]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bbaca48) | patch
detect: set event if max inspect buffers exceeded
authorVictor Julien <victor@inliniac.net>
Thu, 13 May 2021 06:06:11 +0000 (08:06 +0200)
committerVictor Julien <victor@inliniac.net>
Thu, 24 Jun 2021 11:33:38 +0000 (13:33 +0200)
commitfdc93130aaf9f4b97ad4ffa305f20d7b0b8be589
tree9005408cd0df56b8e8000d1b2cabb8f2b81ba19atree
parentbbaca488250842faf7ef4f2b9c17cca156771f3ecommit | diff
detect: set event if max inspect buffers exceeded

If a parser exceeds 1024 buffers we stop processing them and
set a detect event instead. This is to avoid parser bugs as well as
crafted bad traffic leading to resources starvation due to excessive
loops.

(cherry picked from commit e611adf3dc5b531a9d0ef9b861b4dbe0e150eae6)
src/detect-engine.c diff | blob | blame | history
src/detect.h diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git