Bug #7495: protocol detection: probing parsers do not finish as soon as possible - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #7495

open

protocol detection: probing parsers do not finish as soon as possible

Added by Philippe Antoine 3 days ago. Updated 3 days ago.

Status:

New

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

8.0.0-beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

the check if (alproto_masks[0] == mask) { fails if alproto_masks has checked and failed more protocols than expected in mask

Because mask only relies on port when alproto_masks may also contain a protocol from pe0 which is either the protocol found in the other direction or alproto_expect

Subtasks 1 (1 open — 0 closed)

Related issues 1 (1 open — 0 closed)

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #7495

protocol detection: probing parsers do not finish as soon as possible

Updated by Philippe Antoine 3 days ago

Updated by OISF Ticketbot 3 days ago

Updated by OISF Ticketbot 3 days ago