Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 08:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

SMTP/BDAT: Use strtoull and bail on UULONG_MAX values

Browse source
This commit is contained in:
Arne Welzel 2024-01-19 13:22:57 +01:00
parent c23d605286
commit e1ed709243
6 changed files with 76 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

18
testing/btest/scripts/base/protocols/bdat-chunk-size-overflow2.test Normal file
View file

@ -0,0 +1,18 @@
# @TEST-DOC: Test a BDAT line with an overflowing integer size. Pcaps generated with a Python client against Postfix.
#
# @TEST-EXEC: zeek -r $TRACES/smtp/smtp-bdat-cmd-chunk-size-overflow2.pcap %INPUT >out
# @TEST-EXEC: btest-diff smtp.log
# @TEST-EXEC: btest-diff weird.log
# @TEST-EXEC: btest-diff out
@load base/protocols/conn
@load base/protocols/smtp
event smtp_request(c: connection, is_orig: bool, command: string, arg: string) {
print "smtp_request", c$uid, is_orig, command, arg;
}
event smtp_reply(c: connection, is_orig: bool, code: count, cmd: string,
msg: string, cont_resp: bool) {
print "smtp_reply", c$uid, is_orig, code, cmd, msg;
}