Fix a bug in the core files framework with handling the BOF buffer.

- Any files where the total size was below the size of the default bof_buffer size couldn't have stream analyzers successfully attached because the bof_buffer never reached the full size and was never flushed. This branch explicitly marks the buf_buffer as full and flushes it when the file is being removed.
2025-10-02 14:48:21 +00:00 · 2015-02-05 09:09:08 -05:00 · 2015-02-05 09:09:08 -05:00 · a97cd1f3a2
commit a97cd1f3a2
parent 565ad360c6
3 changed files with 27 additions and 7 deletions
--- a/testing/btest/Baseline/scripts.base.frameworks.file-analysis.big-bof-buffer/files.log
+++ b/testing/btest/Baseline/scripts.base.frameworks.file-analysis.big-bof-buffer/files.log
@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	files
+#open	2015-02-05-13-55-41
+#fields	ts	fuid	tx_hosts	rx_hosts	conn_uids	source	depth	analyzers	mime_type	filename	duration	local_orig	is_orig	seen_bytes	total_bytes	missing_bytes	overflow_bytes	timedout	parent_fuid	md5	sha1	sha256	extracted
+#types	time	string	set[addr]	set[addr]	set[string]	string	count	set[string]	string	string	interval	bool	bool	count	count	count	count	bool	string	string	string	string	string
+1362692527.009512	FakNcS1Jfe01uljb3	192.150.187.43	141.142.228.5	CXWv6p3arKYeMETxOg	HTTP	0	MD5,SHA1	text/plain	-	0.000263	-	F	4705	4705	0	0	F	-	397168fd09991a0e712254df7bc639ac	1dd7ac0398df6cbc0696445a91ec681facf4dc47	-	-
+#close	2015-02-05-13-55-41