HTP 0.5
Macros | Functions
htp_private.h File Reference
#include <ctype.h>
#include <errno.h>
#include <iconv.h>
#include <inttypes.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <stdint.h>
#include "htp_config_auto_gen.h"
#include "htp.h"
#include "htp_config_private.h"
#include "htp_connection_parser_private.h"
#include "htp_connection_private.h"
#include "htp_list_private.h"
#include "htp_multipart_private.h"
#include "htp_table_private.h"

Go to the source code of this file.

Macros

#define CR   '\r'
 
#define LF   '\n'
 
#define HTP_LZMA_MEMLIMIT   1048576
 
#define HTP_COMPRESSION_BOMB_RATIO   2048
 
#define HTP_COMPRESSION_BOMB_LIMIT   1048576
 
#define HTP_COMPRESSION_TIME_LIMIT_USEC   100000
 
#define HTP_COMPRESSION_TIME_FREQ_TEST   256
 
#define HTP_FIELD_LIMIT_HARD   18000
 
#define HTP_FIELD_LIMIT_SOFT   9000
 
#define HTP_VALID_STATUS_MIN   100
 
#define HTP_VALID_STATUS_MAX   999
 

Functions

htp_status_t htp_connp_REQ_IDLE (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_LINE (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_LINE_complete (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_PROTOCOL (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_HEADERS (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_CONNECT_CHECK (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_CONNECT_WAIT_RESPONSE (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_CONNECT_PROBE_DATA (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_BODY_DETERMINE (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_BODY_IDENTITY (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_BODY_CHUNKED_LENGTH (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_BODY_CHUNKED_DATA (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_BODY_CHUNKED_DATA_END (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_FINALIZE (htp_connp_t *connp)
 
htp_status_t htp_connp_REQ_IGNORE_DATA_AFTER_HTTP_0_9 (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_IDLE (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_LINE (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_HEADERS (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_BODY_DETERMINE (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_BODY_IDENTITY_CL_KNOWN (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_BODY_IDENTITY_STREAM_CLOSE (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_BODY_CHUNKED_LENGTH (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_BODY_CHUNKED_DATA (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_BODY_CHUNKED_DATA_END (htp_connp_t *connp)
 
htp_status_t htp_connp_RES_FINALIZE (htp_connp_t *connp)
 
htp_status_t htp_parse_request_line_generic (htp_connp_t *connp)
 
htp_status_t htp_parse_request_line_generic_ex (htp_connp_t *connp, int nul_terminates)
 
htp_status_t htp_parse_request_header_generic (htp_connp_t *connp, htp_header_t *h, unsigned char *data, size_t len)
 
htp_status_t htp_process_request_header_generic (htp_connp_t *, unsigned char *data, size_t len)
 
htp_status_t htp_parse_request_line_apache_2_2 (htp_connp_t *connp)
 
htp_status_t htp_process_request_header_apache_2_2 (htp_connp_t *, unsigned char *data, size_t len)
 
htp_status_t htp_parse_response_line_generic (htp_connp_t *connp)
 
htp_status_t htp_parse_response_header_generic (htp_connp_t *connp, htp_header_t *h, unsigned char *data, size_t len)
 
htp_status_t htp_process_response_header_generic (htp_connp_t *connp, unsigned char *data, size_t len)
 
htp_status_t htp_tx_state_response_complete_ex (htp_tx_t *tx, int hybrid_mode)
 
int htp_convert_method_to_number (bstr *)
 
int htp_is_lws (int c)
 
int htp_is_separator (int c)
 
int htp_is_text (int c)
 
int htp_is_token (int c)
 
int htp_chomp (unsigned char *data, size_t *len)
 
int htp_is_space (int c)
 
int htp_parse_protocol (bstr *protocol)
 
int htp_is_line_empty (unsigned char *data, size_t len)
 
int htp_is_line_whitespace (unsigned char *data, size_t len)
 
int htp_connp_is_line_folded (unsigned char *data, size_t len)
 
int htp_is_folding_char (int c)
 
int htp_connp_is_line_terminator (htp_connp_t *connp, unsigned char *data, size_t len, int next_no_lf)
 
int htp_connp_is_line_ignorable (htp_connp_t *connp, unsigned char *data, size_t len)
 
int htp_parse_uri (bstr *input, htp_uri_t **uri)
 
htp_status_t htp_parse_hostport (bstr *authority, bstr **hostname, bstr **port, int *port_number, int *invalid)
 
htp_status_t htp_parse_header_hostport (bstr *authority, bstr **hostname, bstr **port, int *port_number, uint64_t *flags)
 
