suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	00d4ba5c9c	dcerpc: improve stub buffer handling Stub data buffer could grow without limit depending on traffic. This patch improves the handling. It honors the 'last frag' setting and implements a hard limit of 1MB per buffer. Bug #2186	8 years ago
Victor Julien	cd0fb1ab1a	dcerpc: cleanup, remove unused field	8 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	8 years ago
Jason Ish	dddd2d06f6	dcerpc: cleanup list handling	10 years ago
Victor Julien	f1ea68e316	Store the first frag flag in the uuid as the pfc_flags field is overwritten. Part of fixing #206 .	15 years ago
Anoop Saldanha	fc37e9d6ee	add internal ids to uuids. Use these internal ids to match uuids from bind and bind_ack. Create a new uuid list to hold all accepted uuids. Modifications to dce-iface to accomodate these changes as well + unittests	15 years ago
Anoop Saldanha	ba9355d688	Flag if we see a fragged pdu. Do not reset dce stub buffer, if we are dealing with fragmented pdus(holds good only for first frag request pdus). Also reset the dce state vars on seeing an invalid PDU. Some minor fixes with respect to endianess as well.	15 years ago
Victor Julien	f081577fe4	Revert yesterday's dcerpc commits as there were to many corner cases for it to go into 1.0.1.	15 years ago
Anoop Saldanha	8c774a1e2a	fix 206. Keep a count of uuids that don't belong to the first frag. Change dce_iface to match against uuids based on any_frag setting	15 years ago
Anoop Saldanha	c7fdc5ebda	do not reset dce stub buffer, if we are dealing with fragmented pdus(holds good only for first frag request pdus)	15 years ago
Kirby Kuehl	e8ecc94d6a	fix multiple dcerpc fragments in one packet	15 years ago
Victor Julien	8615e87623	Fix dcerpc unittest, add comments.	15 years ago
Kirby Kuehl	c3b9305259	dcerpc udp support	15 years ago
Anoop Saldanha	015385c6bd	changes to the dce parser stub data processed var. changed to stub data fresh var to indicate if the stub is fresh or not	15 years ago
Anoop Saldanha	98433f407c	dce rpc stub data held in separate buffers for request and response pdus	15 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	15 years ago
root	73c6fb16ba	Return 0 instead of -1 when SMB and DCERPC encounter non fatal errors to clean up errors emitted in AppLayerParse.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	e6ba571c0b	Rename structures that don't adhere to our naming conventions.	16 years ago
Victor Julien	449205cfeb	Remove wrong copyright info, cleanup headers.	16 years ago
Kirby Kuehl	afb08d388d	make sure we have input_len	16 years ago
Kirby Kuehl	bea30a6db6	bug 88 validate dcerpc header	16 years ago
Kirby Kuehl	a8c3718b56	signed unsigned comparision fix for 64 bit	16 years ago
Kirby Kuehl	957b43b3d6	signed unsigned comparision cleanup	16 years ago
Kirby Kuehl	298bf4cc88	dcerpc over smb for transact	16 years ago
Kirby Kuehl	008de4321b	refactor dcerpc in prep for dcerpc over smb	16 years ago

26 Commits (12c350f77d3c7a1a7d57d1abb76ea4f3584bce45)