diff --git a/NEWS b/NEWS index 48bd49b5aa..8974a62adc 100644 --- a/NEWS +++ b/NEWS @@ -113,6 +113,8 @@ Deprecated Functionality - ``BifEvent::generate_`` functions are deprecated, use ``BifEvent::enqueue_``. +- ``binpac::bytestring_to_val()`` is deprecated, use ``binpac::to_stringval()``. + Zeek 3.1.0 ========== diff --git a/src/analyzer/protocol/dhcp/dhcp-options.pac b/src/analyzer/protocol/dhcp/dhcp-options.pac index 20e5cc6b68..848aa05868 100644 --- a/src/analyzer/protocol/dhcp/dhcp-options.pac +++ b/src/analyzer/protocol/dhcp/dhcp-options.pac @@ -752,7 +752,7 @@ refine flow DHCP_Flow += { { auto r = new RecordVal(BifType::Record::DHCP::SubOpt); r->Assign(0, val_mgr->Count((*ptrsubopt)->code())); - r->Assign(1, bytestring_to_val((*ptrsubopt)->value())); + r->Assign(1, to_stringval((*ptrsubopt)->value())); relay_agent_sub_opt->Assign(i, r); ++i; diff --git a/src/analyzer/protocol/krb/krb-analyzer.pac b/src/analyzer/protocol/krb/krb-analyzer.pac index b43f4b3e6c..b45dea41b4 100644 --- a/src/analyzer/protocol/krb/krb-analyzer.pac +++ b/src/analyzer/protocol/krb/krb-analyzer.pac @@ -49,7 +49,7 @@ RecordVal* proc_krb_kdc_req_arguments(KRB_KDC_REQ* msg, const BroAnalyzer bro_an rv->Assign(4, GetStringFromPrincipalName(element->data()->principal())); break; case 2: - rv->Assign(5, bytestring_to_val(element->data()->realm()->encoding()->content())); + rv->Assign(5, to_stringval(element->data()->realm()->encoding()->content())); break; case 3: rv->Assign(6, GetStringFromPrincipalName(element->data()->sname())); @@ -139,19 +139,19 @@ bool proc_error_arguments(RecordVal* rv, const std::vector* args break; // ctime/stime handled above case 7: - rv->Assign(5, bytestring_to_val((*args)[i]->args()->crealm()->encoding()->content())); + rv->Assign(5, to_stringval((*args)[i]->args()->crealm()->encoding()->content())); break; case 8: rv->Assign(6, GetStringFromPrincipalName((*args)[i]->args()->cname())); break; case 9: - rv->Assign(7, bytestring_to_val((*args)[i]->args()->realm()->encoding()->content())); + rv->Assign(7, to_stringval((*args)[i]->args()->realm()->encoding()->content())); break; case 10: rv->Assign(8, GetStringFromPrincipalName((*args)[i]->args()->sname())); break; case 11: - rv->Assign(9, bytestring_to_val((*args)[i]->args()->e_text()->encoding()->content())); + rv->Assign(9, to_stringval((*args)[i]->args()->e_text()->encoding()->content())); break; case 12: if ( error_code == KDC_ERR_PREAUTH_REQUIRED ) @@ -211,7 +211,7 @@ refine connection KRB_Conn += { if ( ${msg.padata.has_padata} ) rv->Assign(2, proc_padata(${msg.padata.padata.padata}, bro_analyzer(), false)); - rv->Assign(3, bytestring_to_val(${msg.client_realm.encoding.content})); + rv->Assign(3, to_stringval(${msg.client_realm.encoding.content})); rv->Assign(4, GetStringFromPrincipalName(${msg.client_name})); rv->Assign(5, proc_ticket(${msg.ticket})); @@ -322,7 +322,7 @@ refine connection KRB_Conn += { switch ( ${msg.safe_body.args[i].seq_meta.index} ) { case 0: - rv->Assign(3, bytestring_to_val(${msg.safe_body.args[i].args.user_data.encoding.content})); + rv->Assign(3, to_stringval(${msg.safe_body.args[i].args.user_data.encoding.content})); break; case 3: rv->Assign(5, asn1_integer_to_val(${msg.safe_body.args[i].args.seq_number}, TYPE_COUNT)); diff --git a/src/analyzer/protocol/krb/krb-asn1.pac b/src/analyzer/protocol/krb/krb-asn1.pac index 419dfe3750..eda10d7c19 100644 --- a/src/analyzer/protocol/krb/krb-asn1.pac +++ b/src/analyzer/protocol/krb/krb-asn1.pac @@ -2,21 +2,20 @@ %include ../asn1/asn1.pac %header{ - Val* GetTimeFromAsn1(const KRB_Time* atime, int64 usecs); - Val* GetTimeFromAsn1(StringVal* atime, int64 