zeek/testing/btest/Baseline.zam/core.analyzer-confirmation-violation-info at d95affde4d94bbcda145b0f0785a238de1b98003 - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00

History

Johanna Amann 1fed0ed58d PPPoE: don't forward more bytes than header indicates This changes the PPPoE parser so that it doesn't forward extra bytes that might be appended after the payload. Instead, it raises a weird if the payload size doesn't match the size indicated by the header. This is in line with what other protocol parsers (like UDP) are doing. Two tests needed to be updated - with this change, the traffic in pppoe-over-qinq.pcap is now valid TLS. A new trace was introduced for the confirmation-violation-info test. Addresses GH-4602	2025-07-08 10:20:59 +01:00
..
.stdout	PPPoE: don't forward more bytes than header indicates	2025-07-08 10:20:59 +01:00

Johanna Amann 1fed0ed58d PPPoE: don't forward more bytes than header indicates

This changes the PPPoE parser so that it doesn't forward extra bytes
that might be appended after the payload. Instead, it raises a weird if
the payload size doesn't match the size indicated by the header.

This is in line with what other protocol parsers (like UDP) are doing.

Two tests needed to be updated - with this change, the traffic in
pppoe-over-qinq.pcap is now valid TLS. A new trace was introduced for
the confirmation-violation-info test.

Addresses GH-4602

2025-07-08 10:20:59 +01:00

.stdout

PPPoE: don't forward more bytes than header indicates

2025-07-08 10:20:59 +01:00