Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-13 12:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
zeek/scripts
History
Arne Welzel 2a858d252e MIME: Cap nested MIME analysis depth to 100 
OSS-Fuzz managed to produce a MIME multipart message construction with
thousands of nested entities (or that's what Zeek makes out of it anyhow).
Prevent such deep analysis by capping at a nesting depth of 100,
preventing unnecessary resource usage. A new weird named exceeded_mime_max_depth
is reported when this limit is reached.

This change reduces the runtime of the OSS-Fuzz reproducer from ~45 seconds
to ~2.5 seconds.

The test PCAP was produced from a Python script using the email package
and sending the rendered version via POST to a HTTP server.

Closes #208
2024-01-17 10:18:13 -07:00
..
base MIME: Cap nested MIME analysis depth to 100 2024-01-17 10:18:13 -07:00
policy Merge branch 'topic/johanna/fix-logging-of-ssl-log-ext-in-some-cases' 2024-01-16 13:10:35 +00:00
site telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00
spicy improve search-ability in zeek.spicy 2023-12-14 16:24:32 -05:00
zeekygen zeekygen: Disable zeek_init() handlers causing error output 2023-10-11 15:18:33 +02:00
CMakeLists.txt Use the same rules as cmake submodule to reformat Zeek 2023-05-09 08:31:43 -07:00
test-all-policy.zeek telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00