Project

General

Profile

Actions
Copy link

Bug #293

closed

Some debug messages does not support filter

Added by Eric Leblond almost 13 years ago. Updated over 12 years ago.

Status:
Closed
Priority:
Low
Assignee:
Eric Leblond
Target version:
1.2rc1
Affected Versions:
Effort:
Difficulty:
Label:

Description

There is some debug messages that does not get filtered by SC_LOG_OP_FILTER.

For example, when suricata is launched with:

SC_LOG_LEVEL=debug SC_LOG_OP_FILTER="FIN packet received" /home/eric/builds/suricata/bin/suricata -c ~eric/builds/suricata/etc/suricata.yaml -r benches/nmap-fin.pcap

We see a lot of uri in the output:
.php?&&reader_version=
/download/Antivirus_
.exe

The code responsible for this output is in src/detect-uricontent.c at source:/src/detect-uricontent.c@047b19d2715f1cba98d8c5de8174466256bc7f64#L311. A printf is used where a filtered printf should be used.

Actions
Copy link
 #1

Updated by Victor Julien over 12 years ago

  • Assignee set to Eric Leblond
  • Target version set to 1.1beta3
  • Estimated time set to 4.00 h
Actions
Copy link
 #2

Updated by Victor Julien over 12 years ago

  • Status changed from New to Assigned
Actions
Copy link
 #3

Updated by Victor Julien over 12 years ago

  • Target version changed from 1.1beta3 to 1.2
Actions
Copy link
 #4

Updated by Eric Leblond over 12 years ago

  • % Done changed from 0 to 80
Actions
Copy link
 #5

Updated by Victor Julien over 12 years ago

  • Status changed from Assigned to Closed
  • Target version changed from 1.2 to 1.2rc1
  • % Done changed from 80 to 100

Patches applied, thanks Eric!

Actions
Copy link

Also available in: Atom PDF