Project

General

Profile

Actions

Bug #3698

open

Incorrect max length of windivert filter

Added by Sergey Buyanov over 4 years ago. Updated over 4 years ago.

Status:
New
Priority:
Normal
Target version:
Affected Versions:
Effort:
medium
Difficulty:
low
Label:

Description

Now, windivert paramater in suricata support only 128 maximum characters for filter
https://github.com/OISF/suricata/blob/ec77632e84a106ddbcd0baef4e4368b4fe5c5f9e/src/source-windivert.h#L33,
but windivert now support 256 characters
https://github.com/basil00/Divert/blob/master/include/windivert_device.h#L164
Can you fix it?


Files

suricata-build-paste.txt (9.24 KB) suricata-build-paste.txt v2.0.0 breaking changes Jacob Masen-Smith, 08/24/2020 04:18 AM
Actions #1

Updated by Victor Julien over 4 years ago

  • Assignee set to Community Ticket
  • Target version changed from 5.0.4 to TBD
Actions #2

Updated by Jacob Masen-Smith over 4 years ago

I'm jumping on this finally. Hopefully it will be relatively quick, but I haven't built in 2 years.

Actions #3

Updated by Jacob Masen-Smith over 4 years ago

So it appears the filter length was only increased for v2.0.0 - v1.4.3 (current 1.4 API tag) is still 128.

https://github.com/basil00/Divert/blob/v1.4.3/include/windivert_device.h

So there's actually more work to do - if 256 was to be supported, the WinDivert interface would need to be updated to v2.0.0, which I accidentally tried to build against and noticed a number of breaking API changes.

Actions

Also available in: Atom PDF