"for and while" in Bro language (and threading?)

Vern Paxson vern at icir.org
Mon Jul 14 02:28:04 PDT 2003


> A good example of the need for while loops is doing integer overflow
> detection in RPC services.  To do it properly, you need to be able to 
> check the length of each argument in the call (or response, since clients
> can be vulnerable as well...)

If Bro provided the arguments in generic form to the policy script
(it doesn't currently, it instead provides parsed versions) then it would
be as a table - so the existing "for" operator would serve for iterating
through them.

I'm pushing back here because I want to understand if there's a compelling
need to add this language feature.  I think for many uses, the existing
features will serve.  That said, I expect there *are* such cases where a
more general loop construct is needed.  But I want to better understand
where those are needed, because it's not clear that C-style "while" or
"for" will be the best way for them.  There are other paradigms.  For
example, S has very powerful array-oriented operators, such that it's
quite rare you ever need to write a for or while loop.

		Vern



More information about the Bro mailing list