aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,193 Commits
7 Branches
155 Tags
204 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '05bca0b6fb'
${ noResults }
Commit Graph

13193 Commits (05bca0b6fb61a406ac90e2a962995b49a7e6a274)
 

Author SHA1 Message Date
Victor Julien 5c76f787f9 streaming/buffer: add debug validation for 'impossible' condition 3 years ago
Victor Julien 79f0f2fde4 app-layer: make registration structure more compact 3 years ago
Victor Julien a57010d72d htp: minor format string fixes 3 years ago
Victor Julien 24d231315b datasets: constify some function args 3 years ago
Victor Julien 3444aec724 time: reduce scope of static string 3 years ago
Victor Julien 80124152c6 threshold: constify detect engine arg 3 years ago
Victor Julien 18e4e032db thash: reduce scope for var; suggested by cppcheck 3 years ago
Victor Julien 55de18c675 spm: constify badchars; suggested by cppcheck 3 years ago
Victor Julien 99f212bc8c radix: small cppcheck suggested cleanup 3 years ago
Victor Julien 750fed2101 packetpool: minor cleanup 3 years ago
Victor Julien 7b592076ff stream: minor code cleanups suggested by cppcheck 3 years ago
Victor Julien 65f54024d3 defrag: minor code cleanups suggested by cppcheck 3 years ago
Victor Julien 404face284 output/flow: no double var init 3 years ago
Victor Julien f9a5ceb0d8 smtp: minor code cleanup 3 years ago
Victor Julien a5df176956 app-layer: minor code cleanups suggested by cppcheck 3 years ago
Victor Julien 4403e7fe8e app-layer/expectation: reduce scope and init vars 3 years ago
Victor Julien 6c3222dee6 ftp: code clarifications 
src/app-layer-ftp.c:945:49: style: Parameter 'ftp_state' can be declared with const [constParameter]
static FTPTransaction *FTPGetOldestTx(FtpState *ftp_state, FTPTransaction *starttx)
                                                ^
 3 years ago
Victor Julien d484d0b45b util/byte: minor cleanup 3 years ago
Victor Julien 1957c46efc threads: remove usused code; wrap in guards 3 years ago
Victor Julien e593dda356 threads: remove unused function 3 years ago
Victor Julien b55c8909c3 unittests: wrap unittest registration in guards 3 years ago
Victor Julien 905050a053 app-layer/profiling: hide profiling code behind guards 3 years ago
Victor Julien 93050c26b3 app-layer/events: remove unused function 3 years ago
Victor Julien 893ba84c0e output/frames: fix eof var overwrite 3 years ago
Victor Julien 1282b179cc stream/reassembly: reduce scope of variable 3 years ago
Victor Julien 3f375fd444 stream/buffer: remove redundant check 3 years ago
Victor Julien 002b335b4a decode/checksums: constify pointer args 3 years ago
Victor Julien 350be6cbac detect/state: address cppcheck warnings 
src/detect-engine-state.c:127:91: style: Suspicious calculation. Please use parentheses to clarify the code. The code ''a&b?c:d'' should be written as either ''(a&b)?c:d'' or ''a&(b?c:d)''. [clarifyCalculation]
    DetectEngineStateDirection *dir_state = &state->dir_state[direction & STREAM_TOSERVER ? 0 : 1];
                                                                                          ^
src/detect-engine-state.c:194:53: style: Suspicious calculation. Please use parentheses to clarify the code. The code ''a&b?c:d'' should be written as either ''(a&b)?c:d'' or ''a&(b?c:d)''. [clarifyCalculation]
    de_state->dir_state[direction & STREAM_TOSERVER ? 0 : 1].filestore_cnt += file_no_match;
                                                    ^
src/detect-engine-state.c:201:57: style: Suspicious calculation. Please use parentheses to clarify the code. The code ''a&b?c:d'' should be written as either ''(a&b)?c:d'' or ''a&(b?c:d)''. [clarifyCalculation]
    if (de_state->dir_state[direction & STREAM_TOSERVER ? 0 : 1].filestore_cnt == sgh->filestore_cnt)
                                                        ^
 3 years ago
Victor Julien 4feb0529a4 detect/file: minor code cleanup 
Reduce scope where possible. Suggested by cppcheck.
 3 years ago
Victor Julien a535cc5a25 runmodes: fix more warnings 3 years ago
Victor Julien f0479987ff memcmp: no-simd no case loop can scan forward 3 years ago
Victor Julien 0fc7ba45aa memcmp: use SCMEMCMP_BYTES everywhere; general cleanups 3 years ago
Victor Julien 87c5d69437 memcmp: work around GCC 12+ 'blend' issues 
Since GCC 12 the memcmp code using `_mm_blendv_epi8` failed to work.
Inspection of the disassembled objects suggests that it simply omits
the instruction on systems that are not AVX512 capable. On AVX512
it does replace it with VPCMPB logic that appears to work.

Luckily our use of blend is actually uncessary. A simple AND is sufficient.

