suricata

Commit Graph

Author	SHA1	Message	Date
Mats Klepsland	03cda74b95	util-decode-der: decode GeneralizedTime Decode ASN.1 element type GeneralizedTime in DER-encoded structures.	9 years ago
Mats Klepsland	45d87d66c0	afl: add support for AFL PERSISTANT_MODE Add support for AFL PERSISTANT_MODE when Suricata is compiled with a supported compiler (only afl-clang-fast for now). This gives a ~10x performance boost when fuzzing.	10 years ago
Mats Klepsland	8111eb934f	QA: add --afl-der=<file> Expose SSL/TLS certificate decoding (DER) to commandline using --afl-der=<file>.	10 years ago
Mats Klepsland	c2f0f82bb4	util-decode-der: fix hang detected by AFL Fix hang that occurs when child->length is zero, resulting in an endless loop.	10 years ago
Mats Klepsland	a985b450e3	util-decode-der: code cleanup	10 years ago
Mats Klepsland	f9ac42b36f	util-decode-der: fix NULL dereference bug Make sure that the length is not longer than the size of the buffer provided.	10 years ago
Mats Klepsland	c0dd911591	util-decode-der: fix heap-buffer-overflow	10 years ago
Victor Julien	2fbfd6efcc	DER decoder: don't use strlcpy on non-strings	10 years ago
Pierre Chifflier	fa73a0bb8f	Fix possible wrap in uint32_t addition in DER parser Signed-off-by: Pierre Chifflier <pierre.chifflier@ssi.gouv.fr>	10 years ago
Victor Julien	b605ee6fb2	DER decoding: fix potential memory leak This would only happen in memory failure conditions. util-decode-der.c:634:27: warning: Potential leak of memory pointed to by 'child' return (Asn1Generic *)node;	12 years ago
Victor Julien	472e061c6d	build: more checking for includes	13 years ago
Victor Julien	f9cde717e7	Use SCFree instead of free in DER decoder.	13 years ago
Pierre Chifflier	d866f38982	TLS: add variable to store the error code in the decoder Use a variable to store the decoding error code if required, and remove the calls to SCLogInfo and SCLogDebug.	14 years ago
Eric Leblond	a9bb17e097	tls-handshake: add sanity checks.	14 years ago
Eric Leblond	01c7e5bde6	tls-handshake: Add some missing free in error handling. When DecodeAsn1BuildValue function fails, it may be necessary to do some clean-up in the calling functions.	14 years ago
Eric Leblond	480db00fd7	tls-handshake: DecodeAsn1BuildValue should return -1 for error This patch modifies DecodeAsn1BuildValue to have it return -1 when there is a too big number of bytes announced in the ASN.1 message.	14 years ago
Eric Leblond	8f885ce810	TLS parser: add sanity checks on loop It was possible in some loop to read data placed after the buffer resulting in invalid/unpredictable value. This patch fixes two of this issues.	14 years ago
Eric Leblond	cb1a75fc9e	TLS parser: modify OCTETSTRING This patch does on over allocation of 1 for the OCTETSTRING to be able to add a 0 at the end. This will then allow us to use the string in printf.	14 years ago
Pierre Chifflier	5a65a17f00	TLS parser: add handing of UTF8STRING Some certificate contains UTF8STRING which is a subset of OCTETSTRING. This patch adds support for this type of string.	14 years ago
Eric Leblond	afba81bb27	decode ASN.1: Factorize value reading This patch factorizes the reading of integer value and fix some indentation. By convention, a value of 0xffffffff is returned if the size of the integer is too big. In this case, the hexadecimal value (which is also read) must be used.	14 years ago
Pierre Chifflier	f77fcdb3e8	Add ASN.1 parser for X509 certificates (in DER format) Signed-off-by: Pierre Chifflier <pierre.chifflier@ssi.gouv.fr>	14 years ago

21 Commits (03cda74b953258e10d0f2780e8f2d2d45d2f7f90)