int htp_validate_hostname (bstr *hostname)
 
int htp_parse_uri_hostport (htp_connp_t *connp, bstr *input, htp_uri_t *uri)
 
int htp_normalize_parsed_uri (htp_tx_t *tx, htp_uri_t *parsed_uri_incomplete, htp_uri_t *parsed_uri)
 
bstrhtp_normalize_hostname_inplace (bstr *input)
 
int htp_decode_path_inplace (htp_tx_t *tx, bstr *path)
 
int htp_prenormalize_uri_path_inplace (bstr *s, int *flags, int case_insensitive, int backslash, int decode_separators, int remove_consecutive)
 
void htp_normalize_uri_path_inplace (bstr *s)
 
void htp_utf8_decode_path_inplace (htp_cfg_t *cfg, htp_tx_t *tx, bstr *path)
 
void htp_utf8_validate_path (htp_tx_t *tx, bstr *path)
 
int64_t htp_parse_content_length (bstr *b, htp_connp_t *connp)
 
int64_t htp_parse_chunked_length (unsigned char *data, size_t len, int *extension)
 
int64_t htp_parse_positive_integer_whitespace (unsigned char *data, size_t len, int base)
 
int htp_parse_status (bstr *status)
 
int htp_parse_authorization_digest (htp_connp_t *connp, htp_header_t *auth_header)
 
int htp_parse_authorization_basic (htp_connp_t *connp, htp_header_t *auth_header)
 
int htp_parse_authorization_bearer (htp_connp_t *connp, htp_header_t *auth_header)
 
void htp_print_log (FILE *stream, htp_log_t *log)
 
void fprint_bstr (FILE *stream, const char *name, bstr *b)
 
void fprint_raw_data (FILE *stream, const char *name, const void *data, size_t len)
 
void fprint_raw_data_ex (FILE *stream, const char *name, const void *data, size_t offset, size_t len)
 
char * htp_connp_in_state_as_string (htp_connp_t *connp)
 
char * htp_connp_out_state_as_string (htp_connp_t *connp)
 
char * htp_tx_request_progress_as_string (htp_tx_t *tx)
 
char * htp_tx_response_progress_as_string (htp_tx_t *tx)
 
bstrhtp_unparse_uri_noencode (htp_uri_t *uri)
 
int htp_treat_response_line_as_body (const uint8_t *data, size_t len)
 
htp_status_t htp_req_run_hook_body_data (htp_connp_t *connp, htp_tx_data_t *d)
 
htp_status_t htp_res_run_hook_body_data (htp_connp_t *connp, htp_tx_data_t *d)
 
htp_status_t htp_ch_urlencoded_callback_request_body_data (htp_tx_data_t *d)
 
htp_status_t htp_ch_urlencoded_callback_request_headers (htp_tx_t *tx)
 
htp_status_t htp_ch_urlencoded_callback_request_line (htp_tx_t *tx)
 
htp_status_t htp_ch_multipart_callback_request_body_data (htp_tx_data_t *d)
 
htp_status_t htp_ch_multipart_callback_request_headers (htp_tx_t *tx)
 
htp_status_t htp_php_parameter_processor (htp_param_t *p)
 
int htp_transcode_params (htp_connp_t *connp, htp_table_t **params, int destroy_old)
 
int htp_transcode_bstr (iconv_t cd, bstr *input, bstr **output)
 
int htp_parse_single_cookie_v0 (htp_connp_t *connp, unsigned char *data, size_t len)
 
int htp_parse_cookies_v0 (htp_connp_t *connp)
 
int htp_parse_authorization (htp_connp_t *connp)
 
htp_status_t htp_extract_quoted_string_as_bstr (unsigned char *data, size_t len, bstr **out, size_t *endoffset)
 
htp_header_thtp_connp_header_parse (htp_connp_t *, unsigned char *, size_t)
 
htp_status_t htp_parse_ct_header (bstr *header, bstr **ct)
 
htp_status_t htp_connp_req_receiver_finalize_clear (htp_connp_t *connp)
 
htp_status_t htp_connp_res_receiver_finalize_clear (htp_connp_t *connp)
 
htp_status_t htp_tx_finalize (htp_tx_t *tx)
 
int htp_tx_is_complete (htp_tx_t *tx)
 
htp_status_t htp_tx_state_request_complete_partial (htp_tx_t *tx)
 
void htp_connp_tx_remove (htp_connp_t *connp, htp_tx_t *tx)
 
void htp_tx_destroy_incomplete (htp_tx_t *tx)
 
htp_status_t htp_tx_req_process_body_data_ex (htp_tx_t *tx, const void *data, size_t len)
 
htp_status_t htp_tx_res_process_body_data_ex (htp_tx_t *tx, const void *data, size_t len)
 
htp_status_t htp_tx_urldecode_uri_inplace (htp_tx_t *tx, bstr *input)
 
htp_status_t htp_tx_urldecode_params_inplace (htp_tx_t *tx, bstr *input)
 
void htp_connp_destroy_decompressors (htp_connp_t *connp)
 
size_t strlcat (char *dst, const char *src, size_t size)
 
size_t strlcpy (char *dst, const char *src, size_t size)
 

