From bcc1e6ae327bc4207c4b48db939235c94fbe75ec Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Sun, 24 May 2026 20:55:11 +0200 Subject: [PATCH] rust: format http2 files Ticket: 3836 --- .github/workflows/builds.yml | 1 + rust/src/http2/decompression.rs | 3 +-- rust/src/http2/http2.rs | 2 +- rust/src/http2/parser.rs | 34 ++++++++++++++++++++------------- 4 files changed, 24 insertions(+), 16 deletions(-) diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml index bd7551c299..5e476ed8f1 100644 --- a/.github/workflows/builds.yml +++ b/.github/workflows/builds.yml @@ -393,6 +393,7 @@ jobs: rust/src/ldap/*.rs rust/src/mime/*.rs rust/src/ntp/*.rs rust/src/quic/*.rs rust/src/rfb/*.rs rust/src/ssh/*.rs rust/src/utils/*.rs rust/src/websocket/*.rs rust/src/dhcp/*.rs rust/src/krb/*.rs rust/src/mdns/*.rs rust/src/pop3/*.rs + rust/src/http2/*.rs - name: Check if Cargo.lock.in is up to date run: | cp rust/Cargo.lock rust/Cargo.lock.in diff --git a/rust/src/http2/decompression.rs b/rust/src/http2/decompression.rs index a7bebf7023..0bb8a53622 100644 --- a/rust/src/http2/decompression.rs +++ b/rust/src/http2/decompression.rs @@ -154,8 +154,7 @@ fn http2_decompress<'a>( Ok(n) => { offset += n; if offset == output.len() { - if output.len() > unsafe { HTTP2_COMPRESSION_BOMB_LIMIT as usize } - { + if output.len() > unsafe { HTTP2_COMPRESSION_BOMB_LIMIT as usize } { return Err(io::Error::new( io::ErrorKind::OutOfMemory, "Decompression bomb detected", diff --git a/rust/src/http2/http2.rs b/rust/src/http2/http2.rs index 0fad70095f..97d7fd8210 100644 --- a/rust/src/http2/http2.rs +++ b/rust/src/http2/http2.rs @@ -39,13 +39,13 @@ use std::collections::VecDeque; use std::ffi::CString; use std::fmt; use std::io; +use suricata_sys::sys::AppProtoEnum::ALPROTO_HTTP1; use suricata_sys::sys::{ AppLayerParserState, AppProto, HttpRangeContainerBlock, SCAppLayerForceProtocolChange, SCAppLayerParserConfParserEnabled, SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCFileFlowFlagsToFlags, SCHTTP2MimicHttp1Request, }; -use suricata_sys::sys::AppProtoEnum::ALPROTO_HTTP1; static mut ALPROTO_HTTP2: AppProto = ALPROTO_UNKNOWN; static mut ALPROTO_DOH2: AppProto = ALPROTO_UNKNOWN; diff --git a/rust/src/http2/parser.rs b/rust/src/http2/parser.rs index ebe556aad8..92670b6d47 100644 --- a/rust/src/http2/parser.rs +++ b/rust/src/http2/parser.rs @@ -19,6 +19,7 @@ use super::huffman; use crate::common::nom7::bits; use crate::detect::uint::{detect_parse_uint, DetectUintData}; use crate::http2::http2::{HTTP2DynTable, HTTP2_MAX_TABLESIZE}; +use base64::{engine::general_purpose::STANDARD_NO_PAD, Engine}; use nom7::bits::streaming::take as take_bits; use nom7::bytes::complete::tag; use nom7::bytes::streaming::{take, take_while}; @@ -29,13 +30,11 @@ use nom7::number::streaming::{be_u16, be_u24, be_u32, be_u8}; use nom7::sequence::tuple; use nom7::{Err, IResult}; use std::fmt; -use std::str::FromStr; use std::rc::Rc; -use base64::{Engine, engine::general_purpose::STANDARD_NO_PAD}; +use std::str::FromStr; #[repr(u8)] -#[derive(EnumStringU8)] -#[derive(Clone, Copy, PartialEq, Eq, FromPrimitive, Debug)] +#[derive(EnumStringU8, Clone, Copy, PartialEq, Eq, FromPrimitive, Debug)] // parse GOAWAY, not GO_AWAY #[suricata(enum_string_style = "UPPERCASE")] pub enum HTTP2FrameType { @@ -80,8 +79,7 @@ pub fn http2_parse_frame_header(i: &[u8]) -> IResult<&[u8], HTTP2FrameHeader> { } #[repr(u32)] -#[derive(EnumStringU32)] -#[derive(Clone, Copy, PartialEq, Eq, FromPrimitive, Debug)] +#[derive(EnumStringU32, Clone, Copy, PartialEq, Eq, FromPrimitive, Debug)] #[suricata(enum_string_style = "LOG_UPPERCASE")] pub enum HTTP2ErrorCode { NoError = 0, @@ -342,7 +340,11 @@ fn http2_parse_headers_block_literal_common<'a>( ) -> IResult<&'a [u8], HTTP2FrameHeaderBlock> { let (i3, name, error) = if index == 0 { match http2_parse_headers_block_string(input) { - Ok((r, n)) => Ok((r, Rc::new(n), HTTP2HeaderDecodeStatus::HTTP2HeaderDecodeSuccess)), + Ok((r, n)) => Ok(( + r, + Rc::new(n), + HTTP2HeaderDecodeStatus::HTTP2HeaderDecodeSuccess, + )), Err(e) => Err(e), } } else { @@ -648,7 +650,7 @@ pub enum HTTP2SettingsId { MaxFrameSize = 5, MaxHeaderListSize = 6, EnableConnectProtocol = 8, // rfc8441 - NoRfc7540Priorities = 9, // rfc9218 + NoRfc7540Priorities = 9, // rfc9218 } impl fmt::Display for HTTP2SettingsId { @@ -683,15 +685,18 @@ pub struct DetectHTTP2settingsSigCtx { } pub fn http2_parse_settingsctx(i: &str) -> nom8::IResult<&str, DetectHTTP2settingsSigCtx> { - use nom8::Parser; - use nom8::bytes::complete::{is_a as is_a8, is_not as is_not8}; - use nom8::combinator::{complete as complete8, map_opt as map_opt8, opt as opt8, rest as rest8}; use nom8::branch::alt as alt8; + use nom8::bytes::complete::{is_a as is_a8, is_not as is_not8}; + use nom8::combinator::{ + complete as complete8, map_opt as map_opt8, opt as opt8, rest as rest8, + }; + use nom8::Parser; let (i, _) = opt8(is_a8(" ")).parse(i)?; let (i, id) = map_opt8(alt8((complete8(is_not8(" <>=")), rest8)), |s: &str| { HTTP2SettingsId::from_str(s).ok() - }).parse(i)?; + }) + .parse(i)?; let (i, value) = opt8(complete8(detect_parse_uint)).parse(i)?; Ok((i, DetectHTTP2settingsSigCtx { id, value })) } @@ -831,7 +836,10 @@ mod tests { Ok((remainder, hd)) => { // Check the first message. assert_eq!(hd.name, ":path".as_bytes().to_vec().into()); - assert_eq!(hd.value, "/doc/manual/html/index.html".as_bytes().to_vec().into()); + assert_eq!( + hd.value, + "/doc/manual/html/index.html".as_bytes().to_vec().into() + ); // And we should have no bytes left. assert_eq!(remainder.len(), 0); assert_eq!(dynh.table.len(), 2);