Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 02:28:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Improve packet analyzer API.

Browse source
This commit is contained in:
Jan Grashoefer 2020-08-31 17:13:22 +02:00 committed by Tim Wojtulewicz
parent d5ca0f9da5
commit 90eb97876f
40 changed files with 138 additions and 136 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/packet_analysis/protocol/ip/IP.cc
View file

@ -10,10 +10,11 @@ IPAnalyzer::IPAnalyzer()
{
}
zeek::packet_analysis::AnalyzerResult IPAnalyzer::Analyze(Packet* packet, const uint8_t*& data)
zeek::packet_analysis::AnalyzerResult IPAnalyzer::AnalyzePacket(size_t len,
const uint8_t* data, Packet* packet)
{
// Assume we're pointing at IP. Just figure out which version.
if ( data + sizeof(struct ip) >= packet->GetEndOfData() )
if ( sizeof(struct ip) >= len )
{
packet->Weird("packet_analyzer_truncated_header");
return AnalyzerResult::Failed;
@ -23,7 +24,6 @@ zeek::packet_analysis::AnalyzerResult IPAnalyzer::Analyze(Packet* packet, const
uint32_t protocol = ip->ip_v;
auto inner_analyzer = Lookup(protocol);
if ( inner_analyzer == nullptr )
{
DBG_LOG(DBG_PACKET_ANALYSIS, "Analysis in %s failed, could not find analyzer for identifier %#x.",
@ -34,5 +34,5 @@ zeek::packet_analysis::AnalyzerResult IPAnalyzer::Analyze(Packet* packet, const
DBG_LOG(DBG_PACKET_ANALYSIS, "Analysis in %s succeeded, next layer identifier is %#x.",
GetAnalyzerName(), protocol);
return inner_analyzer->Analyze(packet, data);
return inner_analyzer->AnalyzePacket(len, data, packet);
}