usecs); + IntrusivePtr GetTimeFromAsn1(const KRB_Time* atime, int64 usecs); + IntrusivePtr GetTimeFromAsn1(StringVal* atime, int64 usecs); %} %code{ -Val* GetTimeFromAsn1(const KRB_Time* atime, int64 usecs) +IntrusivePtr GetTimeFromAsn1(const KRB_Time* atime, int64 usecs) { - StringVal* atime_bytestring = bytestring_to_val(atime->time()); - Val* result = GetTimeFromAsn1(atime_bytestring, usecs); - Unref(atime_bytestring); + auto atime_bytestring = to_stringval(atime->time()); + auto result = GetTimeFromAsn1(atime_bytestring.get(), usecs); return result; } -Val* GetTimeFromAsn1(StringVal* atime, int64 usecs) +IntrusivePtr GetTimeFromAsn1(StringVal* atime, int64 usecs) { time_t lResult = 0; @@ -27,7 +26,7 @@ Val* GetTimeFromAsn1(StringVal* atime, int64 usecs) char * pString = (char *) atime->Bytes(); if ( lTimeLength != 15 && lTimeLength != 17 ) - return 0; + return nullptr; if (lTimeLength == 17 ) pString = pString + 2; @@ -52,7 +51,7 @@ Val* GetTimeFromAsn1(StringVal* atime, int64 usecs) if ( !lResult ) lResult = 0; - return new Val(double(lResult + double(usecs/100000.0)), TYPE_TIME); + return make_intrusive(double(lResult + double(usecs/100000.0)), TYPE_TIME); } %} diff --git a/src/analyzer/protocol/krb/krb-padata.pac b/src/analyzer/protocol/krb/krb-padata.pac index d7c98ef0a2..35e99ff4d9 100644 --- a/src/analyzer/protocol/krb/krb-padata.pac +++ b/src/analyzer/protocol/krb/krb-padata.pac @@ -38,7 +38,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a { RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value); type_val->Assign(0, val_mgr->Count(element->data_type())); - type_val->Assign(1, bytestring_to_val(element->pa_data_element()->pa_pw_salt()->encoding()->content())); + type_val->Assign(1, to_stringval(element->pa_data_element()->pa_pw_salt()->encoding()->content())); vv->Assign(vv->Size(), type_val); break; } @@ -46,7 +46,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a { RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value); type_val->Assign(0, val_mgr->Count(element->data_type())); - type_val->Assign(1, bytestring_to_val(element->pa_data_element()->pf_enctype_info()->salt())); + type_val->Assign(1, to_stringval(element->pa_data_element()->pf_enctype_info()->salt())); vv->Assign(vv->Size(), type_val); break; } @@ -54,7 +54,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a { RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value); type_val->Assign(0, val_mgr->Count(element->data_type())); - type_val->Assign(1, bytestring_to_val(element->pa_data_element()->pf_enctype_info2()->salt())); + type_val->Assign(1, to_stringval(element->pa_data_element()->pf_enctype_info2()->salt())); vv->Assign(vv->Size(), type_val); break; } @@ -112,7 +112,7 @@ VectorVal* proc_padata(const KRB_PA_Data_Sequence* data, const BroAnalyzer bro_a { RecordVal * type_val = new RecordVal(BifType::Record::KRB::Type_Value); type_val->Assign(0, val_mgr->Count(element->data_type())); - type_val->Assign(1, bytestring_to_val(element->pa_data_element()->unknown()->content())); + type_val->Assign(1, to_stringval(element->pa_data_element()->unknown()->content())); vv->Assign(vv->Size(), type_val); } break; diff --git a/src/analyzer/protocol/krb/krb-types.pac b/src/analyzer/protocol/krb/krb-types.pac index 6740462f2e..8a70075785 100644 --- a/src/analyzer/protocol/krb/krb-types.pac +++ b/src/analyzer/protocol/krb/krb-types.pac @@ -1,7 +1,7 @@ # Fundamental KRB types %header{ -Val* GetStringFromPrincipalName(const KRB_Principal_Name* pname); +IntrusivePtr GetStringFromPrincipalName(const KRB_Principal_Name* pname); VectorVal* proc_cipher_list(const Array* list); @@ -13,16 +13,16 @@ IntrusivePtr