date:20141014

[Bro-Dev] [JIRA] (BIT-1272) doc fixes

2014-10-14 Thread Jon Siwek (JIRA)


 [ 
https://bro-tracker.atlassian.net/browse/BIT-1272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jon Siwek updated BIT-1272:
---
Resolution: Fixed
Status: Closed  (was: Open)

 doc fixes
 -

 Key: BIT-1272
 URL: https://bro-tracker.atlassian.net/browse/BIT-1272
 Project: Bro Issue Tracker
  Issue Type: Patch
  Components: Documentation
Reporter: steve smoot
Assignee: Jon Siwek
Priority: Low
 Fix For: 2.4


 https://www.bro.org/sphinx/scripting/index.html#understanding-bro-scripts
 fig. data_struct_vector_declaration.bro
 line 15 should say v2 in text not just argument
 (and change line 4 of output)
 fig. data_type_pattern_01.bro
 should really be jumps not jumped (-;
 (and also in output)



--
This message was sent by Atlassian JIRA
(v6.4-OD-07-004#64005)
___
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

[Bro-Dev] [JIRA] (BIT-1272) doc fixes

2014-10-14 Thread Jon Siwek (JIRA)


[ 
https://bro-tracker.atlassian.net/browse/BIT-1272?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=18402#comment-18402
 ] 

Jon Siwek commented on BIT-1272:


Fixed, thanks.

 doc fixes
 -

 Key: BIT-1272
 URL: https://bro-tracker.atlassian.net/browse/BIT-1272
 Project: Bro Issue Tracker
  Issue Type: Patch
  Components: Documentation
Reporter: steve smoot
Assignee: Jon Siwek
Priority: Low
 Fix For: 2.4


 https://www.bro.org/sphinx/scripting/index.html#understanding-bro-scripts
 fig. data_struct_vector_declaration.bro
 line 15 should say v2 in text not just argument
 (and change line 4 of output)
 fig. data_type_pattern_01.bro
 should really be jumps not jumped (-;
 (and also in output)



--
This message was sent by Atlassian JIRA
(v6.4-OD-07-004#64005)
___
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

[Bro-Dev] [JIRA] (BIT-1235) HTTP multipart POST request alters file contents

2014-10-14 Thread Jon Siwek (JIRA)


 [ 
https://bro-tracker.atlassian.net/browse/BIT-1235?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jon Siwek updated BIT-1235:
---
Status: Merge Request  (was: Open)

 HTTP multipart POST request alters file contents
 

 Key: BIT-1235
 URL: https://bro-tracker.atlassian.net/browse/BIT-1235
 Project: Bro Issue Tracker
  Issue Type: Problem
  Components: Bro
Affects Versions: 2.3
 Environment: CentOS 6.5, file extract analyzer
Reporter: Brian O'Berry
Assignee: Jon Siwek
 Fix For: 2.4

 Attachments: bro-2.3-HTTP.patch, gdb.log, upload-api-http.pcap


 HTTP POST multipart processing converts bare CR or LF chars to CRLF pairs, 
 corrupting most files when extracted with Files::ANALYZER_EXTRACT.  This is 
 clear in the attached gdb.log, which has a backtrace that shows a buffer with 
 the start of a PDF file entering MIME/HTTP entity processing at frame 25, and 
 emerging with LF chars converted to CRLF at frame 6.
 Also attached are the pcap file associated with the backtrace, and an initial 
 patch that we've barely begun to test.  A point of concern with the patch is 
 that it changes a weird.log entry from line_terminated_with_single_CR to 
 http_no_crlf_in_header_list.  It does enable Files::ANALYZER_EXTRACT to 
 correctly extract the PDF file from the attached pcap.
 Please let me know if we can provide anything else to help with this.



--
This message was sent by Atlassian JIRA
(v6.4-OD-07-004#64005)
___
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

Re: [Bro-Dev] Geo Location Plugin

2014-10-14 Thread anthony kasza

Thanks all. After moving declarations around, nm shows all my expected
symbols to be defined. I'm now receiving internal error in
/usr/local/bro/share/bro/base/init-bare.bro, line 1: internal type
geo_location missing. It seems this error is being caused by the
check on the return value of lookup_ID() done within the
internal_type() function in Var.cc. From what I can tell, I don't have

geo_location = internal_type(geo_location)-AsRecordType();

in the right location. This line is from the init_net_var() function
from NetVar.cc, which gets called by main.cc. I thought it might be a
clash in name/module spaces and tried using the init-plugin script
with some unique values, but I still receive the same error. I'm not
sure if it matters but I when I run bro -NNb I can see my inactive
dynamic plugin, so I know Bro is aware of it. I currently have
everything sitting in a single .bif file. Would it be useful to post
that?

-AK

On Tue, Oct 7, 2014 at 8:25 AM, Robin Sommer ro...@icir.org wrote:


 On Mon, Oct 06, 2014 at 21:46 -0700, you wrote:

 Thanks Robin. Everything on the Writing Bro Plugins page is clear
 although the debugging section seems thin to me. Then again, I've have
 never compiled Bro with debugging enabled before.

 Ok, I'll try to extend that a bit more, it's written mainly from the
 perspective of adding debugging output to your plugin; not in terms of
 leveraging the existing output to see why something's not working.

  Are there plans to expand the Types section of that page?

 I would like to, but it's quite a bit of work to fill in the TODOs, so
 honestly I don't see that coming very soon. The problem is that most
 of the missing TODOs are actually not really a matter per se of
 writing a plugin or not, but require text on how to write the
 corresponding code for Bro in general (in other words, even before
 moving to plugins, much of that would have been quite similar). For
 now, the best way to figure this out is to look at existing code,
 i.e., for the builtin-in stuff other *.bif files.

 I think I'm not declaring a scriptland record type correctly.

 Feel free to post error messages here.

 Robin

 --
 Robin Sommer * Phone +1 (510) 722-6541 * ro...@icir.org
 ICSI/LBNL* Fax   +1 (510) 666-2956 * www.icir.org/robin
___
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

[Bro-Dev] [JIRA] (BIT-1273) Broscript crashes Bro with segfault when defining a global enum

2014-10-14 Thread Struck (JIRA)

Struck created BIT-1273:
---

 Summary: Broscript crashes Bro with segfault when defining a 
global enum
 Key: BIT-1273
 URL: https://bro-tracker.atlassian.net/browse/BIT-1273
 Project: Bro Issue Tracker
  Issue Type: Problem
  Components: Bro
Affects Versions: git/master
Reporter: Struck
 Attachments: test.bro

broscript crashes bro with segfault, when trying to define a 
*global* identifier: enum {
}
instead of giving just a simple error on parsing.



--
This message was sent by Atlassian JIRA
(v6.4-OD-07-004#64005)
___
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

[Bro-Dev] [JIRA] (BIT-1272) doc fixes

[Bro-Dev] [JIRA] (BIT-1272) doc fixes

[Bro-Dev] [JIRA] (BIT-1235) HTTP multipart POST request alters file contents

Re: [Bro-Dev] Geo Location Plugin

[Bro-Dev] [JIRA] (BIT-1273) Broscript crashes Bro with segfault when defining a global enum

5 matches

Site Navigation

Mail list logo

Footer information