Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 10:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Arne Welzel 3724c14ad2 http/smtp: Fix wrong character class usage 
A call to `extract_filename_from_content_disposition()` is only
efficient if the string is guaranteed to contain the pattern that
is removed by `sub()`. Due to missing brackets around the `[:blank:]`
character class, an overly long string (756kb) ending in
"Type:dtanameaa=" matched the wrong pattern causing `sub()` to
exhibit quadratic runtime. Besides that, we may have potentially
extracted wrong information from a crafted header value.

(cherry picked from commit 6d385b1ca724a10444865e4ad38a58b31a2e2288)
2023-09-12 09:40:38 -07:00
..
files Revert "Merge remote-tracking branch 'origin/topic/vern/at-if-analyze'" 2023-05-31 09:20:33 +02:00
frameworks Merge remote-tracking branch 'origin/topic/awelzel/3145-dcerpc-state-clean' 2023-08-08 12:55:21 -07:00
misc Revert "Merge remote-tracking branch 'origin/topic/vern/at-if-analyze'" 2023-05-31 09:20:33 +02:00
packet-protocols Add forwarding from VLAN analyzer into LLC, SNAP, and Novell 802.3 analyzers 2023-04-25 12:29:55 -07:00
protocols http/smtp: Fix wrong character class usage 2023-09-12 09:40:38 -07:00
utils Treat private address space as site-local by default 2023-03-15 17:01:00 -07:00
init-bare.zeek Merge remote-tracking branch 'origin/topic/awelzel/3145-dcerpc-state-clean' 2023-08-08 12:55:21 -07:00
init-default.zeek Do not load Spicy scripts if Spicy is not available. 2023-05-16 10:21:21 +02:00
init-frameworks-and-bifs.zeek Do not load Spicy scripts if Spicy is not available. 2023-05-16 10:21:21 +02:00
init-supervisor.zeek Establish a separate init script when using the supervisor 2021-07-08 13:12:53 -07:00