Project

General

Profile

Actions
Copy link

Bug #3631

closed
PA PA

FTP response buffering against TCP stream

Bug #3631: FTP response buffering against TCP stream

Added by Philippe Antoine about 6 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
6.0.0beta1
Affected Versions:
4.1.6, 5.0.1
Effort:
Difficulty:
Label:
Needs backport to 4.1, Needs backport to 5.0

Description

Now, Suricata parses FTP response packets as if they are always complete.
This is not the TCP logic of streaming.
We have to keep buffering until the response is complete, and we can parse multiple responses in one TCP stream in one time.

Found by running suricata-verify tests while doing TCP stream splitting

Fix proposed https://github.com/OISF/suricata/pull/4789

Related issues 2 (0 open2 closed)

Copied to Suricata - Bug #3650: FTP response buffering against TCP streamClosedVictor JulienActions
Copied to Suricata - Bug #3651: FTP response buffering against TCP streamClosedJeff LucovskyActions

VJ Updated by Victor Julien about 6 years ago Actions
Copy link
 #1

  • Status changed from New to In Review
  • Assignee set to Philippe Antoine
  • Target version set to 6.0.0beta1

JL Updated by Jeff Lucovsky about 6 years ago Actions
Copy link
 #3

  • Copied to Bug #3650: FTP response buffering against TCP stream added

JL Updated by Jeff Lucovsky about 6 years ago Actions
Copy link
 #4

  • Target version changed from 5.0.3 to 6.0.0beta1
  • Affected Versions 4.1.6, 5.0.1 added
  • Affected Versions deleted (5.0.2)
  • Label deleted (Needs backport)

JL Updated by Jeff Lucovsky about 6 years ago Actions
Copy link
 #5

  • Copied to Bug #3651: FTP response buffering against TCP stream added

VJ Updated by Victor Julien almost 6 years ago Actions
Copy link
 #6

  • Status changed from In Review to Closed

Both PRs merged, thanks Philippe.

Actions
Copy link

Also available in: PDF Atom