Feature #7313: transforms: have option on how to handle failure - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #7313

open

transforms: have option on how to handle failure

Added by Philippe Antoine about 1 month ago. Updated about 1 month ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

Tansforms like base64, pcrexform or urldecode may somehow fail.

Current default is to passthrough
But we could have an option to these keywords to behave differently like return a NULL or 0-length buffer instead of the original one.

History
Notes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #7313

transforms: have option on how to handle failure

Updated by Philippe Antoine about 1 month ago