Comments (8)
(I am not sure why I am either not getting email notifications about newly opened issues, or missing these notifications in my inbox. Sorry for the late response.)
@fsacer, you can find various limits here. The main ones are:
SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE
(max length of a response from each individual datasource)SNOOPY_LOG_MESSAGE_BUF_SIZE
(max overall length of a formatted message)
So, in your case, 2K characters was probably the limit you've hit.
Technically, you can raise them by rebuilding yourself with the correct -D...
flags. So far, the use case for even longer log messages has not been presented/suggested, but now that you mention it, I can't really recall a reason for it being statically defined instead of being configurable in the config file, except maybe needing to take care of fewer dynamic memory allocations.
What's the actual use case here, what is generating these large base64-encoded command line arguments?
from snoopy.
Hey sorry for the late response, the use case here was that a CTF challenge was running a script base64 encoded script so I was only able to read part of it because of the length limits. It would definitely be useful to be able to configure this via snoopy's config file.
from snoopy.
Let me think about this.
from snoopy.
cool, would really be nice to have the config option for this
from snoopy.
@fsacer, I am thinking about having:
- Two configurable values in the config file, one for per-datasource max result length, and the other for the max overall message length.
- Two maximum limits for the above, that can't be increased from the config file. The intention here is to protect the system from unintended excessive resource consumption, and changing these will require a rebuild from sources.
What would be your idea of the maximum limits mentioned above? Or, maybe a bit simpler way of putting it - what is the absolute max message length that you're expecting to see in your use case?
from snoopy.
Based on this issue microsoft/azure-pipelines-tasks#6509 I am thinking 100k could be a good fail-safe maximum, the default limit could stay at 2k or changed to 8k like in cmd.exe.
from snoopy.
Alright, this just landed in master
. @fsacer, would you be kind enough to try it out before I release it in a stable version?
Note to self - I should probably add a few more functional tests, to make sure the new configurable limits are really applied as intended.
PS: I thought this was going to be a relatively small change, but I didn't realise at the time just how ingrained in the codebase the static message limit definitions have became over time.
from snoopy.
hey thanks, I will try to test it out when I play the next challenge, will update here
from snoopy.
Related Issues (20)
- Enable thread safety by default (starting with 2.5.0)
- add date for ouput filename HOT 3
- object '/lib/x86_64-linux-gnu/libsnoopy.so' from /etc/ld.so.preload cannot be preloaded HOT 4
- Iron out cross compilation issues HOT 3
- some commands can't be recorded HOT 2
- Snoopy ignores config under /etc/ (building from source) HOT 3
- Ubuntu 18.04.6 LTS install error HOT 8
- exclude_spawns_of not working as expected HOT 10
- Build issue on the mips platform HOT 3
- i686 builds of snoopy HOT 2
- Nice idea - didn't work HOT 2
- Test case failed - cli/cli-action-conf.sh HOT 4
- segfault when ls /a/b/c/* HOT 2
- How to get only user typing commands HOT 3
- snoopy for chroot HOT 3
- Install in cloud-init or using shell script HOT 3
- Loading dynamic libraries causes core dump HOT 1
- `ERROR: Closing data source tag` in filename of datetime output HOT 2
- Why Snoopy don't log by default non-root user commands ? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from snoopy.