]> git.ipfire.org Git - people/ms/suricata.git/commit
projects / people / ms / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e9b2155) | patch
dcerpc/udp: Fix pairing of request response
authorIlya Bakhtin <ilya.bakhtin@gmail.com>
Tue, 10 Nov 2020 10:05:18 +0000 (15:35 +0530)
committerVictor Julien <victor@inliniac.net>
Mon, 16 Nov 2020 13:23:59 +0000 (14:23 +0100)
commit6916b63f09e335baec3dd05d1def4c439a13a7b4
tree40cc350907918d48ba4ed352f07cc9255902de13tree | snapshot
parente9b21553cc8535562447a69d108616f4a04b0112commit | diff
dcerpc/udp: Fix pairing of request response

So far, request and response were paired with serial number fields in
the header. This is incorrect. According to
https://pubs.opengroup.org/onlinepubs/9629399/chap12.htm,
"Together, the activity UUID and the sequence number uniquely identify
a remote procedure call."

Hence, add activity uuid and sequence number to the transaction and pair
the request accordingly. Remove incorrect handling of this and fix
tests.
rust/src/dcerpc/dcerpc.rs diff | blob | blame | history
rust/src/dcerpc/dcerpc_udp.rs diff | blob | blame | history
Michael's tree of suricata