From 7f96ae196a59d0db3a44e78475dce87e66ed8f1f Mon Sep 17 00:00:00 2001
From: luwenpeng <luwenpeng@geedgenetworks.com>
Date: Wed, 21 Aug 2024 18:40:19 +0800
Subject: [PATCH] bugfix: http_decoder and glimpse_detector use new API get
 packet layer

---
 decoders/glimpse_detector/app_l7_protocol.cpp | 22 ++++++++-----------
 decoders/http/http_decoder_utils.cpp          | 19 ++++++++--------
 2 files changed, 18 insertions(+), 23 deletions(-)

diff --git a/decoders/glimpse_detector/app_l7_protocol.cpp b/decoders/glimpse_detector/app_l7_protocol.cpp
index 5bc1405..4243155 100644
--- a/decoders/glimpse_detector/app_l7_protocol.cpp
+++ b/decoders/glimpse_detector/app_l7_protocol.cpp
@@ -191,20 +191,16 @@ static void get_host_order_port(struct session *sess __unused, unsigned short *s
 	if(pkt && (flow_dir==FLOW_DIRECTION_C2S || flow_dir==FLOW_DIRECTION_S2C))
 	{
 		int layer_cnt=packet_get_layer_count(pkt);
-		struct layer l={};
-		packet_get_layer_by_idx(pkt, layer_cnt-1, &l);
-		switch((int)l.proto)
+		const struct layer *layer = packet_get_layer_by_idx(pkt, layer_cnt - 1);
+		if (layer && layer->proto == LAYER_PROTO_TCP)
 		{
-			case LAYER_PROTO_TCP:
-				*sport = ntohs(l.hdr.tcp->th_sport);
-				*dport = ntohs(l.hdr.tcp->th_dport);
-				break;
-			case LAYER_PROTO_UDP:
-				*sport = ntohs(l.hdr.udp->uh_sport);
-				*dport = ntohs(l.hdr.udp->uh_dport);
-				break;
-			default:
-				break;
+			*sport = ntohs(layer->hdr.tcp->th_sport);
+			*dport = ntohs(layer->hdr.tcp->th_dport);
+		}
+		if (layer && layer->proto == LAYER_PROTO_UDP)
+		{
+			*sport = ntohs(layer->hdr.udp->uh_sport);
+			*dport = ntohs(layer->hdr.udp->uh_dport);
 		}
 		//S2C, swap sport and dport
         if(flow_dir == FLOW_DIRECTION_S2C)
diff --git a/decoders/http/http_decoder_utils.cpp b/decoders/http/http_decoder_utils.cpp
index 181d592..909af13 100644
--- a/decoders/http/http_decoder_utils.cpp
+++ b/decoders/http/http_decoder_utils.cpp
@@ -287,24 +287,23 @@ void httpd_session_get_addr(const struct session *sess, struct httpd_session_add
         return;
     }
 
-    struct layer pkt_layer = {};
-    PACKET_FOREACH_LAYER_REVERSE(raw_pkt, pkt_layer)
+    int count = packet_get_layer_count(raw_pkt);
+    for (int i = count - 1; i >= 0; i--)
     {
-        if (pkt_layer.proto == LAYER_PROTO_TCP)
+        const struct layer *layer = packet_get_layer_by_idx(raw_pkt, i);
+        if (layer->proto == LAYER_PROTO_TCP)
         {
-            httpd_set_tcp_addr(pkt_layer.hdr.tcp, addr, fdir);
+            httpd_set_tcp_addr(layer->hdr.tcp, addr, fdir);
         }
-        else if (pkt_layer.proto == LAYER_PROTO_IPV4)
+        else if (layer->proto == LAYER_PROTO_IPV4)
         {
-            httpd_set_ipv4_addr(pkt_layer.hdr.ip4, addr, fdir);
+            httpd_set_ipv4_addr(layer->hdr.ip4, addr, fdir);
             break;
         }
-        else if (pkt_layer.proto == LAYER_PROTO_IPV6)
+        else if (layer->proto == LAYER_PROTO_IPV6)
         {
-            httpd_set_ipv6_addr(pkt_layer.hdr.ip6, addr, fdir);
+            httpd_set_ipv6_addr(layer->hdr.ip6, addr, fdir);
             break;
         }
     }
-
-    return;
 }
\ No newline at end of file