当前位置: 首页>>代码示例>>C++>>正文

C++ DynamicPreprocessorData::inlineDrop方法代码示例

本文整理汇总了C++中DynamicPreprocessorData::inlineDrop方法的典型用法代码示例。如果您正苦于以下问题:C++ DynamicPreprocessorData::inlineDrop方法的具体用法?C++ DynamicPreprocessorData::inlineDrop怎么用?C++ DynamicPreprocessorData::inlineDrop使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在DynamicPreprocessorData的用法示例。


在下文中一共展示了DynamicPreprocessorData::inlineDrop方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。

示例1: ParseXLink2State


//.........这里部分代码省略.........
 *
 * @param   p           standard Packet structure
 * @param   x           pointer to "X-LINK2STATE" in buffer
 *
 * @retval  1           if alert raised
 * @retval  0           if no alert raised
 */
int ParseXLink2State(SFSnortPacket *p, const uint8_t *ptr)
{
    uint8_t  *lf = NULL;
    uint32_t  len = 0;
    char       x_keyword;
    const uint8_t  *end;

    if (p == NULL || ptr == NULL)
        return 0;

    /* If we got a FIRST chunk on this stream, this is not an exploit */
    if (smtp_ssn->session_flags & SMTP_FLAG_XLINK2STATE_GOTFIRSTCHUNK)
        return 0;

    /* Calculate length from pointer to end of packet data */
    end = p->payload + p->payload_size;
    if (ptr >= end)
        return 0;

    /* Check for "FIRST" or "CHUNK" after X-LINK2STATE */
    x_keyword = get_xlink_keyword(ptr, end);
    if (x_keyword != XLINK_CHUNK)
    {
        if (x_keyword == XLINK_FIRST)
            smtp_ssn->session_flags |= SMTP_FLAG_XLINK2STATE_GOTFIRSTCHUNK;

        return 0;
    }

    ptr = (uint8_t *)memchr((char *)ptr, '=', end - ptr);
    if (ptr == NULL)
        return 0;

    /* move past '=' and make sure we're within bounds */
    ptr++;
    if (ptr >= end)
        return 0;

    /*  Look for one of two patterns:
     *
     *  ... CHUNK={0000006d} MULTI (5) ({00000000051} ...
     *  ... CHUNK=AAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n
     */

    if (*ptr == '{')
    {
        /* move past '{' and make sure we're within bounds */
        ptr++;
        if ((ptr + 8) >= end)
            return 0;

        /* Get length - can we always trust it? */
        len = get_xlink_hex_value(ptr, end);
    }
    else
    {
        lf = (uint8_t *)memchr((char *)ptr, '\n', end - ptr);
        if (lf == NULL)
            return 0;

        len = lf - ptr;
    }

    if (len > XLINK2STATE_MAX_LEN)
    {
        /* Need to drop the packet if we're told to
         * (outside of whether its thresholded). */
        if (smtp_eval_config->drop_xlink2state)
        {
            _dpd.inlineDrop(p);
        }

        SMTP_GenerateAlert(SMTP_XLINK2STATE_OVERFLOW, "%s", SMTP_XLINK2STATE_OVERFLOW_STR);
        smtp_ssn->session_flags |= SMTP_FLAG_XLINK2STATE_ALERTED;

        return 1;
    }

    /* Check for more than one command in packet */
    ptr = (uint8_t *)memchr((char *)ptr, '\n', end - ptr);
    if (ptr == NULL)
        return 0;

    /* move past '\n' */
    ptr++;

    if (ptr < end)
    {
        ParseXLink2State(p, ptr);
    }

    return 0;
}
开发者ID:,项目名称:,代码行数:101,代码来源:


注:本文中的DynamicPreprocessorData::inlineDrop方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。