Bug #7495: protocol detection: probing parsers do not finish as soon as possible - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #7495

closed

protocol detection: probing parsers do not finish as soon as possible

Added by Philippe Antoine 3 months ago. Updated about 1 month ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

8.0.0-beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

the check if (alproto_masks[0] == mask) { fails if alproto_masks has checked and failed more protocols than expected in mask

Because mask only relies on port when alproto_masks may also contain a protocol from pe0 which is either the protocol found in the other direction or alproto_expect

Subtasks 1 (0 open — 1 closed)

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #7495

protocol detection: probing parsers do not finish as soon as possible

Updated by Philippe Antoine 3 months ago

Updated by OISF Ticketbot 3 months ago

Updated by OISF Ticketbot 3 months ago

Updated by Philippe Antoine 3 months ago

Updated by Philippe Antoine 3 months ago

Updated by Jason Ish 2 months ago