zeek/scripts/base/protocols/smtp at b57a854633dabcc193f2b44df8b53f7bf834dd8a - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

History

Arne Welzel f6e7ea43c3 http/smtp: Fix wrong character class usage A call to `extract_filename_from_content_disposition()` is only efficient if the string is guaranteed to contain the pattern that is removed by `sub()`. Due to missing brackets around the `[:blank:]` character class, an overly long string (756kb) ending in "Type:dtanameaa=" matched the wrong pattern causing `sub()` to exhibit quadratic runtime. Besides that, we may have potentially extracted wrong information from a crafted header value. (cherry picked from commit 6d385b1ca724a10444865e4ad38a58b31a2e2288)		2023-09-12 12:00:36 -07:00
..
__load__.zeek	Rename all scripts to have ".zeek" file extension	2019-04-11 21:12:40 -05:00
dpd.sig	Added a missing curly brace in smtp/dpd.sig	2013-07-09 22:57:36 -04:00
entities.zeek	http/smtp: Fix wrong character class usage	2023-09-12 12:00:36 -07:00
files.zeek	scripts: Migrate table iteration to blank identifiers	2022-10-24 10:36:09 +02:00
main.zeek	smtp: Validate mail transaction and disable SMTP analyzer if excessive	2023-03-27 18:41:47 +02:00
README	Add README files for base/protocols	2013-10-17 12:47:32 -05:00

Support for Simple Mail Transfer Protocol (SMTP) analysis.