[Oisf-devel] Malformed HTTP log with latest git

[Victor Julien]

Thanks Chris, I guess the 30 mins weren't enough yet because my git
doesn't like the patch:

git am ~/Desktop/0001-Fix-missing-space-in-HTTP-log.patch
Patch format detection failed.

I don't think the multipart stuff is supposed to be in there.

I applied the patch manually. Thanks again.

Cheers,
Victor

On 04/02/2012 10:56 PM, Chris Wakelin wrote:
> On 02/04/2012 20:49, Chris Wakelin wrote:
>> I've just noticed something rather odd in the latest git:
>>
>>> 04/02/2012-20:44:30.333641s0.2mdn.net [**]
>>> /instream/afv_text_ads_manager_1_58.swf [**] Mozilla/4.0 (compatible;
>>> MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR
>>> 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media
>>> Center PC 6.0) [**] http://s0.2mdn.net/instream/adsapi_2_11_17.swf
>>> [**] GET [**] HTTP/1.1 [**] 200 [**] 27057 bytes [**]
>>> xxx.xxx.xxx.xxx:nnn ->  173.194.34.156:80
>>> 04/02/2012-20:44:30.334133safebrowsing-cache.google.com [**]
>>> /safebrowsing/rd/ChFnb29nLXBoaXNoLXNoYXZhchAAGPvLDCCEzAwyBvslAwD_Aw
>>> [**] Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3)
>>> AppleWebKit/534.53.11 (KHTML, like Gecko) Version/5.1.3
>>> Safari/534.53.10 [**]<no referer>  [**] GET [**] HTTP/1.1 [**] 200
>>> [**] 3703 bytes [**] xxx.xxx.xxx.xxx:nnn ->  74.125.230.103:80
>>
>> We've lost a space between the date and the host. Probably trivial to
>> fix - I'll have a look in a minute, but thought I'd better flag this up
>> ASAP!
> 
> 5 mins to find the flaw, 30 minutes to work out how to make a git patch
> (attched) :-)
> 
> Best Wishes,
> Chris
> 
> 
> 
> _______________________________________________
> Oisf-devel mailing list
> Oisf-devel at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel


-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------