Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 21:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix a bug in the SOCKS analyzer.

Browse source
This commit is contained in:
Seth Hall 2012-06-20 14:20:06 -04:00
parent a60153060d
commit 886cc7368f
1 changed files with 13 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/socks-analyzer.pac
View file

@ -22,9 +22,11 @@ refine connection SOCKS_Conn += {
function socks4_request(request: SOCKS4_Request): bool function socks4_request(request: SOCKS4_Request): bool
%{ %{
StringVal *dstname; StringVal *dstname = 0;
if ( ${request.v4a} ) if ( ${request.v4a} )
dstname = array_to_string(${request.name}); dstname = array_to_string(${request.name});
else
dstname = new StringVal("");
BifEvent::generate_socks_request(bro_analyzer(), BifEvent::generate_socks_request(bro_analyzer(),
bro_analyzer()->Conn(), bro_analyzer()->Conn(),
@ -77,6 +79,11 @@ refine connection SOCKS_Conn += {
break; break;
} }
if ( ! ip_addr )
ip_addr = new AddrVal(uint32(0));
if ( ! domain_name )
domain_name = new StringVal("");
BifEvent::generate_socks_request(bro_analyzer(), BifEvent::generate_socks_request(bro_analyzer(),
bro_analyzer()->Conn(), bro_analyzer()->Conn(),
5, 5,
@ -113,6 +120,11 @@ refine connection SOCKS_Conn += {
break; break;
} }
if ( ! ip_addr )
ip_addr = new AddrVal(uint32(0));
if ( ! domain_name )
domain_name = new StringVal("");
BifEvent::generate_socks_reply(bro_analyzer(), BifEvent::generate_socks_reply(bro_analyzer(),
bro_analyzer()->Conn(), bro_analyzer()->Conn(),
5, 5,