Bug: #5312.
 3 years ago
Victor Julien ca97ed4436 memcmp: remove unreachable code from memcmp simd 
cppcheck:

src/util-memcmp.h:281:18: warning: Identical condition 'len-offset<16', second condition is always false [identicalConditionAfterEarlyExit]
        if (diff < 16) {
                 ^
src/util-memcmp.h:280:24: note: 'diff' is assigned value 'len-offset' here.
        int diff = len - offset;
                       ^
src/util-memcmp.h:269:33: note: If condition 'len-offset<16' is true, the function will return/exit
        if (likely(len - offset < 16)) {
                                ^
src/util-memcmp.h:281:18: note: Testing identical condition 'len-offset<16'
        if (diff < 16) {
                 ^
src/util-memcmp.h:344:18: warning: Identical condition 'len-offset<16', second condition is always false [identicalConditionAfterEarlyExit]
        if (diff < 16) {
                 ^
src/util-memcmp.h:343:24: note: 'diff' is assigned value 'len-offset' here.
        int diff = len - offset;
                       ^
src/util-memcmp.h:318:33: note: If condition 'len-offset<16' is true, the function will return/exit
        if (likely(len - offset < 16)) {
                                ^
src/util-memcmp.h:344:18: note: Testing identical condition 'len-offset<16'
        if (diff < 16) {
                 ^
src/util-memcmp.h:171:18: warning: Identical condition 'len-offset<16', second condition is always false [identicalConditionAfterEarlyExit]
        if (diff < 16) {
                 ^
src/util-memcmp.h:170:24: note: 'diff' is assigned value 'len-offset' here.
        int diff = len - offset;
                       ^
src/util-memcmp.h:159:33: note: If condition 'len-offset<16' is true, the function will return/exit
        if (likely(len - offset < 16)) {
                                ^
src/util-memcmp.h:171:18: note: Testing identical condition 'len-offset<16'
        if (diff < 16) {
                 ^
src/util-memcmp.h:233:18: warning: Identical condition 'len-offset<16', second condition is always false [identicalConditionAfterEarlyExit]
        if (diff < 16) {
                 ^
src/util-memcmp.h:232:24: note: 'diff' is assigned value 'len-offset' here.
        int diff = len - offset;
                       ^
src/util-memcmp.h:208:33: note: If condition 'len-offset<16' is true, the function will return/exit
        if (likely(len - offset < 16)) {
                                ^
src/util-memcmp.h:233:18: note: Testing identical condition 'len-offset<16'
        if (diff < 16) {
                 ^
 3 years ago
Victor Julien 9bdf18a3b0 detect/iponly: fix debug compiler warning 3 years ago
Jason Ish dfe76bb905 dcerpc: convert transaction list to vecdeque 
Allows for more efficient removal from front of the list.

Ticket: #5271
 3 years ago
Jason Ish 8790968281 mqtt, rdp: fix copyright dates 3 years ago
Philippe Antoine c78722a671 rust: RustParser same fields as AppLayerParser 
So that there is no problem when crossing FFI
 3 years ago
Sascha Steinbiss af745e4cc4 configure.ac: handle undefined LEVEL1_DCACHE_LINESIZE 
On some platforms (riscv64, s390x) this value is "undefined" as returned
from getconf. We also need to handle this to avoid using the string
"undefined" blindly in further #defines.
 3 years ago
jason taylor d799956348 doc: add note about file.data and file_data 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor 83f2056d20 doc: update file_data to file.data keyword 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor cd54d0dbc8 doc: remove extra newline in order to match style 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor 38bd775ca0 doc: remove extraneous + characters 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
Victor Julien 07bf921451 ftp-data: fix direction for active mode commands 
Set correct direction for PORT mode, where the server connects
to the client.

The direction is not also strictly enforced. No data in the wrong
direction will be accepted to setup the file or to be added to the
file after setup.

This also fixes files getting closed twice.

Adds some general cleanups.

Bug: #3542.
 3 years ago
Sam Muhammed 323fe1c1ac nfs3/records: Fix typo 
Fix response_lookup unittest name
 3 years ago
Philippe Antoine 94bcba4ea3 template: convert GetTx to SCLogDebug 
as it is especially verbose for fuzzing
 3 years ago
Jason Ish cd42c33195 scripts/bundle: use git instead of tar.gz 
To better fit with our current CI processes, use git to clone the
suricata-update and libhtp dependencies.  The requirements.txt file has
been modified to take a repo URL and a `-b` command line option for tag
or branch.

For the master branch we will use the libhtp 0.5.x branch and the
suricata-update master branch.

Also allows for repo and branch names to be overrided with environment
variables:
- SU_REPO
- SU_BRANCH
- LIBHTP_REPO
- LIBHTP_BRANCH
 3 years ago
Philippe Antoine 73ed780095 decode: fix integer warnings 
Ticket: 4516
 3 years ago
Jason Ish 9645285dff ftp: truncate first segment if over max length 
The first segment was not limited to the configured maximum line length
allowing it to be up to 65k. This could result in the next input length
being negative, which while handled properly by the code, did trigger a
debug validation assertion.

The fix is to be consistent and apply the limit to the first segment as
well, which does ensure the input_len could never be less than 0.

Ticket #5281
 3 years ago
Jason Ish b8b6a17a5b dns: add pdu frame 
Adds a PDU frame to the DNS parser. For UDP this is the DNS payload
portion of the DNS packet, for TCP this is the payload minus the leading
legth field.

Ticket: 4984
 3 years ago