric, GetResponseData2);

    DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOSERVER, 2, PrefilterGenericMpmRegister,
            GetRequestData2, ALPROTO_HTTP2, HTTP2StateDataClient);
    DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOCLIENT, 2, PrefilterGenericMpmRegister,
            GetResponseData2, ALPROTO_HTTP2, HTTP2StateDataServer);

    DetectBufferTypeSetDescriptionByName("http_cookie",
            "http cookie header");

    g_http_cookie_buffer_id = DetectBufferTypeGetByName("http_cookie");
}

/**
 * \brief this function setups the http_cookie modifier keyword used in the rule
 *
 * \param de_ctx   Pointer to the Detection Engine Context
 * \param s        Pointer to the Signature to which the current keyword belongs
 * \param str      Should hold an empty string always
 *
 * \retval  0 On success
 * \retval -1 On failure
 */

static int DetectHttpCookieSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
    return DetectEngineContentModifierBufferSetup(
            de_ctx, s, str, DETECT_HTTP_COOKIE_CM, g_http_cookie_buffer_id, ALPROTO_HTTP1);
}

/**
 * \brief this function setup the http.cookie keyword used in the rule
 *
 * \param de_ctx   Pointer to the Detection Engine Context
 * \param s        Pointer to the Signature to which the current keyword belongs
 * \param str      Should hold an empty string always
 *
 * \retval 0       On success
 */
static int DetectHttpCookieSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
    if (SCDetectBufferSetActiveList(de_ctx, s, g_http_cookie_buffer_id) < 0)
        return -1;

    if (SCDetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
        return -1;

    return 0;
}

static InspectionBuffer *GetRequestData(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms, Flow *_f,
        const uint8_t _flow_flags, void *txv, const int list_id)
{
    InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);
    if (buffer->inspect == NULL) {
        htp_tx_t *tx = (htp_tx_t *)txv;

        if (htp_tx_request_headers(tx) == NULL)
            return NULL;

        const htp_header_t *h = htp_tx_request_header(tx, "Cookie");
        if (h == NULL || htp_header_value(h) == NULL) {
            SCLogDebug("HTTP cookie header not present in this request");
            return NULL;
        }

        const uint32_t data_len = (uint32_t)htp_header_value_len(h);
        const uint8_t *data = htp_header_value_ptr(h);

        InspectionBufferSetupAndApplyTransforms(
                det_ctx, list_id, buffer, data, data_len, transforms);
    }

    return buffer;
}

static InspectionBuffer *GetResponseData(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms, Flow *_f,
        const uint8_t _flow_flags, void *txv, const int list_id)
{
    InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);
    if (buffer->inspect == NULL) {
        htp_tx_t *tx = (htp_tx_t *)txv;

        if (htp_tx_response_headers(tx) == NULL)
            return NULL;

        const htp_header_t *h = htp_tx_response_header(tx, "Set-Cookie");
        if (h == NULL || htp_header_value(h) == NULL) {
            SCLogDebug("HTTP cookie header not present in this request");
            return NULL;
        }

        const uint32_t data_len = (uint32_t)htp_header_value_len(h);
        const uint8_t *data = htp_header_value_ptr(h);

        InspectionBufferSetupAndApplyTransforms(
                det_ctx, list_id, buffer, data, data_len, transforms);
    }

    return buffer;
}

static InspectionBuffer *GetRequestData2(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms, Flow *_f, const uint8_t _flow_flags, void *txv,
        const int list_id)
{
    InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);
    if (buffer->inspect == NULL) {
        uint32_t b_len = 0;
        const uint8_t *b = NULL;

        if (SCHttp2TxGetCookie(txv, STREAM_TOSERVER, &b, &b_len) != 1)
            return NULL;
        if (b == NULL || b_len == 0)
            return NULL;

        InspectionBufferSetupAndApplyTransforms(det_ctx, list_id, buffer, b, b_len, transforms);
    }

    return buffer;
}

static InspectionBuffer *GetResponseData2(DetectEngineThreadCtx *det_ctx,
        const DetectEngineTransforms *transforms, Flow *_f, const uint8_t _flow_flags, void *txv,
        const int list_id)
{
    InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);
    if (buffer->inspect == NULL) {
        uint32_t b_len = 0;
        const uint8_t *b = NULL;

        if (SCHttp2TxGetCookie(txv, STREAM_TOCLIENT, &b, &b_len) != 1)
            return NULL;
        if (b == NULL || b_len == 0)
            return NULL;

