Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/testing
History
Arne Welzel 2a858d252e MIME: Cap nested MIME analysis depth to 100 
OSS-Fuzz managed to produce a MIME multipart message construction with
thousands of nested entities (or that's what Zeek makes out of it anyhow).
Prevent such deep analysis by capping at a nesting depth of 100,
preventing unnecessary resource usage. A new weird named exceeded_mime_max_depth
is reported when this limit is reached.

This change reduces the runtime of the OSS-Fuzz reproducer from ~45 seconds
to ~2.5 seconds.

The test PCAP was produced from a Python script using the email package
and sending the rendered version via POST to a HTTP server.

Closes #208
2024-01-17 10:18:13 -07:00
..
benchmark/broker Port Zeek to latest Broker API 2022-04-27 23:02:27 +02:00
btest MIME: Cap nested MIME analysis depth to 100 2024-01-17 10:18:13 -07:00
builtin-plugins Reformat Zeek in Spicy style 2023-10-30 09:40:55 +01:00
coverage Remove files in build/src/3rdparty from coverage reports 2023-02-09 12:04:53 -07:00
external Merge branch 'topic/johanna/fix-logging-of-ssl-log-ext-in-some-cases' 2024-01-16 13:10:35 +00:00
scripts ci/btest: Remove spicy-quic helper, disable Spicy on CentOS 7 2023-10-11 17:17:23 +02:00
.gitignore
CMakeLists.txt Integrate the Spicy plugin into Zeek proper. 2023-05-16 10:17:45 +02:00
Makefile
README

README 

This directory contains suites for testing for Zeek's correct
operation:

    btest/
        An ever-growing set of small unit tests testing Zeek's
        functionality.

    external/
        A framework for downloading additional test sets that run more
        complex Zeek configuration on larger traces files. Due to their
        size, these are not included directly. See the README for more
        information. 

    scripts/
        Helpers scripts used by some tests.