util/debug: increase max length of message #12183
Conversation
Ticket: 7419
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #12183 +/- ##
==========================================
- Coverage 49.98% 49.97% -0.02%
==========================================
Files 912 912
Lines 257066 257066
==========================================
- Hits 128503 128476 -27
- Misses 128563 128590 +27
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
Information: ERROR: QA failed on SURI_TLPR1_alerts_cmp.
Pipeline 23608 |
| /* The maximum length of the log message */ | ||
| #define SC_LOG_MAX_LOG_MSG_LEN 2048 | ||
| /* The maximum length of the log message: we add max rule size and other info */ | ||
| #define SC_LOG_MAX_LOG_MSG_LEN 8192 + 256 |
There was a problem hiding this comment.
where does the 256 come from?
There was a problem hiding this comment.
It was a guess but I've been overly optimistic because if we look at the failure message for a signature, we have in fact inside of the log message error parsing signature {{SIG}} from file {{FILE}}. It we take the full log wihtout the SIG and FILE, we have 265 chars (512 for a round count).
So it we want to be strict we need in fact
#define SC_LOG_MAX_LOG_MSG_LEN 8192 + PATH_MAX + 512PATH_MAX is usually 4092.
Should I switch to that ?
|
Replaced by #12192 |
Ticket: 7419
Contribution style:
https://docs.suricata.io/en/latest/devguide/contributing/contribution-process.html
Our Contribution agreements:
https://suricata.io/about/contribution-agreement/ (note: this is only required once)
Changes (if applicable):
(including schema descriptions)
https://redmine.openinfosecfoundation.org/projects/suricata/issues
Link to ticket: https://redmine.openinfosecfoundation.org/issues/7419
Describe changes:
SV_REPO=OISF/suricata-verify#2152