        InspectionBufferSetupAndApplyTransforms(det_ctx, list_id, buffer, b, b_len, transforms);
    }

    return buffer;
}

/******************************** UNITESTS **********************************/

#ifdef UNITTESTS
#include "tests/detect-http-cookie.c"
#endif /* UNITTESTS */

/**
 * @}
 */

1	/* Copyright (C) 2007-2018 Open Information Security Foundation
2	*
3	* You can copy, redistribute or modify this Program under the terms of
4	* the GNU General Public License version 2 as published by the Free
5	* Software Foundation.
6	*
7	* This program is distributed in the hope that it will be useful,
8	* but WITHOUT ANY WARRANTY; without even the implied warranty of
9	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10	* GNU General Public License for more details.
11	*
12	* You should have received a copy of the GNU General Public License
13	* version 2 along with this program; if not, write to the Free Software
14	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15	* 02110-1301, USA.
16	*/
17
18	/**
19	* \ingroup httplayer
20	*
21	* @{
22	*/
23
24
25	/**
26	* \file
27	*
28	* \author Gurvinder Singh <gurvindersinghdahiya@gmail.com>
29	*
30	* Implements the http_cookie keyword
31	*/
32
33	#include "suricata-common.h"
34	#include "threads.h"
35	#include "decode.h"
36	#include "detect.h"
37
38	#include "detect-parse.h"
39	#include "detect-engine.h"
40	#include "detect-engine-buffer.h"
41	#include "detect-engine-mpm.h"
42	#include "detect-engine-prefilter.h"
43	#include "detect-content.h"
44	#include "detect-pcre.h"
45
46	#include "flow.h"
47	#include "flow-var.h"
48	#include "flow-util.h"
49
50	#include "util-debug.h"
51	#include "util-error.h"
52	#include "util-unittest.h"
53	#include "util-unittest-helper.h"
54	#include "util-spm.h"
55	#include "util-print.h"
56
57	#include "app-layer.h"
58	#include "app-layer-parser.h"
59
60	#include "app-layer-htp.h"
61	#include "detect-http-cookie.h"
62	#include "stream-tcp.h"
63
64	static int DetectHttpCookieSetup (DetectEngineCtx , Signature , const char *);
65	static int DetectHttpCookieSetupSticky (DetectEngineCtx , Signature , const char *);
66	#ifdef UNITTESTS
67	static void DetectHttpCookieRegisterTests(void);
68	#endif
69	static int g_http_cookie_buffer_id = 0;
70
71	static InspectionBuffer GetRequestData(DetectEngineThreadCtx det_ctx,
72	const DetectEngineTransforms *transforms,
73	Flow *_f, const uint8_t _flow_flags,
74	void *txv, const int list_id);
75	static InspectionBuffer GetResponseData(DetectEngineThreadCtx det_ctx,
76	const DetectEngineTransforms *transforms,
77	Flow *_f, const uint8_t _flow_flags,
78	void *txv, const int list_id);
79	static InspectionBuffer GetRequestData2(DetectEngineThreadCtx det_ctx,
80	const DetectEngineTransforms transforms, Flow _f, const uint8_t _flow_flags, void *txv,
81	const int list_id);
82	static InspectionBuffer GetResponseData2(DetectEngineThreadCtx det_ctx,
83	const DetectEngineTransforms transforms, Flow _f, const uint8_t _flow_flags, void *txv,
84	const int list_id);
85	/**
86	* \brief Registration function for keyword: http_cookie
87	*/
88	void DetectHttpCookieRegister(void)
89	{	37✔
90	/* http_cookie content modifier */
91	sigmatch_table[DETECT_HTTP_COOKIE_CM].name = "http_cookie";	37✔
92	sigmatch_table[DETECT_HTTP_COOKIE_CM].desc =	37✔
93	"content modifier to match only on the HTTP cookie-buffer";	37✔
94	sigmatch_table[DETECT_HTTP_COOKIE_CM].url = "/rules/http-keywords.html#http-cookie";	37✔
95	sigmatch_table[DETECT_HTTP_COOKIE_CM].Setup = DetectHttpCookieSetup;	37✔
96	#ifdef UNITTESTS	3✔
97	sigmatch_table[DETECT_HTTP_COOKIE_CM].RegisterTests = DetectHttpCookieRegisterTests;	3✔
