Merge remote-tracking branch 'origin/topic/johanna/bit-1463'

* origin/topic/johanna/bit-1463: Refactor oob tests using different approach. Add a number of out_of_bound checks to Packet.cc BIT-1463 #merged
2025-10-13 20:18:20 +00:00 · 2015-08-31 14:35:49 -07:00 · 2015-08-31 14:35:49 -07:00 · 0494a6d882
commit 0494a6d882
parent 710409507c 8763e1a485
4 changed files with 64 additions and 16 deletions
--- a/testing/btest/Baseline/core.truncation/output
+++ b/testing/btest/Baseline/core.truncation/output
@ -3,38 +3,48 @@
 #empty_field	(empty)
 #unset_field	-
 #path	weird
-#open	2012-04-11-16-01-35
+#open	2015-08-31-21-35-27
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
 #types	time	string	addr	port	addr	port	string	string	bool	string
 1334160095.895421	-	-	-	-	-	truncated_IP	-	F	bro
-#close	2012-04-11-16-01-35
+#close	2015-08-31-21-35-27
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	weird
-#open	2012-04-11-14-57-21
+#open	2015-08-31-21-35-27
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
 #types	time	string	addr	port	addr	port	string	string	bool	string
 1334156241.519125	-	-	-	-	-	truncated_IP	-	F	bro
-#close	2012-04-11-14-57-21
+#close	2015-08-31-21-35-27
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	weird
-#open	2012-04-10-21-50-48
+#open	2015-08-31-21-35-28
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
 #types	time	string	addr	port	addr	port	string	string	bool	string
 1334094648.590126	-	-	-	-	-	truncated_IP	-	F	bro
-#close	2012-04-10-21-50-48
+#close	2015-08-31-21-35-28
 #separator \x09
 #set_separator	,
 #empty_field	(empty)
 #unset_field	-
 #path	weird
-#open	2012-05-29-22-02-34
+#open	2015-08-31-21-35-30
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
 #types	time	string	addr	port	addr	port	string	string	bool	string
 1338328954.078361	-	-	-	-	-	internally_truncated_header	-	F	bro
-#close	2012-05-29-22-02-34
+#close	2015-08-31-21-35-30
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	weird
+#open	2015-08-31-21-35-30
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
+#types	time	string	addr	port	addr	port	string	string	bool	string
+0.000000	-	-	-	-	-	truncated_link_header	-	F	bro
+#close	2015-08-31-21-35-30
--- a/testing/btest/Traces/trunc/trunc-hdr.pcap
+++ b/testing/btest/Traces/trunc/trunc-hdr.pcap
--- a/testing/btest/core/truncation.test
+++ b/testing/btest/core/truncation.test
@ -19,4 +19,10 @@

 # @TEST-EXEC: bro -r $TRACES/trunc/icmp-header-trunc.pcap
 # @TEST-EXEC: cat weird.log >> output
+
+# Truncated packets where the captured length is less than the length required
+# for the packet header should also raise a Weird
+# @TEST-EXEC: bro -r $TRACES/trunc/trunc-hdr.pcap
+# @TEST-EXEC: cat weird.log >> output
+
 # @TEST-EXEC: btest-diff output