proc_ticket(const KRB_Ticket* ticket); %} %code{ -Val* GetStringFromPrincipalName(const KRB_Principal_Name* pname) +IntrusivePtr GetStringFromPrincipalName(const KRB_Principal_Name* pname) { if ( pname->data()->size() == 1 ) - return bytestring_to_val(pname->data()[0][0]->encoding()->content()); + return to_stringval(pname->data()[0][0]->encoding()->content()); if ( pname->data()->size() == 2 ) - return new StringVal(fmt("%s/%s", (char *) pname->data()[0][0]->encoding()->content().begin(), (char *)pname->data()[0][1]->encoding()->content().begin())); + return make_intrusive(fmt("%s/%s", (char *) pname->data()[0][0]->encoding()->content().begin(), (char *)pname->data()[0][1]->encoding()->content().begin())); if ( pname->data()->size() == 3 ) // if the name-string has a third value, this will just append it, else this will return unknown as the principal name - return new StringVal(fmt("%s/%s/%s", (char *) pname->data()[0][0]->encoding()->content().begin(), (char *)pname->data()[0][1]->encoding()->content().begin(), (char *)pname->data()[0][2]->encoding()->content().begin())); + return make_intrusive(fmt("%s/%s/%s", (char *) pname->data()[0][0]->encoding()->content().begin(), (char *)pname->data()[0][1]->encoding()->content().begin(), (char *)pname->data()[0][2]->encoding()->content().begin())); - return new StringVal("unknown"); + return make_intrusive("unknown"); } VectorVal* proc_cipher_list(const Array* list) @@ -78,7 +78,7 @@ RecordVal* proc_host_address(const BroAnalyzer a, const KRB_Host_Address* addr) } case 20: { - rv->Assign(1, bytestring_to_val(addr_bytes)); + rv->Assign(1, to_stringval(addr_bytes)); return rv; } default: @@ -87,7 +87,7 @@ RecordVal* proc_host_address(const BroAnalyzer a, const KRB_Host_Address* addr) RecordVal* unk = new RecordVal(BifType::Record::KRB::Type_Value); unk->Assign(0, asn1_integer_to_val(addr->addr_type(), TYPE_COUNT)); - unk->Assign(1, bytestring_to_val(addr_bytes)); + unk->Assign(1, to_stringval(addr_bytes)); rv->Assign(2, unk); return rv; } @@ -110,10 +110,10 @@ IntrusivePtr proc_ticket(const KRB_Ticket* ticket) auto rv = make_intrusive(BifType::Record::KRB::Ticket); rv->Assign(0, asn1_integer_to_val(ticket->tkt_vno()->data(), TYPE_COUNT)); - rv->Assign(1, bytestring_to_val(ticket->realm()->data()->content())); + rv->Assign(1, to_stringval(ticket->realm()->data()->content())); rv->Assign(2, GetStringFromPrincipalName(ticket->sname())); rv->Assign(3, asn1_integer_to_val(ticket->enc_part()->data()->etype()->data(), TYPE_COUNT)); - rv->Assign(4, bytestring_to_val(ticket->enc_part()->data()->ciphertext()->encoding()->content())); + rv->Assign(4, to_stringval(ticket->enc_part()->data()->ciphertext()->encoding()->content())); return rv; } diff --git a/src/analyzer/protocol/ntlm/ntlm-analyzer.pac b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac index 7a5697cc05..a8cc0f8f02 100644 --- a/src/analyzer/protocol/ntlm/ntlm-analyzer.pac +++ b/src/analyzer/protocol/ntlm/ntlm-analyzer.pac @@ -171,7 +171,7 @@ refine connection NTLM_Conn += { result->Assign(3, utf16_bytestring_to_utf8_val(bro_analyzer()->Conn(), ${val.workstation.string.data})); if ( ${val}->has_encrypted_session_key() > 0 ) - result->Assign(4, bytestring_to_val(${val.encrypted_session_key.string.data})); + result->Assign(4, to_stringval(${val.encrypted_session_key.string.data})); if ( ${val}->has_version() ) result->Assign(5, build_version_record(${val.version})); diff --git a/src/analyzer/protocol/ntp/ntp-analyzer.pac b/src/analyzer/protocol/ntp/ntp-analyzer.pac index ee6eb16a32..afac5ce304 100644 --- a/src/analyzer/protocol/ntp/ntp-analyzer.pac +++ b/src/analyzer/protocol/ntp/ntp-analyzer.pac @@ -46,11 +46,11 @@ refine flow NTP_Flow += { switch ( ${nsm.stratum} ) { case 0: // unknown stratum => kiss code - rv->Assign(5, bytestring_to_val(${nsm.reference_id})); + rv->Assign(5, to_stringval(${nsm.reference_id})); break; case 1: // reference clock => ref clock string - rv->Assign(6, bytestring_to_val(${nsm.reference_id})); + rv->Assign(6, to_stringval(${nsm.reference_id})); break; default: { @@ -68,12 +68,12 @@ refine flow NTP_Flow += { if ( ${nsm.mac_len} == 20 ) { rv->Assign(12, val_mgr->Count(${nsm.mac.key_id})); - rv->Assign(13, bytestring_to_val(${nsm.mac.digest})); + rv->Assign(13, to_stringval(${nsm.mac.digest})); } else if ( ${nsm.mac_len} == 24 ) { rv->Assign(12, val_mgr->Count(${nsm.mac_ext.key_id})); - rv->Assign(13, bytestring_to_val(${nsm.mac_ext.digest})); + rv->Assign(13, to_stringval(${nsm.mac_ext.digest})); } if ( ${nsm.has_exts} ) @@ -99,12 +99,12 @@ refine flow NTP_Flow += { rv->Assign(6, val_mgr->Count(${ncm.association_id})); if ( ${ncm.c} > 0 ) - rv->Assign(7, bytestring_to_val(${ncm.data})); + rv->Assign(7, to_stringval(${ncm.data})); if ( ${ncm.has_control_mac} ) { rv->Assign(8, val_mgr->Count(${ncm.mac.key_id})); - rv->Assign(9, bytestring_to_val(${ncm.mac.crypto_checksum})); + rv->Assign(9, to_stringval(${ncm.mac.crypto_checksum})); } return rv; @@ -122,7 +122,7 @@ refine flow NTP_Flow += { rv->Assign(4, val_mgr->Count(${m7.error_code})); if ( ${m7.data_len} > 0 ) - rv->Assign(5, bytestring_to_val(${m7.data})); + rv->Assign(5, to_stringval(${m7.data})); return rv; %} diff --git a/src/analyzer/protocol/radius/radius-analyzer.pac b/src/analyzer/protocol/radius/radius-analyzer.pac index 59a623b6bb..713e249e4e 100644 --- a/src/analyzer/protocol/radius/radius-analyzer.pac +++ b/src/analyzer/protocol/radius/radius-analyzer.pac @@ -10,7 +10,7 @@ refine flow RADIUS_Flow += { auto result = make_intrusive(BifType::Record::RADIUS::Message); result->Assign(0, val_mgr->Count(${msg.code})); result->Assign(1, val_mgr->Count(${msg.trans_id})); - result->Assign(2, bytestring_to_val(${msg.authenticator})); + result->Assign(2, to_stringval(${msg.authenticator})); if ( ${msg.attributes}->size() ) { @@ -22,18 +22,18 @@ refine flow RADIUS_Flow += { // Do we already have a vector of attributes for this type? auto current = attributes->Lookup(index.get()); - Val* val = bytestring_to_val(${msg.attributes[i].value}); + IntrusivePtr val = to_stringval(${msg.attributes[i].value}); if ( current ) { VectorVal* vcurrent = current->AsVectorVal(); - vcurrent->Assign(vcurrent->Size(), val); + vcurrent->Assign(vcurrent->Size(), std::move(val)); } else { VectorVal* attribute_list = new VectorVal(BifType::Vector::RADIUS::AttributeList); - attribute_list->Assign((unsigned int)0, val); + attribute_list->Assign((unsigned int)0, std::move(val)); attributes->Assign(index.get(), attribute_list); } } diff --git a/src/analyzer/protocol/sip/sip-analyzer.pac b/src/analyzer/protocol/sip/sip-analyzer.pac index 93d604f8a5..37e036739d 100644 --- a/src/analyzer/protocol/sip/sip-analyzer.pac +++ b/src/analyzer/protocol/sip/sip-analyzer.pac @@ -116,7 +116,7 @@ refine flow SIP_Flow += { } header_record->Assign(0, name_val); - header_record->Assign(1, bytestring_to_val(value)); + header_record->Assign(1, to_stringval(value)); return header_record; %} diff --git a/src/analyzer/protocol/smb/smb1-com-negotiate.pac b/src/analyzer/protocol/smb/smb1-com-negotiate.pac index 91a27b531e..62842b33c3 100644 --- a/src/analyzer/protocol/smb/smb1-com-negotiate.pac +++ b/src/analyzer/protocol/smb/smb1-com-negotiate.pac @@ -73,7 +73,7 @@ refine connection SMB_Conn += { lanman->Assign(6, raw); lanman->Assign(7, val_mgr->Count(${val.lanman.session_key})); lanman->Assign(8, time_from_lanman(${val.lanman.server_time}, ${val.lanman.server_date}, ${val.lanman.server_tz})); - lanman->Assign(9, bytestring_to_val(${val.lanman.encryption_key})); + lanman->Assign(9, to_stringval(${val.lanman.encryption_key})); lanman->Assign(10, smb_string2stringval(${val.lanman.primary_domain})); @@ -125,12 +125,12 @@ refine connection SMB_Conn += { if ( ${val.ntlm.capabilities_extended_security} == false ) { - ntlm->Assign(10, bytestring_to_val(${val.ntlm.encryption_key})); + ntlm->Assign(10, to_stringval(${val.ntlm.encryption_key})); ntlm->Assign(11, smb_string2stringval(${val.ntlm.domain_name})); } else { - ntlm->Assign(12, bytestring_to_val(${val.ntlm.server_guid})); + ntlm->Assign(12, to_stringval(${val.ntlm.server_guid})); } response->Assign(2, ntlm); diff --git a/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac index a57dcdacb3..d2eadde58a 100644 --- a/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac +++ b/src/analyzer/protocol/smb/smb1-com-session-setup-andx.pac @@ -26,7 +26,7 @@ refine connection SMB_Conn += { request->Assign(5, smb_string2stringval(${val.lanman.native_os})); request->Assign(6, smb_string2stringval(${val.lanman.native_lanman})); request->Assign(7, smb_string2stringval(${val.lanman.account_name})); - request->Assign(8, bytestring_to_val(${val.lanman.account_password})); + request->Assign(8, to_stringval(${val.lanman.account_password})); request->Assign(9, smb_string2stringval(${val.lanman.primary_domain})); break; @@ -69,8 +69,8 @@ refine connection SMB_Conn += { request->Assign(7, smb_string2stringval(${val.ntlm_nonextended_security.account_name})); request->Assign(9, smb_string2stringval(${val.ntlm_nonextended_security.primary_domain})); - request->Assign(10, bytestring_to_val(${val.ntlm_nonextended_security.case_insensitive_password})); - request->Assign(11, bytestring_to_val(${val.ntlm_nonextended_security.case_sensitive_password})); + request->Assign(10, to_stringval(${val.ntlm_nonextended_security.case_insensitive_password})); + request->Assign(11, to_stringval(${val.ntlm_nonextended_security.case_sensitive_password})); request->Assign(13, capabilities); break; } @@ -103,7 +103,7 @@ refine connection SMB_Conn += { response->Assign(2, smb_string2stringval(${val.ntlm.native_os})); response->Assign(3, smb_string2stringval(${val.ntlm.native_lanman})); //response->Assign(4, smb_string2stringval(${val.ntlm.primary_domain})); - //response->Assign(5, bytestring_to_val(${val.ntlm.security_blob})); + //response->Assign(5, to_stringval(${val.ntlm.security_blob})); break; default: // Error! break; diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac index f3b6c786f0..c227203c6a 100644 --- a/src/analyzer/protocol/smb/smb1-com-transaction.pac +++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac @@ -9,11 +9,11 @@ enum Trans_subcommands { { switch ( payload->trans_type() ) { case SMB_PIPE: - return {AdoptRef{}, bytestring_to_val(payload->pipe_data())}; + return to_stringval(payload->pipe_data()); case SMB_UNKNOWN: - return {AdoptRef{}, bytestring_to_val(payload->unknown())}; + return to_stringval(payload->unknown()); default: - return {AdoptRef{}, bytestring_to_val(payload->data())}; + return to_stringval(payload->data()); } assert(false); diff --git a/src/analyzer/protocol/smb/smb2-com-transform-header.pac b/src/analyzer/protocol/smb/smb2-com-transform-header.pac index c590b87167..2c2da578e6 100644 --- a/src/analyzer/protocol/smb/smb2-com-transform-header.pac +++ b/src/analyzer/protocol/smb/smb2-com-transform-header.pac @@ -4,8 +4,8 @@ refine connection