Detailed Description

Author
Ivan Ristic ivanr.nosp@m.@web.nosp@m.kreat.nosp@m.or.c.nosp@m.om

Macro Definition Documentation

◆ CR

#define CR   '\r'

◆ HTP_COMPRESSION_BOMB_LIMIT

#define HTP_COMPRESSION_BOMB_LIMIT   1048576

◆ HTP_COMPRESSION_BOMB_RATIO

#define HTP_COMPRESSION_BOMB_RATIO   2048

◆ HTP_COMPRESSION_TIME_FREQ_TEST

#define HTP_COMPRESSION_TIME_FREQ_TEST   256

◆ HTP_COMPRESSION_TIME_LIMIT_USEC

#define HTP_COMPRESSION_TIME_LIMIT_USEC   100000

◆ HTP_FIELD_LIMIT_HARD

#define HTP_FIELD_LIMIT_HARD   18000

◆ HTP_FIELD_LIMIT_SOFT

#define HTP_FIELD_LIMIT_SOFT   9000

◆ HTP_LZMA_MEMLIMIT

#define HTP_LZMA_MEMLIMIT   1048576

◆ HTP_VALID_STATUS_MAX

#define HTP_VALID_STATUS_MAX   999

◆ HTP_VALID_STATUS_MIN

#define HTP_VALID_STATUS_MIN   100

◆ LF

#define LF   '\n'

Function Documentation

◆ fprint_bstr()

void fprint_bstr ( FILE * stream,
const char * name,
bstr * b )

◆ fprint_raw_data()

void fprint_raw_data ( FILE * stream,
const char * name,
const void * data,
size_t len )

◆ fprint_raw_data_ex()

void fprint_raw_data_ex ( FILE * stream,
const char * name,
const void * data,
size_t offset,
size_t len )

◆ htp_ch_multipart_callback_request_body_data()

htp_status_t htp_ch_multipart_callback_request_body_data ( htp_tx_data_t * d)

Finalize Multipart processing.

Parameters
[in]d
Returns
HTP_OK on success, HTP_ERROR on failure.

◆ htp_ch_multipart_callback_request_headers()

htp_status_t htp_ch_multipart_callback_request_headers ( htp_tx_t * tx)

Inspect request headers and register the Multipart request data hook if it contains a multipart/form-data body.

Parameters
[in]connp
Returns
HTP_OK if a new parser has been setup, HTP_DECLINED if the MIME type is not appropriate for this parser, and HTP_ERROR on failure.

◆ htp_ch_urlencoded_callback_request_body_data()

htp_status_t htp_ch_urlencoded_callback_request_body_data ( htp_tx_data_t * d)

This callback function feeds request body data to a Urlencoded parser and, later, feeds the parsed parameters to the correct structures.

Parameters
[in]d
Returns
HTP_OK on success, HTP_ERROR on failure.

◆ htp_ch_urlencoded_callback_request_headers()

htp_status_t htp_ch_urlencoded_callback_request_headers ( htp_tx_t * tx)

Determine if the request has a Urlencoded body, and, if it does, create and attach an instance of the Urlencoded parser to the transaction.

Parameters
[in]connp
Returns
HTP_OK if a new parser has been setup, HTP_DECLINED if the MIME type is not appropriate for this parser, and HTP_ERROR on failure.

◆ htp_ch_urlencoded_callback_request_line()

htp_status_t htp_ch_urlencoded_callback_request_line ( htp_tx_t * tx)

Parses request query string, if present.

Parameters
[in]connp
[in]raw_data
[in]raw_len
Returns
HTP_OK if query string was parsed, HTP_DECLINED if there was no query string, and HTP_ERROR on failure.

◆ htp_chomp()

int htp_chomp ( unsigned char * data,
size_t * len )

Remove all line terminators (LF, CR or CRLF) from the end of the line provided as input.

Returns
0 if nothing was removed, 1 if one or more LF characters were removed, or 2 if one or more CR and/or LF characters were removed.

