Actions
Bug #7254
opendcerpc: parser does not support multiple PDUs
Affected Versions:
Effort:
Difficulty:
Label:
Description
dcerpc parser does not support parsing multiple PDUs in the input buffer. It takes the input, parses the first PDU, and if it succeeds, returns ok to the common applayer parser.
The common applayer parser then assumes that the entire data that was sent to the protocol parser was successfully parsed and consumed. It then updates the stream progress to reflect the same.
Updated by Philippe Antoine about 1 year ago
- Copied to Bug #7546: dcerpc: parser does not take fraglen into account added
Updated by Philippe Antoine about 1 year ago
- Copied to Bug #7547: dcerpc: parser uses only one header for both directions added
Updated by Philippe Antoine about 1 year ago ยท Edited
- Subject changed from dcerpc: parser does not support multiple PDUs to dcerpc: event on fraglen < 16
Updated by Philippe Antoine about 1 year ago
- Subject changed from dcerpc: event on fraglen < 16 to dcerpc: parser does not support multiple PDUs
Updated by Philippe Antoine about 1 year ago
- Copied to Bug #7548: dcerpc: avoid integer underflow added
Updated by Victor Julien 12 months ago
- Target version changed from 8.0.0-beta1 to 8.0.0-rc1
Updated by Victor Julien 9 months ago
- Target version changed from 8.0.0-rc1 to 9.0.0-beta1
Updated by Philippe Antoine 2 days ago
- Status changed from Assigned to In Review
- Assignee changed from Shivani Bhardwaj to Philippe Antoine
- Label Needs backport to 8.0 added
Updated by Philippe Antoine 2 days ago
- Related to Optimization #7251: dcerpc: mimic gap behavior if invalid data is sent to protocol parser added
Updated by Philippe Antoine 2 days ago
- Blocked by Bug #5133: dcerpc: logs not created after unhandled packet such as auth3 added
Actions