]> git.ipfire.org Git - thirdparty/suricata.git/commit
detect: set event if max inspect buffers exceeded
authorVictor Julien <victor@inliniac.net>
Thu, 13 May 2021 06:06:11 +0000 (08:06 +0200)
committerVictor Julien <victor@inliniac.net>
Fri, 25 Jun 2021 15:11:00 +0000 (17:11 +0200)
commite49b5358f9e075dd85365d8451180684f79e5825
treeb1bde538d7f67a4c061d0c8fd2512ef1c90e7989
parentc9270f68541304e6d8128e5af0c0d385e8089737
detect: set event if max inspect buffers exceeded

If a parser exceeds 1024 buffers we stop processing them and
set a detect event instead. This is to avoid parser bugs as well as
crafted bad traffic leading to resources starvation due to excessive
loops.

(cherry picked from commit e611adf3dc5b531a9d0ef9b861b4dbe0e150eae6)
src/detect-engine.c
src/detect.h