◆ htp_connp_destroy_decompressors()

void htp_connp_destroy_decompressors ( htp_connp_t * connp)

◆ htp_connp_header_parse()

htp_header_t * htp_connp_header_parse ( htp_connp_t * ,
unsigned char * ,
size_t  )

◆ htp_connp_in_state_as_string()

char * htp_connp_in_state_as_string ( htp_connp_t * connp)

◆ htp_connp_is_line_folded()

int htp_connp_is_line_folded ( unsigned char * data,
size_t len )

Determines if the given line is a continuation (of some previous line).

Parameters
[in]data
[in]len
Returns
0 or 1 for false and true, respectively. Returns -1 on error (NULL pointer or length zero).

◆ htp_connp_is_line_ignorable()

int htp_connp_is_line_ignorable ( htp_connp_t * connp,
unsigned char * data,
size_t len )

Determines if the given line can be ignored when it appears before a request.

Parameters
[in]connp
[in]data
[in]len
Returns
0 or 1

◆ htp_connp_is_line_terminator()

int htp_connp_is_line_terminator ( htp_connp_t * connp,
unsigned char * data,
size_t len,
int next_no_lf )

Determines if the given line is a request terminator.

Parameters
[in]connp
[in]data
[in]len
Returns
0 or 1

◆ htp_connp_out_state_as_string()

char * htp_connp_out_state_as_string ( htp_connp_t * connp)

◆ htp_connp_REQ_BODY_CHUNKED_DATA()

htp_status_t htp_connp_REQ_BODY_CHUNKED_DATA ( htp_connp_t * connp)

Processes a chunk of data.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_BODY_CHUNKED_DATA_END()

htp_status_t htp_connp_REQ_BODY_CHUNKED_DATA_END ( htp_connp_t * connp)

Consumes bytes until the end of the current line.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_BODY_CHUNKED_LENGTH()

htp_status_t htp_connp_REQ_BODY_CHUNKED_LENGTH ( htp_connp_t * connp)

Extracts chunk length.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_BODY_DETERMINE()

htp_status_t htp_connp_REQ_BODY_DETERMINE ( htp_connp_t * connp)

Determines presence (and encoding) of a request body.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_BODY_IDENTITY()

htp_status_t htp_connp_REQ_BODY_IDENTITY ( htp_connp_t * connp)

Processes identity request body.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_CONNECT_CHECK()

htp_status_t htp_connp_REQ_CONNECT_CHECK ( htp_connp_t * connp)

Performs a check for a CONNECT transaction to decide whether inbound parsing needs to be suspended.

Parameters
[in]connp
Returns
HTP_OK if the request does not use CONNECT, HTP_DATA_OTHER if inbound parsing needs to be suspended until we hear from the other side

◆ htp_connp_REQ_CONNECT_PROBE_DATA()

htp_status_t htp_connp_REQ_CONNECT_PROBE_DATA ( htp_connp_t * connp)

Determines whether inbound parsing needs to continue or stop. In case the data appears to be plain text HTTP, we try to continue.

Parameters
[in]connp
Returns
HTP_OK if the parser can resume parsing, HTP_DATA_BUFFER if we need more data.

◆ htp_connp_REQ_CONNECT_WAIT_RESPONSE()

htp_status_t htp_connp_REQ_CONNECT_WAIT_RESPONSE ( htp_connp_t * connp)

Determines whether inbound parsing, which was suspended after encountering a CONNECT transaction, can proceed (after receiving the response).

Parameters
[in]connp
Returns
HTP_OK if the parser can resume parsing, HTP_DATA_OTHER if it needs to continue waiting.

◆ htp_connp_REQ_FINALIZE()

htp_status_t htp_connp_REQ_FINALIZE ( htp_connp_t * connp)

◆ htp_connp_REQ_HEADERS()

htp_status_t htp_connp_REQ_HEADERS ( htp_connp_t * connp)

Parses request headers.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_IDLE()

htp_status_t htp_connp_REQ_IDLE ( htp_connp_t * connp)

The idle state is where the parser will end up after a transaction is processed. If there is more data available, a new request will be started.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_IGNORE_DATA_AFTER_HTTP_0_9()

htp_status_t htp_connp_REQ_IGNORE_DATA_AFTER_HTTP_0_9 ( htp_connp_t * connp)

◆ htp_connp_REQ_LINE()

htp_status_t htp_connp_REQ_LINE ( htp_connp_t * connp)

Parses request line.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_REQ_LINE_complete()

htp_status_t htp_connp_REQ_LINE_complete ( htp_connp_t * connp)

Parse the request line.

