[Bro-Dev] #326: HTTP Analyzer overflow on content-lengths > 2GB
Bro Tracker
bro at tracker.icir.org
Sat Nov 27 17:31:24 PST 2010
#326: HTTP Analyzer overflow on content-lengths > 2GB
----------------------+------------------------
Reporter: gregor | Owner:
Type: Patch | Status: new
Priority: Normal | Milestone: Bro1.6
Component: Bro | Version: git/master
Keywords: inttypes |
----------------------+------------------------
{{{
#!rst
The HTTP analyzer uses 32 bit signed ints to parse the content-length
header, track body length etc. This causes overflow and for content
lengths > 2GB. This effects the reported body length as well as parsing of
pipelined or persistent connection.
The overflow might also cause crashes.
Changes in this patch:
* Change the affected integers in to 64 bit wide
* Overload min/max inline functions in util.h to work with different
widths and signedness.
* Explicitly cast parameters to min/max where in cases were the
compiler complained.
}}}
--
Ticket URL: <http://tracker.icir.org/bro/ticket/326>
Bro Tracker <http://tracker.icir.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list