Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Improve multipart HTTP/MIME entity file analysis.

Browse source 
Singular CR or LF characters in multipart body content are no longer
converted to a full CRLF (thus corrupting the file) and it also no
longer considers the CRLF before the multipart boundary as part of the
content.

Addresses BIT-1235.
This commit is contained in:
Jon Siwek 2014-08-26 17:50:28 -05:00
parent 73cc81f44a
commit d5513a0757
13 changed files with 82 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/analyzer/protocol/tcp/ContentLine.h
View file

@ -15,6 +15,9 @@ public:
ContentLine_Analyzer(Connection* conn, bool orig);
~ContentLine_Analyzer();
void SupressWeirds(bool enable)
{ suppress_weirds = enable; }
// If enabled, flag (first) line with embedded NUL. Default off.
void SetIsNULSensitive(bool enable)
{ flag_NULs = enable; }
@ -96,6 +99,8 @@ protected:
// Don't deliver further data.
int skip_deliveries;
bool suppress_weirds;
// If true, flag (first) line with embedded NUL.
unsigned int flag_NULs:1;