98	#endif	3✔
99	sigmatch_table[DETECT_HTTP_COOKIE_CM].flags \|= SIGMATCH_NOOPT;	37✔
100	sigmatch_table[DETECT_HTTP_COOKIE_CM].flags \|= SIGMATCH_INFO_CONTENT_MODIFIER;	37✔
101	sigmatch_table[DETECT_HTTP_COOKIE_CM].alternative = DETECT_HTTP_COOKIE;	37✔
102
103	/* http.cookie sticky buffer */
104	sigmatch_table[DETECT_HTTP_COOKIE].name = "http.cookie";	37✔
105	sigmatch_table[DETECT_HTTP_COOKIE].desc = "sticky buffer to match on the HTTP Cookie/Set-Cookie buffers";	37✔
106	sigmatch_table[DETECT_HTTP_COOKIE].url = "/rules/http-keywords.html#http-cookie";	37✔
107	sigmatch_table[DETECT_HTTP_COOKIE].Setup = DetectHttpCookieSetupSticky;	37✔
108	sigmatch_table[DETECT_HTTP_COOKIE].flags \|= SIGMATCH_NOOPT;	37✔
109	sigmatch_table[DETECT_HTTP_COOKIE].flags \|= SIGMATCH_INFO_STICKY_BUFFER;	37✔
110
111	DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP1, SIG_FLAG_TOSERVER,	37✔
112	HTP_REQUEST_PROGRESS_HEADERS, DetectEngineInspectBufferGeneric, GetRequestData);	37✔
113	DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP1, SIG_FLAG_TOCLIENT,	37✔
114	HTP_REQUEST_PROGRESS_HEADERS, DetectEngineInspectBufferGeneric, GetResponseData);	37✔
115
116	DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOSERVER, 2, PrefilterGenericMpmRegister,	37✔
117	GetRequestData, ALPROTO_HTTP1, HTP_REQUEST_PROGRESS_HEADERS);	37✔
118	DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOCLIENT, 2, PrefilterGenericMpmRegister,	37✔
119	GetResponseData, ALPROTO_HTTP1, HTP_REQUEST_PROGRESS_HEADERS);	37✔
120
121	DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP2, SIG_FLAG_TOSERVER,	37✔
122	HTTP2StateDataClient, DetectEngineInspectBufferGeneric, GetRequestData2);	37✔
123	DetectAppLayerInspectEngineRegister("http_cookie", ALPROTO_HTTP2, SIG_FLAG_TOCLIENT,	37✔
124	HTTP2StateDataServer, DetectEngineInspectBufferGeneric, GetResponseData2);	37✔
125
126	DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOSERVER, 2, PrefilterGenericMpmRegister,	37✔
127	GetRequestData2, ALPROTO_HTTP2, HTTP2StateDataClient);	37✔
128	DetectAppLayerMpmRegister("http_cookie", SIG_FLAG_TOCLIENT, 2, PrefilterGenericMpmRegister,	37✔
129	GetResponseData2, ALPROTO_HTTP2, HTTP2StateDataServer);	37✔
130
131	DetectBufferTypeSetDescriptionByName("http_cookie",	37✔
132	"http cookie header");	37✔
133
134	g_http_cookie_buffer_id = DetectBufferTypeGetByName("http_cookie");	37✔
135	}	37✔
136
137	/**
138	* \brief this function setups the http_cookie modifier keyword used in the rule
139	*
140	* \param de_ctx Pointer to the Detection Engine Context
141	* \param s Pointer to the Signature to which the current keyword belongs
142	* \param str Should hold an empty string always
143	*
144	* \retval 0 On success
145	* \retval -1 On failure
146	*/
147
148	static int DetectHttpCookieSetup(DetectEngineCtx de_ctx, Signature s, const char *str)
149	{	103✔
150	return DetectEngineContentModifierBufferSetup(	103✔
151	de_ctx, s, str, DETECT_HTTP_COOKIE_CM, g_http_cookie_buffer_id, ALPROTO_HTTP1);	103✔
152	}	103✔
153
154	/**
155	* \brief this function setup the http.cookie keyword used in the rule
156	*
157	* \param de_ctx Pointer to the Detection Engine Context
158	* \param s Pointer to the Signature to which the current keyword belongs
159	* \param str Should hold an empty string always
160	*
161	* \retval 0 On success
162	*/
163	static int DetectHttpCookieSetupSticky(DetectEngineCtx de_ctx, Signature s, const char *str)
164	{	324✔
165	if (SCDetectBufferSetActiveList(de_ctx, s, g_http_cookie_buffer_id) < 0)	324✔
166	return -1;	×
167
168	if (SCDetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)	324✔
169	return -1;	×
170
171	return 0;	324✔
