Fix incorrect data delivery skips after gap in HTTP Content-Range.

The logic for determining whether a gap was entirely within a MIME entity body was not asking the current entity, which may be better able to answer that question if it was using the Content-Range header and thus knows if the gap exceeds the length of the body that's still expected. Addresses BIT-1247
2025-10-10 18:48:20 +00:00 · 2014-09-11 14:53:47 -05:00 · 2014-09-11 14:53:47 -05:00 · af9d31dcc1
commit af9d31dcc1
parent 1e02d5d5b5
3 changed files with 29 additions and 3 deletions
--- a/testing/btest/scripts/base/protocols/http/content-range-gap-skip.bro
+++ b/testing/btest/scripts/base/protocols/http/content-range-gap-skip.bro
@ -0,0 +1,26 @@
+# @TEST-EXEC: bro -r $TRACES/http/content-range-gap-skip.trace %INPUT
+
+# In this trace, we should be able to determine that a gap lies
+# entirely within the body of an entity that specifies Content-Range,
+# and so further deliveries after the gap can still be made.
+
+global got_gap = F;
+global got_data_after_gap = F;
+
+event http_entity_data(c: connection, is_orig: bool, length: count,
+                       data: string)
+	{
+	if ( got_gap )
+		got_data_after_gap = T;
+	}
+
+event content_gap(c: connection, is_orig: bool, seq: count, length: count)
+	{
+	got_gap = T;
+	}
+
+event bro_done()
+	{
+	if ( ! got_data_after_gap )
+		exit(1);
+	}