mirror of https://github.com/OISF/suricata
detect: set event if max inspect buffers exceeded
If a parser exceeds 1024 buffers we stop processing them and set a detect event instead. This is to avoid parser bugs as well as crafted bad traffic leading to resources starvation due to excessive loops.pull/6261/head
parent
3dc50322db
commit
e611adf3dc
Loading…
Reference in New Issue