[Snort-devel] Two bugs in rule parser
Erik de Castro Lopo
erikd+snort at ...2292...
Mon May 2 22:48:33 EDT 2005
I've been looking at the current bleedingsnort.com rule set and
found a couple of rules for which the parser should have been
complaining about a syntax error but didn't.
The first was of the form (note the lack of a semicolone before
I haven't looked at the code, but I suspect that in this case
the nocase modifier is simply ignored.
The second problem was that the parser accepted illegal escape
sequences, in this case:
More information about the Snort-devel