Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Bugfix for log writer.

Browse source 
It didn't escape binary stuff in some situations.

Closes #585.
This commit is contained in:
Robin Sommer 2011-09-11 20:36:58 -07:00
parent 5e1ec1c50e
commit 83783c5ca7
10 changed files with 29 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

2
aux/binpac

@ -1 +1 @@
Subproject commit 032b4e0f028a08257be0c703b27a7559e57bd40a Subproject commit a3a9410dedc842f6bb9859642f334ed354633b57

2
aux/bro-aux

@ -1 +1 @@
Subproject commit 04d149a194e06ed5410ea3af924ff48b9129cd3b Subproject commit d68b98bb995a105b257f805ec4ff22c4929c7476

2
aux/broccoli

@ -1 +1 @@
Subproject commit 89620cc8e500855fb763281000cbe2a24290a829 Subproject commit 03e6d398edf422140ba9f50e6fabbec33ee2f3cb

2
aux/broctl

@ -1 +1 @@
Subproject commit c7499ee54f50bca65606dc3edc1aff132d93af80 Subproject commit ad8dfaba0c0c784060aa6f0c5e1fcf62244b1a51

28
src/Desc.cc
View file

@ -232,35 +232,39 @@ static const char* find_first_unprintable(ODesc* d, const char* bytes, unsigned
void ODesc::AddBytes(const void* bytes, unsigned int n) void ODesc::AddBytes(const void* bytes, unsigned int n)
{ {
if ( ! escape )
{
AddBytesRaw(bytes, n);
return;
}
const char* s = (const char*) bytes; const char* s = (const char*) bytes;
const char* e = (const char*) bytes + n; const char* e = (const char*) bytes + n;
while ( s < e ) while ( s < e )
{ {
const char* t1 = escape ? (const char*) memchr(s, escape[0], e - s) : e; const char* t1 = (const char*) memchr(s, escape[0], e - s);
const char* t2 = find_first_unprintable(this, s, t1 ? e - t1 : e - s);
if ( t2 && (t2 < t1 || ! t1) ) if ( ! t1 )
t1 = e;
const char* t2 = find_first_unprintable(this, s, t1 - s);
if ( t2 && t2 < t1 )
{ {
AddBytesRaw(s, t2 - s); AddBytesRaw(s, t2 - s);
char hex[6] = "\\x00"; char hex[6] = "\\x00";
hex[2] = hex_chars[((*t2) & 0xf0) >> 4]; hex[2] = hex_chars[((*t2) & 0xf0) >> 4];
hex[3] = hex_chars[(*t2) & 0x0f]; hex[3] = hex_chars[(*t2) & 0x0f];
AddBytesRaw(hex, sizeof(hex)); AddBytesRaw(hex, 4);
s = t2 + 1; s = t2 + 1;
continue; continue;
} }
if ( ! escape )
break;
if ( ! t1 )
break;
if ( memcmp(t1, escape, escape_len) != 0 ) if ( memcmp(t1, escape, escape_len) != 0 )
break; break;
AddBytesRaw(s, t1 - s); AddBytesRaw(s, t1 - s);
@ -269,7 +273,7 @@ void ODesc::AddBytes(const void* bytes, unsigned int n)
char hex[5] = "\\x00"; char hex[5] = "\\x00";
hex[2] = hex_chars[((*t1) & 0xf0) >> 4]; hex[2] = hex_chars[((*t1) & 0xf0) >> 4];
hex[3] = hex_chars[(*t1) & 0x0f]; hex[3] = hex_chars[(*t1) & 0x0f];
AddBytesRaw(hex, sizeof(hex)); AddBytesRaw(hex, 4);
++t1; ++t1;
} }

BIN
testing/btest/Baseline/scripts.base.frameworks.logging.ascii-binary/ssh.log
View file

Binary file not shown.

5
testing/btest/Baseline/scripts.base.frameworks.logging.ascii-escape-odd-url/http.log Normal file
View file

@ -0,0 +1,5 @@
#separator \x09
#path http
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p method host uri referrer user_agent request_content_length response_content_length status_code status_msg filename tags username password proxied mime_type md5 extraction_file
#types time string addr port addr port string string string string string count count count string string table string string table string string file
1315799856.264750 UWkUyAuUGXf 10.0.1.104 64216 193.40.5.162 80 GET lepo.it.da.ut.ee /~cect/teoreetilised seminarid_2010/arheoloogia_uurimisr\xfchma_seminar/Joyce et al - The Languages of Archaeology ~ Dialogue, Narrative and Writing.pdf - Wget/1.12 (darwin10.8.0) - 346 404 Not Found - - - - - text/html - -

BIN
testing/btest/Baseline/scripts.base.frameworks.logging.types/ssh.log
View file

Binary file not shown.

BIN
testing/btest/Traces/www-odd-url.trace Normal file
View file

Binary file not shown.

4
testing/btest/scripts/base/frameworks/logging/ascii-escape-odd-url.bro Normal file
View file

@ -0,0 +1,4 @@
#
# @TEST-EXEC: bro -C -r $TRACES/www-odd-url.trace
# @TEST-EXEC: btest-diff http.log