Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
5256 commits 386 branches 195 tags 256 MiB
Commit graph

3 commits

Author SHA1 Message Date
Jon Siwek
d5513a0757 Improve multipart HTTP/MIME entity file analysis. 
Singular CR or LF characters in multipart body content are no longer
converted to a full CRLF (thus corrupting the file) and it also no
longer considers the CRLF before the multipart boundary as part of the
content.

Addresses BIT-1235.
 2014-08-26 17:54:41 -05:00
Jon Siwek
2b3c2bd394 Fix reassembly of data w/ sizes beyond 32-bit capacities (BIT-348). 
The main change is that reassembly code (e.g. for TCP) now uses
int64/uint64 (signedness is situational) data types in place of int
types in order to support delivering data to analyzers that pass 2GB
thresholds.  There's also changes in logic that accompany the change in
data types, e.g. to fix TCP sequence space arithmetic inconsistencies.

Another significant change is in the Analyzer API: the *Packet and
*Undelivered methods now use a uint64 in place of an int for the
relative sequence space offset parameter.
 2014-04-09 13:03:24 -05:00
Robin Sommer
4bc2ba60c9 Rename analyzer/protocols -> analyzer/protocol 2013-04-19 15:50:57 -07:00
Renamed from src/analyzer/protocols/tcp/ContentLine.h (Browse further)