[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-1.4-123-gb807874
Victor Julien
victor at inliniac.net
Mon Apr 8 13:02:44 UTC 2013
On 04/08/2013 02:59 PM, noreply at openinfosecfoundation.org wrote:
> commit 374187bf6572a1abfc6a3537d9cd11f3cea1693a
> Author: Victor Julien <victor at inliniac.net>
> Date: Sat Apr 6 17:17:15 2013 +0200
>
> stream: don't use ssn timestamp flag in stream
>
> The STREAMTCP_FLAG_TIMESTAMP flag is a ssn flag, however it was used in
> the stream flag field. As it has the same value as
> STREAMTCP_STREAM_FLAG_DEPTH_REACHED it's possible that stream reassembly
> got confused by the timestamp.
This may be interesting. Haven't really looked into it deeply, but it
appears that we would accidentally set the
STREAMTCP_STREAM_FLAG_DEPTH_REACHED flag in the stream. Not seeing
alerting differences in any of my test cases, but I could still imagine
this causing trouble.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list