-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
`ResourceRecord.rdlen` is the length of the payload in `bytes`, but we used it as the number of entries for `TXT` records. With this patch we compute the correct length by setting up a view of the correct size; this also fix issues with different record types where they would not consume not the correct amount of input. Closes #10.
- Loading branch information
Showing
5 changed files
with
23 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| # @TEST-EXEC: zeek -r ${TRACES}/issue-10.pcap %INPUT | ||
| # @TEST-EXEC: zeek-cut -cm uid service < conn.log > conn | ||
| # @TEST-EXEC: btest-diff conn | ||
| # @TEST-EXEC: btest-diff dns.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. | ||
| ### NOTE: This file has been sorted with diff-sort. | ||
| CHhAvVGS1DHFjwGM9 dns | ||
| uid service |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. | ||
| ### NOTE: This file has been sorted with diff-sort. | ||
| #separator \x09 | ||
| #set_separator , | ||
| #empty_field (empty) | ||
| #unset_field - | ||
| #path dns | ||
| #open XXXX-XX-XX-XX-XX-XX | ||
| #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto trans_id rtt query qclass qclass_name qtype qtype_name rcode rcode_name AA TC RD RA Z answers TTLs rejected | ||
| #types time string addr port addr port enum count interval string count string count string count string bool bool bool bool count vector[string] vector[interval] bool | ||
| #close XXXX-XX-XX-XX-XX-XX | ||
| XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 157.97.168.103 50496 87.215.12.61 53 udp 12448 0.000307 _dmarc.offensive-operations.nl 1 C_INTERNET 16 TXT 0 NOERROR T F F F 1 TXT 9 v=DMARC1; TXT 9 p=reject; TXT 26 rua=mailto:[email protected]; TXT 26 ruf=mailto:[email protected]; TXT 10 sp=reject; TXT 8 adkim=s; TXT 5 fo=1; 28800.000000 F |
Binary file not shown.