Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 20:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'ldap-asn1-fixes' of https://github.com/pauldokas/zeek

Browse source 
* 'ldap-asn1-fixes' of https://github.com/pauldokas/zeek:
  performance improvements for the LDAP ASN.1 analyzer

(cherry picked from commit a17923da50)
This commit is contained in:
Arne Welzel 2023-10-17 15:54:34 +02:00 committed by Tim Wojtulewicz
parent a52240b116
commit 5b636e458e
3 changed files with 15 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

6
CHANGES
View file

@ -1,3 +1,9 @@
6.1.0-rc1.1 | 2023-10-17 09:28:05 -0700
* performance improvements for the LDAP ASN.1 analyzer (Paul Dokas, Corelight)
(cherry picked from commit a17923da505efad333db28141b25d835f8c90b54)
6.1.0-rc1 | 2023-10-13 11:25:59 -0700
* Add missing NEWS entries for upcoming 6.1 release, reformat slightly (Tim Wojtulewicz, Corelight)

2
VERSION
View file

@ -1 +1 @@
6.1.0-rc1
6.1.0-rc1.1

15
src/analyzer/protocol/ldap/asn1.spicy
View file

@ -167,28 +167,29 @@ type ASN1ObjectIdentifierNibble = unit {
} &convert=self.data;
type ASN1ObjectIdentifier = unit(len: uint64) {
var oid: vector<uint64>;
var oidbytes: bytes;
var temp: uint64;
var oidstring: string;
: uint8 if ( len >= 1 ) {
self.temp = $$ / 40;
self.oid.push_back( self.temp );
self.oidstring = "%d" % (self.temp);
self.oidbytes += ("%d" % (self.temp)).encode();
self.temp = $$ % 40;
self.oid.push_back( self.temp );
self.oidstring = self.oidstring + ".%d" % (self.temp);
self.oidbytes += (".%d" % (self.temp)).encode();
self.temp = 0;
}
sublist: ASN1ObjectIdentifierNibble[len - 1] foreach {
self.temp = ( self.temp<<7 ) | $$.num;
if ( $$.more != 1 ) {
self.oid.push_back(self.temp);
self.oidstring = self.oidstring + ".%d" % (self.temp);
self.oidbytes += (".%d" % (self.temp)).encode();
self.temp = 0;
}
}
on %done {
self.oidstring = self.oidbytes.decode();
}
};