aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,444 Commits
8 Branches
154 Tags
166 MiB
dependabot/github_actions/github/codeql-action-3.26.13
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '189b521239'
${ noResults }
Commit Graph

8444 Commits (189b521239a2be4da2da833f9fd5b2474e4a9464)
 

Author SHA1 Message Date
Wolfgang Hotwagner 2e27a5df6b conf: fix NULL-pointer dereference in ParseSizeString 
If someone accidently writes invalid characters in some parts of the suricata.yaml-configfile, the size-parameter of the ParseSizeString-function becomes NULL and gets dereferenced. Suricata crashes with SEGV. This commit fixes Ticket #2274

The following config value leads to a Segfault:
app-layer.protocols.smtp.inspected-tracker.content-inspect-window: *4096
 7 years ago
jason taylor f3fea60bae updated links to suricata.readthedocs.io 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 7 years ago
Victor Julien 664f826f8d detect/dns: fix misdetection on dns_query on udp 
If 'raw' content patterns were used in a dns_query rule, the raw
patterns would only be evaluated for TCP, but not for UDP.

This patch adds the inspection for UDP as well.

Bug #2263.
 7 years ago
Peter Manev 7d032e26f1 valgrind: suppressions for NIC offloading calls 7 years ago
Victor Julien ceec247db1 detect/profile: minor fixes 7 years ago
Victor Julien 8fc82408b7 install: use up to date url for 'make install-full' 7 years ago
Jason Ish 749fa014d1 travis: allow rust-stable build to fail 7 years ago
Jason Ish 303238586c travis: rust 1.21.0 build 7 years ago
Jason Ish 288d2ce3e9 travis: do make distcheck on Rust 1.15.0 build 7 years ago
Victor Julien 0f65257a50 detect: don't register http_*_line twice 7 years ago
Victor Julien 65ac1f8224 detect: test for byte_extract/isdataat large values 7 years ago
Victor Julien 77c39b20f8 detect: handle very large byte_extract'ed values in isdataat 7 years ago
Victor Julien 2413b81d10 detect: add unittest for byte_extract/isdataat 7 years ago
Victor Julien 68ddea0b26 detect: implement byte_extract support for isdataat 7 years ago
Victor Julien 862780c7c3 detect: add debug statements for byte_extract/isdataat 7 years ago
Victor Julien fbf097bbe4 detect-asn1: fix memory leak in error path 7 years ago
Victor Julien 1729ab7d94 detect: fix port parsing memory leak 
Leak in error path as seen by scan-build:

  CC       detect-engine-port.o
detect-engine-port.c:1083:13: warning: Potential leak of memory pointed to by 'temp_rule_var_port'
    return -1;
            ^
 7 years ago
Victor Julien 319a6f48ff detect-id: clean up to suppress minor coverity warning 7 years ago
Victor Julien 97cb5d3973 redis: suppress minor coverity warning 7 years ago
Victor Julien d5f7acd860 decoder: implement IEEE802.1AH 7 years ago
Victor Julien 7fb58e6783 random: fix random logic with getrandom 
The older random functions returned random values in the range of
0 - RAND_MAX. This is what the http randomize code was expecting.

Newer methods, based on getrandom (or probably Windows too), return
a much large range of values, including negative values and >RAND_MAX.

This patch adds a wrapper to turn the returned value into the expected
range before using it in the http code.

The same is true for the stream engine.
 7 years ago
Victor Julien 9b94679fce random: support getrandom(2) if available 
Ticket: #2193
 7 years ago
Victor Julien cf0a28bc6a napatech: fix minor memleak in error path 7 years ago
Victor Julien 72dd663e00 yaml: print errors if integers are invalid 7 years ago
Victor Julien b56c0b524b detect: error out on invalid detect.profile option 
Bug #891.
 7 years ago
Victor Julien 3e868188e6 yaml: add 'append' to stats-log entry 
Bug #798
 7 years ago
Victor Julien 207595396e changelog: update for 4.0.1 release 7 years ago
Jason Ish 7eead7dfbc autotools: fix distcheck with rust enabled 7 years ago
Sascha Steinbiss d9c7f9bb17 stats: use unshortened interface names in counters 7 years ago
Sascha Steinbiss 4d25593b4a json: skip over double dots in output tokenizing 
Interface name shortening introduces double periods ('..') as spacers,
which cause issues during JSON stats serialization as there '.'
characters are also used as separators to define nesting of the JSON
output. This commit makes sure that '..' are skipped during tokenizing.
Fixes Redmine bug #2208.
 7 years ago
Victor Julien d9e5dfa1f0 rust/file: improve truncation handling 7 years ago
qiangbei ce0fb39219 detect/state: fix offset mask logic 
changed 0xef to 0x7f
 7 years ago
Victor Julien 78486b1979 runmodes: fix 'threads' option parsing 
Don't cast int to uint8_t for no reason. Add warning that upper
limit for threads is 1024.

Small code cleanups.

Bug: #2228
 7 years ago
Victor Julien 3f6fbf94db output: harden output deinit 
If thread setup fails allow output deinit code to be called with
NULL data without crashing.
 7 years ago
Victor Julien 2577a64e44 stream: improve error handling of ssn/segment pools 
With large number of threads the default memcaps lead to pool setup
failures. Make sure these are reported properly so that the user
knows what is going on.

Bug: #2226
 7 years ago
Victor Julien e023ce9aad rust/dns: fix new warning in rustc 1.21 7 years ago
Victor Julien fd38e5e82b rust/nfs: fix new warnings in rustc 1.21 7 years ago
Victor Julien 1180687574 doc/file_data: add note on negated matching 
Explain issue #2216 and how to avoid it.
 7 years ago
Victor Julien 456af8faa8 doc/napatech: formatting fixes 7 years ago
Victor Julien e7428b321d profiling: fix app-layer profiling and csv output 7 years ago
Victor Julien 62b8431fdd debug: free pcre memory used for output filtering 7 years ago
Victor Julien c0d8def0e5 tls: don't set event on small input data 
On very small data the max loop count could be 0. Make sure
it's always at least 1.
 7 years ago
Eric Leblond 7ee989a3ab prscript: update urls to use OISF repo 7 years ago
Jason Ish eb5193c5b4 travis: hook check-setup.sh into the build 
Only do it for one build, for now use the one that also
enables Rust.
 7 years ago
Jason Ish 40a1a972d6 template: script to check the setup scripts 
This script applies the setup scripts one by one followed
by a make distcheck.
 7 years ago
Jason Ish d1ac839333 template scripts: allow to be called from top or src 
Allow the template setup script to be called from the top source
directory or from ./src to unify where they can be executed
from.
 7 years ago
Jason Ish ea2ef1b51a templates: rename scripts to use - instead of _ 
Use "-" consistently instead of a mix of - and _.

setup_decoder.sh -> setup-decoder.sh
setup_simple_detect.sh -> setup-simple-detect.sh
 7 years ago
Victor Julien 21231fd198 github: codeowners syntax fixes 7 years ago
Victor Julien cfed351149 github: add codeowners file 
Initial version.

See https://help.github.com/articles/about-codeowners/
 7 years ago
Victor Julien 499afaba4b template: fix decoder setup script 7 years ago