[Bro-Commits] [git/bro] topic/seth/syslog-analyzer-updates: Handling binpac parsing failures in syslog analyzer. (5e95092)

- interp->NewData(orig, data, data + len);
+ try
+ {
+ interp->NewData(orig, data, data + len);
+ }
+ catch ( const binpac::Exception& e )
+ {
+ ProtocolViolation(fmt("Syslog analyzer BinPAC exception: %s", e.c_msg()));
+ }

You might want to omit adding the e.c_msg() to the ProtocolViolation(). Especially for the syslog analyzer that often a dump of the packet contents that caused the parse error and it's generally not really useful (*).

(If you want to keep it for debugging, I would do an ifdef and print through a weird or such)

(*) That's how I found the format string bug in Reporter.cc