Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/frameworks
History
Arne Welzel af1714853f http: Prevent request/response de-synchronization and unbounded state growth 
When http_reply events are received before http_request events, either
through faking traffic or possible re-ordering, it is possible to trigger
unbounded state growth due to later http_requests never being matched
again with responses.

Prevent this by synchronizing request/response counters when late
requests come in.

Also forcefully flush pending requests when http_replies are never
observed either due to the analyzer having been disabled or because
half-duplex traffic.

Fixes #1705
2023-08-28 15:02:58 +02:00
..
analyzer Fix a docstring typo 2023-01-10 18:49:19 -08:00
broker broker/store: Extend SQLiteOptions around data safety and performance 2023-01-30 10:25:37 +01:00
cluster Remove deprecations tagged for v6.1 2023-06-14 10:07:22 -07:00
config Revert "Merge remote-tracking branch 'origin/topic/vern/at-if-analyze'" 2023-05-31 09:20:33 +02:00
control annotate base scripts with &is_used as needed 2022-05-26 17:39:17 -07:00
files files: Warn once for missing get_file_handle() 2023-05-19 09:37:51 -07:00
input More bro-to-zeek renaming in scripts and other files 2019-05-16 02:36:41 -05:00
intel Revert "Merge remote-tracking branch 'origin/topic/vern/at-if-analyze'" 2023-05-31 09:20:33 +02:00
logging Remove LogAscii::logdir (6.1 deprecation) 2023-06-14 10:07:22 -07:00
netcontrol all: Fix typos identified by typos pre-commit hook 2023-06-13 17:57:32 +02:00
notice http: Prevent request/response de-synchronization and unbounded state growth 2023-08-28 15:02:58 +02:00
openflow Revert "Merge remote-tracking branch 'origin/topic/vern/at-if-analyze'" 2023-05-31 09:20:33 +02:00
packet-filter Merge remote-tracking branch 'origin/topic/awelzel/blank-identifer' 2022-10-25 12:36:23 +02:00
reporter Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
signatures allow signature actions to be dynamically updated 2023-07-13 17:25:32 -07:00
software Remove script functions marked as unused (6.1 deprecations) 2023-06-14 10:07:22 -07:00
spicy Move spicy/misc scripts to policy and clarify purpose. 2023-05-16 10:21:21 +02:00
sumstats Remove script functions marked as unused (6.1 deprecations) 2023-06-14 10:07:22 -07:00
supervisor Remove Supervisor::NodeConfig (6.1 deprecation) 2023-06-14 10:07:22 -07:00
telemetry telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00
tunnels Add GTPv1 packet analyzer, disable old analyzer 2021-11-23 19:36:50 -07:00