Parameters
[in]connp
Returns
HTP_OK on succesful parse, HTP_ERROR on error.

◆ htp_connp_REQ_PROTOCOL()

htp_status_t htp_connp_REQ_PROTOCOL ( htp_connp_t * connp)

Determines request protocol.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_req_receiver_finalize_clear()

htp_status_t htp_connp_req_receiver_finalize_clear ( htp_connp_t * connp)

Finalizes an existing data receiver hook by sending any outstanding data to it. The hook is then removed so that it receives no more data.

Parameters
[in]connp
Returns
HTP_OK, or a value returned from a callback.

◆ htp_connp_RES_BODY_CHUNKED_DATA()

htp_status_t htp_connp_RES_BODY_CHUNKED_DATA ( htp_connp_t * connp)

Processes a chunk of data.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_BODY_CHUNKED_DATA_END()

htp_status_t htp_connp_RES_BODY_CHUNKED_DATA_END ( htp_connp_t * connp)

Consumes bytes until the end of the current line.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_BODY_CHUNKED_LENGTH()

htp_status_t htp_connp_RES_BODY_CHUNKED_LENGTH ( htp_connp_t * connp)

Extracts chunk length.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_BODY_DETERMINE()

htp_status_t htp_connp_RES_BODY_DETERMINE ( htp_connp_t * connp)

Determines presence (and encoding) of a response body.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_BODY_IDENTITY_CL_KNOWN()

htp_status_t htp_connp_RES_BODY_IDENTITY_CL_KNOWN ( htp_connp_t * connp)

Processes an identity response body of known length.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_BODY_IDENTITY_STREAM_CLOSE()

htp_status_t htp_connp_RES_BODY_IDENTITY_STREAM_CLOSE ( htp_connp_t * connp)

Processes identity response body of unknown length. In this case, we assume the response body consumes all data until the end of the stream.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_FINALIZE()

htp_status_t htp_connp_RES_FINALIZE ( htp_connp_t * connp)

◆ htp_connp_RES_HEADERS()

htp_status_t htp_connp_RES_HEADERS ( htp_connp_t * connp)

Parses response headers.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_IDLE()

htp_status_t htp_connp_RES_IDLE ( htp_connp_t * connp)

The response idle state will initialize response processing, as well as finalize each transactions after we are done with it.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_RES_LINE()

htp_status_t htp_connp_RES_LINE ( htp_connp_t * connp)

Parses response line.

Parameters
[in]connp
Returns
HTP_OK on state change, HTP_ERROR on error, or HTP_DATA when more data is needed.

◆ htp_connp_res_receiver_finalize_clear()

htp_status_t htp_connp_res_receiver_finalize_clear ( htp_connp_t * connp)

Finalizes an existing data receiver hook by sending any outstanding data to it. The hook is then removed so that it receives no more data.

Parameters
[in]connp
Returns
HTP_OK, or a value returned from a callback.

◆ htp_connp_tx_remove()

void htp_connp_tx_remove ( htp_connp_t * connp,
htp_tx_t * tx )

Removes references to the supplied transaction.

Parameters
[in]connp
[in]tx

◆ htp_convert_method_to_number()

int htp_convert_method_to_number ( bstr * method)

Converts request method, given as a string, into a number.

Parameters
[in]method
Returns
Method number of M_UNKNOWN

◆ htp_decode_path_inplace()

int htp_decode_path_inplace ( htp_tx_t * tx,
bstr * path )

Decode a request path according to the settings in the provided configuration structure.

Parameters
[in]cfg
[in]tx
[in]path

◆ htp_extract_quoted_string_as_bstr()

htp_status_t htp_extract_quoted_string_as_bstr ( unsigned char * data,
size_t len,
bstr ** out,
size_t * endoffset )

Parses the provided memory region, extracting the double-quoted string.

Parameters
[in]data
[in]len
[out]out
[out]endoffset
Returns
HTP_OK on success, HTP_DECLINED if the input is not well formed, and HTP_ERROR on fatal errors.

◆ htp_is_folding_char()

int htp_is_folding_char ( int c)

◆ htp_is_line_empty()

int htp_is_line_empty ( unsigned char * data,
size_t len )

Is the given line empty?

Parameters
[in]data
[in]len
Returns
0 or 1

◆ htp_is_line_whitespace()

int htp_is_line_whitespace ( unsigned char * data,
size_t len )

Does line consist entirely of whitespace characters?

