Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

file/swf: Use lzma-rs decompression instead of libhtp. #8171

Closed
wants to merge 1 commit into from
Closed

file/swf: Use lzma-rs decompression instead of libhtp. #8171

wants to merge 1 commit into from

Conversation

cccs-rtmorti
Copy link
Contributor

Use the lzma-rs crate for decompressing swf/lzma files instead of the lzma decompressor in libhtp. This decouples suricata from libhtp except for actual http parsing, and means libhtp no longer has to export a lzma decompression interface.

Ticket: #5638

Make sure these boxes are signed before submitting your Pull Request -- thank you.

Link to redmine ticket: 5638

Describe changes:

  • Create a lzma.rs file which exports a lzma decompression function interface.
  • In util-file-swf-decompression.c, use this interface instead of the lzma decompression interface presented by libhtp.
  • Update error types / constants to reflect lzma-rs error conditions / results.

Update to #8154

@cccs-rtmorti
file/swf: Use lzma-rs decompression instead of libhtp.
9729d11 
Use the lzma-rs crate for decompressing swf/lzma files instead of
the lzma decompressor in libhtp. This decouples suricata from libhtp
except for actual http parsing, and means libhtp no longer has to
export a lzma decompression interface.

Ticket: OISF#5638
@cccs-rtmorti cccs-rtmorti mentioned this pull request Nov 14, 2022
Closed
3 tasks
victorjulien
victorjulien requested changes Nov 15, 2022
View reviewed changes
Copy link
Member

@victorjulien victorjulien left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

minor feedback

rust/src/lzma.rs
@@ -0,0 +1,68 @@
use lzma_rs::decompress::{Options, Stream};
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you add a copyright header here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup! Sorry I forgot it.

@codecov
Copy link

codecov bot commented Nov 15, 2022

Codecov Report

Merging #8171 (9729d11) into master (a4239d4) will increase coverage by 0.07%.
The diff coverage is 48.00%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #8171      +/-   ##
==========================================
+ Coverage   81.73%   81.80%   +0.07%     
==========================================
  Files         962      963       +1     
  Lines      276975   276998      +23     
==========================================
+ Hits       226379   226611     +232     
+ Misses      50596    50387     -209
Flag Coverage Δ
fuzzcorpus 63.71% <0.00%> (+0.18%) ⬆️
suricata-verify 59.40% <0.00%> (-0.03%) ⬇️
unittests 63.17% <48.00%> (-0.20%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

catenacyber
catenacyber reviewed Nov 16, 2022
View reviewed changes
rust/src/lzma.rs
Error::HeaderTooShort(_) => LzmaStatus::LzmaHeaderTooShortError,
Error::LzmaError(e) => {
if e.to_string().contains("exceeded memory limit") {
LzmaStatus::LzmaMemoryError
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this

catenacyber
catenacyber approved these changes Nov 16, 2022
View reviewed changes
Copy link
Contributor

@catenacyber catenacyber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this nice work.

CI : ✅
Code : looks good to me, comments were taken into account
Commits segmentation : ok
Commit messages : nice
Git ID set : looks fine for me
CLA : should be fine
Redmine ticket : ok
Rustfmt : fine for new file
Tests : good enough for me with current ones
Dependencies added: MIT License is good

@cccs-rtmorti cccs-rtmorti mentioned this pull request Nov 16, 2022
Closed
3 tasks
@cccs-rtmorti
Copy link
Contributor Author

Updated in #8176

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien requested changes

@catenacyber catenacyber catenacyber approved these changes

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cccs-rtmorti @victorjulien @catenacyber