[Bug 501] New: Boyer Moore textsearch fails to match text at
certain offsets
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Thu Aug 17 05:36:45 CEST 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=501
Summary: Boyer Moore textsearch fails to match text at certain
offsets
Product: netfilter/iptables
Version: linux-2.6.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ip_tables (kernel)
AssignedTo: laforge at netfilter.org
ReportedBy: mbr at cipherdyne.org
The compute_prefix_tbl() function in lib/ts_bm.c is called before bm->pattern is
initialized, and this results in the following issue. If the rule below is put
within the OUTPUT chain (note the slightly pattern "aaabbbccc"):
iptables -I OUTPUT -p tcp --dport 80 -m string --string "aaabbbccc" --algo bm -j
LOG --log-prefix "bm "
...then the issuing the following commands fail to match the rule (no log
message is generated):
echo "1aaabbbccc" |nc <someserver> 80
echo "12aaabbbccc" |nc <someserver> 80
echo "1234aaabbbccc" |nc <someserver> 80
...but these do match:
echo "aaabbbccc" |nc <someserver> 80
echo "123aaabbbccc" |nc <someserver> 80
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list