Parameters
[in]data
[in]len
Returns
0 or 1

◆ htp_is_lws()

int htp_is_lws ( int c)

Is character a linear white space character?

Parameters
[in]c
Returns
0 or 1

◆ htp_is_separator()

int htp_is_separator ( int c)

Is character a separator character?

Parameters
[in]c
Returns
0 or 1

◆ htp_is_space()

int htp_is_space ( int c)

Is character a white space character?

Parameters
[in]c
Returns
0 or 1

◆ htp_is_text()

int htp_is_text ( int c)

Is character a text character?

Parameters
[in]c
Returns
0 or 1

◆ htp_is_token()

int htp_is_token ( int c)

Is character a token character?

Parameters
[in]c
Returns
0 or 1

◆ htp_normalize_hostname_inplace()

bstr * htp_normalize_hostname_inplace ( bstr * hostname)

Normalize request hostname. Convert all characters to lowercase and remove trailing dots from the end, if present.

Parameters
[in]hostname
Returns
Normalized hostname.

◆ htp_normalize_parsed_uri()

int htp_normalize_parsed_uri ( htp_tx_t * tx,
htp_uri_t * incomplete,
htp_uri_t * normalized )

Normalize a previously-parsed request URI.

Parameters
[in]connp
[in]incomplete
[in]normalized
Returns
HTP_OK or HTP_ERROR

◆ htp_normalize_uri_path_inplace()

void htp_normalize_uri_path_inplace ( bstr * s)

Normalize URL path. This function implements the remove dot segments algorithm specified in RFC 3986, section 5.2.4.

Parameters
[in]s

◆ htp_parse_authorization()

int htp_parse_authorization ( htp_connp_t * connp)

Parses Authorization request header.

Parameters
[in]connp

◆ htp_parse_authorization_basic()

int htp_parse_authorization_basic ( htp_connp_t * connp,
htp_header_t * auth_header )

Parses Basic Authorization request header.

Parameters
[in]connp
[in]auth_header

◆ htp_parse_authorization_bearer()

int htp_parse_authorization_bearer ( htp_connp_t * connp,
htp_header_t * auth_header )

Parses Bearer Authorization request header.

Parameters
[in]connp
[in]auth_header

◆ htp_parse_authorization_digest()

int htp_parse_authorization_digest ( htp_connp_t * connp,
htp_header_t * auth_header )

Parses Digest Authorization request header.

Parameters
[in]connp
[in]auth_header

◆ htp_parse_chunked_length()

int64_t htp_parse_chunked_length ( unsigned char * data,
size_t len,
int * extension )

Parses chunk length (positive hexadecimal number). White space is allowed before and after the number. An error will be returned if the chunk length is greater than INT32_MAX.

Parameters
[in]data
[in]len
Returns
Chunk length, or a negative number on error.

◆ htp_parse_content_length()

int64_t htp_parse_content_length ( bstr * b,
htp_connp_t * connp )

Parses Content-Length string (positive decimal number). White space is allowed before and after the number.

Parameters
[in]b
Returns
Content-Length as a number, or -1 on error.

◆ htp_parse_cookies_v0()

int htp_parse_cookies_v0 ( htp_connp_t * connp)

Parses the Cookie request header in v0 format.

Parameters
[in]connp
Returns
HTP_OK on success, HTP_ERROR on error

◆ htp_parse_ct_header()

htp_status_t htp_parse_ct_header ( bstr * header,
bstr ** ct )

◆ htp_parse_header_hostport()

htp_status_t htp_parse_header_hostport ( bstr * hostport,
bstr ** hostname,
bstr ** port,
int * port_number,
uint64_t * flags )

Parses hostport provided in the Host header.

Parameters
[in]hostport
[out]hostname
[out]port
[out]port_number
[out]flags
Returns
HTP_OK on success or HTP_ERROR error.

◆ htp_parse_hostport()

htp_status_t htp_parse_hostport ( bstr * hostport,
bstr ** hostname,
bstr ** port,
int * port_number,
int * invalid )

Parses an authority string, which consists of a hostname with an optional port number; username and password are not allowed and will not be handled.

Parameters
[in]hostport
[out]hostnameA bstring containing the hostname, or NULL if the hostname is invalid. If this value is not NULL, the caller assumes responsibility for memory management.
[out]portPort as text, or NULL if not provided.
[out]port_numberPort number, or -1 if the port is not present or invalid.
[out]invalidSet to 1 if any part of the authority is invalid.
Returns
HTP_OK on success, HTP_ERROR on memory allocation failure.

