From c484ad0e5c6cadcda02a7079aa53b76be418c391 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Valverde?= <j@v6e.pt>
Date: Fri, 15 Oct 2021 11:02:48 +0100
Subject: dfilter: Don't try to parse byte arrays as strings

It won't work with embedded null bytes so don't try. This is
not an additional restriction, it just removes a hidden failure
mode. To support matching embedded NUL bytes we would have
to use an internal string representation other than
null-terminated C strings (which doesn't seem very onerous with
GString).

Before:
  Filter: http.user_agent == 41:42:00:43

  Constants:
  00000 PUT_FVALUE	"AB" <FT_STRING> -> reg#1

  Instructions:
  00000 READ_TREE		http.user_agent -> reg#0
  00001 IF-FALSE-GOTO	3
  00002 ANY_EQ		reg#0 == reg#1
  00003 RETURN

After:
  Filter: http.user_agent == 41:42:00:43

  Constants:
  00000 PUT_FVALUE	"41:42:00:43" <FT_STRING> -> reg#1

  Instructions:
  00000 READ_TREE		http.user_agent -> reg#0
  00001 IF-FALSE-GOTO	3
  00002 ANY_EQ		reg#0 == reg#1
  00003 RETURN
---
 test/suite_dfilter/group_string_type.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'test')

diff --git a/test/suite_dfilter/group_string_type.py b/test/suite_dfilter/group_string_type.py
index 6ad989d6ae..9298646270 100644
--- a/test/suite_dfilter/group_string_type.py
+++ b/test/suite_dfilter/group_string_type.py
@@ -125,13 +125,17 @@ class case_string(unittest.TestCase):
         checkDFilterCount(dfilter, 0)
 
     def test_contains_5(self, checkDFilterCount):
-        dfilter = 'http.request.method contains 50:4f:53:54' # "POST"
+        dfilter = 'http.request.method contains "\x50\x4f\x53\x54"' # "POST"
         checkDFilterCount(dfilter, 0)
 
     def test_contains_6(self, checkDFilterCount):
-        dfilter = 'http.request.method contains 48:45:41:44' # "HEAD"
+        dfilter = 'http.request.method contains "\x48\x45\x41\x44"' # "HEAD"
         checkDFilterCount(dfilter, 1)
 
+    def test_contains_6(self, checkDFilterCount):
+        dfilter = 'http.request.method contains 48:45:41:44' # "48:45:41:44"
+        checkDFilterCount(dfilter, 0)
+
     def test_contains_fail_0(self, checkDFilterCount):
         dfilter = 'http.user_agent contains "update"'
         checkDFilterCount(dfilter, 0)
-- 
cgit v1.2.3