From de70ac743458b1825e923237cb680edb8bbf027f Mon Sep 17 00:00:00 2001 From: "Russ Combs (rucombs)" Date: Wed, 16 Nov 2016 19:51:21 -0500 Subject: [PATCH] Merge pull request #705 in SNORT/snort3 from sdf_out_mask to master Squashed commit of the following: commit 969cf8b3badde3bd15c7c58613fff279a76bb690 Author: Bhagya Tholpady Date: Mon Nov 14 12:14:59 2016 -0500 sdf changes --- src/log/log_text.cc | 2 +- src/log/obfuscator.h | 4 ++++ src/loggers/unified2.cc | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/log/log_text.cc b/src/log/log_text.cc index 631f8f992..6e8c2cc96 100644 --- a/src/log/log_text.cc +++ b/src/log/log_text.cc @@ -1502,7 +1502,7 @@ void LogPayload(TextLog* log, Packet* p) std::string buf(p->data, p->data + p->dsize); for ( const auto& b : *p->obfuscator ) - buf.replace(b.offset, b.length, b.length, '.'); + buf.replace(b.offset, b.length, b.length, p->obfuscator->get_mask_char()); LogNetData(log, (const uint8_t*)buf.c_str(), p->dsize, p); } diff --git a/src/log/obfuscator.h b/src/log/obfuscator.h index 67a67abdf..aa2be6e83 100644 --- a/src/log/obfuscator.h +++ b/src/log/obfuscator.h @@ -65,9 +65,13 @@ public: bool first(ObfuscatorBlock &b); bool next(ObfuscatorBlock &b); + const char get_mask_char() + { return mask_char; } + private: ObSet blocks; iterator it; + const char mask_char = 'X'; }; #endif diff --git a/src/loggers/unified2.cc b/src/loggers/unified2.cc index ed2a16908..5b137c44a 100644 --- a/src/loggers/unified2.cc +++ b/src/loggers/unified2.cc @@ -555,7 +555,7 @@ static void _Unified2LogPacketAlert( off = 0; for ( const auto& b : *p->obfuscator ) - memset(&start[ off + b.offset ], '.', b.length); + memset(&start[ off + b.offset ], p->obfuscator->get_mask_char(), b.length); } } -- 2.47.2