◆ htp_parse_positive_integer_whitespace()

int64_t htp_parse_positive_integer_whitespace ( unsigned char * data,
size_t len,
int base )

A somewhat forgiving parser for a positive integer in a given base. Only LWS is allowed before and after the number.

Parameters
[in]data
[in]len
[in]base
Returns
The parsed number on success; a negative number on error.

◆ htp_parse_protocol()

int htp_parse_protocol ( bstr * protocol)

Determines protocol number from a textual representation (i.e., "HTTP/1.1"). This function will only understand a properly formatted protocol information. It does not try to be flexible.

Parameters
[in]protocol
Returns
Protocol version or PROTOCOL_UNKNOWN.

◆ htp_parse_request_header_generic()

htp_status_t htp_parse_request_header_generic ( htp_connp_t * connp,
htp_header_t * h,
unsigned char * data,
size_t len )

Generic request header parser.

Parameters
[in]connp
[in]h
[in]data
[in]len
Returns
HTP_OK or HTP_ERROR

◆ htp_parse_request_line_apache_2_2()

htp_status_t htp_parse_request_line_apache_2_2 ( htp_connp_t * connp)

Parse request line as Apache 2.2 does.

Parameters
[in]connp
Returns
HTP_OK or HTP_ERROR

◆ htp_parse_request_line_generic()

htp_status_t htp_parse_request_line_generic ( htp_connp_t * connp)

Generic request line parser.

Parameters
[in]connp
Returns
HTP_OK or HTP_ERROR

◆ htp_parse_request_line_generic_ex()

htp_status_t htp_parse_request_line_generic_ex ( htp_connp_t * connp,
int nul_terminates )

◆ htp_parse_response_header_generic()

htp_status_t htp_parse_response_header_generic ( htp_connp_t * connp,
htp_header_t * h,
unsigned char * data,
size_t len )

Generic response header parser.

Parameters
[in]connp
[in]h
[in]data
[in]len
Returns
HTP status

◆ htp_parse_response_line_generic()

htp_status_t htp_parse_response_line_generic ( htp_connp_t * connp)

Generic response line parser.

Parameters
[in]connp
Returns
HTP status

◆ htp_parse_single_cookie_v0()

int htp_parse_single_cookie_v0 ( htp_connp_t * connp,
unsigned char * data,
size_t len )

Parses a single v0 request cookie and places the results into tx->request_cookies.

Parameters
[in]connp
[in]data
[in]len
Returns
HTP_OK on success, HTP_ERROR on error.

◆ htp_parse_status()

int htp_parse_status ( bstr * status)

Determines the numerical value of a response status given as a string.

Parameters
[in]status
Returns
Status code on success, or HTP_STATUS_INVALID on error.

◆ htp_parse_uri()

int htp_parse_uri ( bstr * input,
htp_uri_t ** uri )

Parses request URI, making no attempt to validate the contents.

Parameters
[in]input
[in]uri
Returns
HTP_ERROR on memory allocation failure, HTP_OK otherwise

◆ htp_parse_uri_hostport()

int htp_parse_uri_hostport ( htp_connp_t * connp,
bstr * hostport,
htp_uri_t * uri )

Parses hostport provided in the URI.

Parameters
[in]connp
[in]hostport
[in]uri
Returns
HTP_OK on success or HTP_ERROR error.

◆ htp_php_parameter_processor()

htp_status_t htp_php_parameter_processor ( htp_param_t * p)

This is a proof-of-concept processor that processes parameter names in a way similar to PHP. Whitespace at the beginning is removed, and the remaining whitespace characters are converted to underscores. Proper research of PHP's behavior is needed before we can claim to be emulating it.

Parameters
[in,out]p
Returns
HTP_OK on success, HTP_ERROR on failure.

◆ htp_prenormalize_uri_path_inplace()

int htp_prenormalize_uri_path_inplace ( bstr * s,
int * flags,
int case_insensitive,
int backslash,
int decode_separators,
int remove_consecutive )

◆ htp_print_log()

void htp_print_log ( FILE * stream,
htp_log_t * log )

◆ htp_process_request_header_apache_2_2()

htp_status_t htp_process_request_header_apache_2_2 ( htp_connp_t * connp,
unsigned char * data,
size_t len )

Extract one request header. A header can span multiple lines, in which case they will be folded into one before parsing is attempted.

Parameters
[in]connp
[in]data
[in]len
Returns
HTP_OK or HTP_ERROR

◆ htp_process_request_header_generic()

htp_status_t htp_process_request_header_generic ( htp_connp_t * connp,
unsigned char * data,
size_t len )

Extract one request header. A header can span multiple lines, in which case they will be folded into one before parsing is attempted.

