Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 12:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Limit maximum number of DTLS fragments to 30.

Browse source 
Addresses BIT-1359
This commit is contained in:
Johanna Amann 2015-03-30 11:36:01 -07:00
parent d837d4a0be
commit 55ce8310a0
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/analyzer/protocol/ssl/dtls-analyzer.pac
View file

@ -122,9 +122,9 @@ refine connection SSL_Conn += {
if ( i->message_last_sequence != 0 && i->first_sequence_seen ) if ( i->message_last_sequence != 0 && i->first_sequence_seen )
{ {
uint64 total_length = i->message_last_sequence - i->message_first_sequence; uint64 total_length = i->message_last_sequence - i->message_first_sequence;
if ( total_length > 32 ) if ( total_length > 30 )
{ {
bro_analyzer()->ProtocolViolation(fmt("DTLS Message fragmented over more than 32 pieces. Cannot reassemble.")); bro_analyzer()->ProtocolViolation(fmt("DTLS Message fragmented over more than 30 pieces. Cannot reassemble."));
return true; return true;
} }