SMB_Conn += { %{ RecordVal* r = new RecordVal(BifType::Record::SMB2::Transform_header); - r->Assign(0, bytestring_to_val(${hdr.signature})); - r->Assign(1, bytestring_to_val(${hdr.nonce})); + r->Assign(0, to_stringval(${hdr.signature})); + r->Assign(1, to_stringval(${hdr.nonce})); r->Assign(2, val_mgr->Count(${hdr.orig_msg_size})); r->Assign(3, val_mgr->Count(${hdr.flags})); r->Assign(4, val_mgr->Count(${hdr.session_id})); diff --git a/src/analyzer/protocol/smb/smb2-protocol.pac b/src/analyzer/protocol/smb/smb2-protocol.pac index 36d26c94dd..00e525ff50 100644 --- a/src/analyzer/protocol/smb/smb2-protocol.pac +++ b/src/analyzer/protocol/smb/smb2-protocol.pac @@ -120,7 +120,7 @@ refine connection SMB_Conn += { ha->Assign(i, val_mgr->Count(${ncv.preauth_integrity_capabilities.hash_alg[i]})); rpreauth->Assign(2, ha); - rpreauth->Assign(3, bytestring_to_val(${ncv.preauth_integrity_capabilities.salt})); + rpreauth->Assign(3, to_stringval(${ncv.preauth_integrity_capabilities.salt})); r->Assign(2, rpreauth); } break; @@ -157,7 +157,7 @@ refine connection SMB_Conn += { case SMB2_NETNAME_NEGOTIATE_CONTEXT_ID: { - r->Assign(5, bytestring_to_val(${ncv.netname_negotiate_context_id.net_name})); + r->Assign(5, to_stringval(${ncv.netname_negotiate_context_id.net_name})); } break; @@ -181,7 +181,7 @@ refine connection SMB_Conn += { r->Assign(6, val_mgr->Count(${hdr.process_id})); r->Assign(7, val_mgr->Count(${hdr.tree_id})); r->Assign(8, val_mgr->Count(${hdr.session_id})); - r->Assign(9, bytestring_to_val(${hdr.signature})); + r->Assign(9, to_stringval(${hdr.signature})); return r; %} diff --git a/src/binpac_bro-lib.pac b/src/binpac_bro-lib.pac index 58559bf827..ed8efff361 100644 --- a/src/binpac_bro-lib.pac +++ b/src/binpac_bro-lib.pac @@ -21,7 +21,7 @@ function utf16_bytestring_to_utf8_val(conn: Connection, utf16: bytestring): Stri { reporter->Info("utf16 too long in utf16_bytestring_to_utf8_val"); // If the conversion didn't go well, return the original data. - return bytestring_to_val(utf16); + return to_stringval(utf16).release(); } resultstring.resize(utf8size, '\0'); @@ -49,7 +49,7 @@ function utf16_bytestring_to_utf8_val(conn: Connection, utf16: bytestring): Stri { reporter->Weird(conn, "utf16_conversion_failed", "utf16 conversion failed in utf16_bytestring_to_utf8_val"); // If the conversion didn't go well, return the original data. - return bytestring_to_val(utf16); + return to_stringval(utf16).release(); } *targetstart = 0; diff --git a/src/binpac_bro.h b/src/binpac_bro.h index 384f1b6656..e921b68742 100644 --- a/src/binpac_bro.h +++ b/src/binpac_bro.h @@ -28,6 +28,7 @@ inline StringVal* string_to_val(string const &str) return new StringVal(str.c_str()); } +[[deprecated("Remove in v4.1. Use binpac::to_stringval() instead.")]] inline StringVal* bytestring_to_val(const_bytestring const &str) { return new StringVal(str.length(), (const char*) str.begin()); diff --git a/src/file_analysis/analyzer/unified2/unified2-analyzer.pac b/src/file_analysis/analyzer/unified2/unified2-analyzer.pac index 39039917ce..b2d46c89ed 100644 --- a/src/file_analysis/analyzer/unified2/unified2-analyzer.pac +++ b/src/file_analysis/analyzer/unified2/unified2-analyzer.pac @@ -129,7 +129,7 @@ refine flow Flow += { packet->Assign(2, val_mgr->Count(${pkt.event_second})); packet->Assign(3, make_intrusive(ts_to_double(${pkt.packet_ts}), TYPE_TIME)); packet->Assign(4, val_mgr->Count(${pkt.link_type})); - packet->Assign(5, bytestring_to_val(${pkt.packet_data})); + packet->Assign(5, to_stringval(${pkt.packet_data})); mgr.Enqueue(::unified2_packet, IntrusivePtr{NewRef{}, connection()->bro_analyzer()->GetFile()->GetVal()},