mirror of
https://github.com/zeek/zeek.git
synced 2025-10-05 08:08:19 +00:00
c911d03c30
For modbus message types that include variable amount of register values
(uint16[]), setting a &length attribute without an explicit array size
could trigger a parsing assertion since it allows for the "element" data
pointer to travel past the "end of data" (e.g. when &length is odd).
This is changed to now give both an array size and &length to earlier
terminate the parsing of elements before the assert is checked and
so a single out-of-bound check can be done for the entire array
(leaving off &length causes an out-of-bound check for each element).
Added another parameter to modbus events that carry register arrays to
the script-layer which indicates the associated byte count from the
message (allowing for invalid values to be detected):
modbus_read_holding_registers_response
modbus_read_input_registers_response
modbus_write_multiple_registers_request
modbus_read_write_multiple_registers_request
modbus_read_write_multiple_registers_response
modbus_read_fifo_queue_response
|
||
|---|---|---|
| .. | ||
| btest | ||
| external | ||
| scripts | ||
| .gitignore | ||
| Makefile | ||
| README | ||
This directory contains suites for testing for Bro's correct
operation:
btest/
An ever-growing set of small unit tests testing Bro's
functionality.
external/
A framework for downloading additional test sets that run more
complex Bro configuration on larger traces files. Due to their
size, these are not included directly. See the README for more
information.
scripts/
Helpers scripts used by some tests.