Parameters
[in]connp
[in]data
[in]len
Returns
HTP_OK or HTP_ERROR

◆ htp_process_response_header_generic()

htp_status_t htp_process_response_header_generic ( htp_connp_t * connp,
unsigned char * data,
size_t len )

Generic response header line(s) processor, which assembles folded lines into a single buffer before invoking the parsing function.

Parameters
[in]connp
[in]data
[in]len
Returns
HTP status

◆ htp_req_run_hook_body_data()

htp_status_t htp_req_run_hook_body_data ( htp_connp_t * connp,
htp_tx_data_t * d )

Run the REQUEST_BODY_DATA hook.

Parameters
[in]connp
[in]d

◆ htp_res_run_hook_body_data()

htp_status_t htp_res_run_hook_body_data ( htp_connp_t * connp,
htp_tx_data_t * d )

Run the RESPONSE_BODY_DATA hook.

Parameters
[in]connp
[in]d

◆ htp_transcode_bstr()

int htp_transcode_bstr ( iconv_t cd,
bstr * input,
bstr ** output )

Transcode one bstr.

Parameters
[in]cd
[in]input
[in]output

◆ htp_transcode_params()

int htp_transcode_params ( htp_connp_t * connp,
htp_table_t ** params,
int destroy_old )

Transcode all parameters supplied in the table.

Parameters
[in]connp
[in]params
[in]destroy_old

◆ htp_treat_response_line_as_body()

int htp_treat_response_line_as_body ( const uint8_t * data,
size_t len )

Determine if the information provided on the response line is good enough. Browsers are lax when it comes to response line parsing. In most cases they will only look for the words "http" at the beginning.

Parameters
[in]datapointer to bytearray
[in]lenlength in bytes of data
Returns
1 for good enough or 0 for not good enough

◆ htp_tx_destroy_incomplete()

void htp_tx_destroy_incomplete ( htp_tx_t * tx)

◆ htp_tx_finalize()

htp_status_t htp_tx_finalize ( htp_tx_t * tx)

◆ htp_tx_is_complete()

int htp_tx_is_complete ( htp_tx_t * tx)

◆ htp_tx_req_process_body_data_ex()

htp_status_t htp_tx_req_process_body_data_ex ( htp_tx_t * tx,
const void * data,
size_t len )

◆ htp_tx_request_progress_as_string()

char * htp_tx_request_progress_as_string ( htp_tx_t * tx)

◆ htp_tx_res_process_body_data_ex()

htp_status_t htp_tx_res_process_body_data_ex ( htp_tx_t * tx,
const void * data,
size_t len )

◆ htp_tx_response_progress_as_string()

char * htp_tx_response_progress_as_string ( htp_tx_t * tx)

◆ htp_tx_state_request_complete_partial()

htp_status_t htp_tx_state_request_complete_partial ( htp_tx_t * tx)

◆ htp_tx_state_response_complete_ex()

htp_status_t htp_tx_state_response_complete_ex ( htp_tx_t * tx,
int hybrid_mode )

◆ htp_tx_urldecode_params_inplace()

htp_status_t htp_tx_urldecode_params_inplace ( htp_tx_t * tx,
bstr * input )

◆ htp_tx_urldecode_uri_inplace()

htp_status_t htp_tx_urldecode_uri_inplace ( htp_tx_t * tx,
bstr * input )

◆ htp_unparse_uri_noencode()

bstr * htp_unparse_uri_noencode ( htp_uri_t * uri)

◆ htp_utf8_decode_path_inplace()

void htp_utf8_decode_path_inplace ( htp_cfg_t * cfg,
htp_tx_t * tx,
bstr * path )

Decode a UTF-8 encoded path. Overlong characters will be decoded, invalid characters will be left as-is. Best-fit mapping will be used to convert UTF-8 into a single-byte stream.

Parameters
[in]cfg
[in]tx
[in]path

◆ htp_utf8_validate_path()

void htp_utf8_validate_path ( htp_tx_t * tx,
bstr * path )

Validate a path that is quite possibly UTF-8 encoded.

Parameters
[in]tx
[in]path

◆ htp_validate_hostname()

int htp_validate_hostname ( bstr * hostname)

Implements relaxed (not strictly RFC) hostname validation.

Parameters
[in]hostname
Returns
1 if the supplied hostname is valid; 0 if it is not.

◆ strlcat()

size_t strlcat ( char * dst,
const char * src,
size_t size )

◆ strlcpy()

size_t strlcpy ( char * dst,
const char * src,
size_t size )