Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/protocols
History
Jon Siwek 76fb1e7fd0 Fixes to decode_netbios_name and decode_netbios_name_type BIFs 
Fixes to `decode_netbios_name`:

* Improve validation that input string is a NetBIOS encoding
  (32 bytes, with characters ranging from 'A' to 'P').  This helps
  prevent Undefined Behavior of left-shifting negative values.
  Invalid encodings now cause a return-value of an empty string.

* More liberal in what decoded characters are allowed.  Namely,
  spaces are now allowed (but any trailing null-bytes and spaces
  are trimmed, similar to before).

Fixes to `decode_netbios_name_type`:

* Improve validation that input string is a NetBIOS encoding
  (32 bytes, with characters ranging from 'A' to 'P').  This helps
  prevent Undefined Behavior of left-shifting negative values and
  a heap-buffer-overread when the input string is too small.
  Invalid encodings now cause a return-value of 256.
2021-04-27 15:27:04 -07:00
..
conn lint fixes: ensuring functions return values, robustness to nil Val's 2021-03-18 08:21:19 -07:00
dce-rpc Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
dhcp Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
dnp3 Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
dns Fixes to decode_netbios_name and decode_netbios_name_type BIFs 2021-04-27 15:27:04 -07:00
ftp &is_set => &is_assigned 2021-02-04 12:18:46 -08:00
http Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
imap Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00
irc Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
krb Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
modbus Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
mqtt Disable MQTT by default 2019-08-05 17:04:39 -07:00
mysql Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
ntlm Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
ntp &is_set => &is_assigned 2021-02-04 12:18:46 -08:00
pop3 Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
radius Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
rdp Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
rfb Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
sip Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
smb ts fields in SMB logs now default to network_time() 2021-03-10 13:52:44 +00:00
smtp GH-1352: Added flag to stop processing SMTP headers in attached 2021-01-21 14:55:10 -05:00
snmp Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
socks Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
ssh &is_set => &is_assigned 2021-02-04 12:18:46 -08:00
ssl &is_set => &is_assigned 2021-02-04 12:18:46 -08:00
syslog Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
tunnels Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
xmpp Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00