Mirror/zeek - git.uphillsecurity.com: We code.

Mirror/zeek

Fork 0

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

Commit graph

Author	SHA1	Message	Date
Arne Welzel	38e226bf75	http: Prevent script errors when http$current_entity is not set The current_entity tracking in HTTP assumes that client/server never send HTTP entities at the same time. The attached pcap (generated artificially) violates this and triggers: 1663698249.307259 expression error in <...>base/protocols/http/./entities.zeek, line 89: field value missing (HTTP::c$http$current_entity) For the http-no-crlf test, include weird.log as baseline. Now that weird is @load'ed from http, it is actually created and seems to make sense to btest-diff it, too.	2022-09-26 10:18:24 +02:00

Author

SHA1

Message

Date

Arne Welzel

38e226bf75

http: Prevent script errors when http$current_entity is not set

The current_entity tracking in HTTP assumes that client/server never
send HTTP entities at the same time. The attached pcap (generated
artificially) violates this and triggers:

    1663698249.307259 expression error in <...>base/protocols/http/./entities.zeek, line 89: field value missing (HTTP::c$http$current_entity)

For the http-no-crlf test, include weird.log as baseline. Now that weird is
@load'ed from http, it is actually created and seems to make sense
to btest-diff it, too.

2022-09-26 10:18:24 +02:00

1 commit