172	}	324✔
173
174	static InspectionBuffer GetRequestData(DetectEngineThreadCtx det_ctx,
175	const DetectEngineTransforms transforms, Flow _f,
176	const uint8_t _flow_flags, void *txv, const int list_id)
177	{	2,531✔
178	InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);	2,531✔
179	if (buffer->inspect == NULL) {	2,531✔
180	htp_tx_t tx = (htp_tx_t )txv;	2,504✔
181
182	if (htp_tx_request_headers(tx) == NULL)	2,504✔
183	return NULL;	×
184
185	const htp_header_t *h = htp_tx_request_header(tx, "Cookie");	2,504✔
186	if (h == NULL \|\| htp_header_value(h) == NULL) {	2,504✔
187	SCLogDebug("HTTP cookie header not present in this request");	1,441✔
188	return NULL;	1,441✔
189	}	1,441✔
190
191	const uint32_t data_len = (uint32_t)htp_header_value_len(h);	1,063✔
192	const uint8_t *data = htp_header_value_ptr(h);	1,063✔
193
194	InspectionBufferSetupAndApplyTransforms(	1,063✔
195	det_ctx, list_id, buffer, data, data_len, transforms);	1,063✔
196	}	1,063✔
197
198	return buffer;	1,090✔
199	}	2,531✔
200
201	static InspectionBuffer GetResponseData(DetectEngineThreadCtx det_ctx,
202	const DetectEngineTransforms transforms, Flow _f,
203	const uint8_t _flow_flags, void *txv, const int list_id)
204	{	2,241✔
205	InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);	2,241✔
206	if (buffer->inspect == NULL) {	2,241✔
207	htp_tx_t tx = (htp_tx_t )txv;	2,239✔
208
209	if (htp_tx_response_headers(tx) == NULL)	2,239✔
210	return NULL;	×
211
212	const htp_header_t *h = htp_tx_response_header(tx, "Set-Cookie");	2,239✔
213	if (h == NULL \|\| htp_header_value(h) == NULL) {	2,239✔
214	SCLogDebug("HTTP cookie header not present in this request");	2,087✔
215	return NULL;	2,087✔
216	}	2,087✔
217
218	const uint32_t data_len = (uint32_t)htp_header_value_len(h);	152✔
219	const uint8_t *data = htp_header_value_ptr(h);	152✔
220
221	InspectionBufferSetupAndApplyTransforms(	152✔
222	det_ctx, list_id, buffer, data, data_len, transforms);	152✔
223	}	152✔
224
225	return buffer;	154✔
226	}	2,241✔
227
228	static InspectionBuffer GetRequestData2(DetectEngineThreadCtx det_ctx,
229	const DetectEngineTransforms transforms, Flow _f, const uint8_t _flow_flags, void *txv,
230	const int list_id)
231	{	168✔
232	InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);	168✔
233	if (buffer->inspect == NULL) {	168✔
234	uint32_t b_len = 0;	168✔
235	const uint8_t *b = NULL;	168✔
236
237	if (SCHttp2TxGetCookie(txv, STREAM_TOSERVER, &b, &b_len) != 1)	168✔
238	return NULL;	159✔
239	if (b == NULL \|\| b_len == 0)	9✔
240	return NULL;	×
241
242	InspectionBufferSetupAndApplyTransforms(det_ctx, list_id, buffer, b, b_len, transforms);	9✔
243	}	9✔
244
245	return buffer;	9✔
246	}	168✔
247
248	static InspectionBuffer GetResponseData2(DetectEngineThreadCtx det_ctx,
249	const DetectEngineTransforms transforms, Flow _f, const uint8_t _flow_flags, void *txv,
250	const int list_id)
251	{	188✔
252	InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);	188✔
253	if (buffer->inspect == NULL) {	188✔
254	uint32_t b_len = 0;	188✔
255	const uint8_t *b = NULL;	188✔
256
257	if (SCHttp2TxGetCookie(txv, STREAM_TOCLIENT, &b, &b_len) != 1)	188✔
258	return NULL;	187✔
259	if (b == NULL \|\| b_len == 0)	1✔
260	return NULL;	×
261
262	InspectionBufferSetupAndApplyTransforms(det_ctx, list_id, buffer, b, b_len, transforms);	1✔
263	}	1✔
264
265	return buffer;	1✔
266	}	188✔
267
268	/****************************** UNITESTS ********************************/
269
270	#ifdef UNITTESTS
271	#include "tests/detect-http-cookie.c"
272	#endif /* UNITTESTS */
273
274	/**
275	* @}
276	*/

OISF / suricata / 22550902417

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous