aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,627 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '31a96d5a79'
${ noResults }
Commit Graph

7627 Commits (31a96d5a79c91fca3cae88351ab04d87fe30ce9c)
 

Author SHA1 Message Date
Jason Ish dfbfb50f64 dns (tcp) - fix coverity cid 1374307 
CID 1374307 (#1 of 1): Dereference before null check (REVERSE_INULL)
check_after_deref: Null-checking dns_state suggests that it may be null,
but it has already been dereferenced on all paths leading to the check.
317    if (dns_state != NULL && f != NULL) {
318        dns_state->last_resp = f->lastts;
319    }
 8 years ago
Eric Leblond 5b1de57d73 detect-parse: simplify port prefiltering 
Regular expression was not matching some authorized setting like
"![1234, 1235]". This patch simplify the regexp to match on
possible character and let the port parsing code handle the
complete verification.
 8 years ago
Jason Ish b0de5ad1a8 dns: increment tx id when allocated during response 8 years ago
Victor Julien fe4e119278 common: improve BUG_ON 
When BUG_ON is a wrapper for assert(), we risk getting rid of certain
code lines. Assert is a no-op when NDEBUG is defined.

This patch defines an alternate path for BUG_ON that exits after
printing an error.

Bug #2003.
 8 years ago
Andreas Herz 98e8b13bf0 decode-icmpv6: add missing types 
There have been some ICMPv6 types missing within the DecodeICMPV6 that
are added by this commit and the code check is adjusted to always use
the DEFINE.
 8 years ago
Jason Ish bcdbd12839 dns (tcp): register a to_client (response) probing parser 
Just a minimal parser to make sure the data contains at
least a header.
 8 years ago
Jason Ish c35c18a797 app-layer: support to server and to client probing parsers 
When registering a probing parser allow to_server and
to_client parsers to be registered. Previously the
probing parser may be called for both directions which
in some cases works OK, but in others can cause
the to_client side to be detected as failed.
 8 years ago
Victor Julien 586774203f redis: support for all output types 8 years ago
Victor Julien 2820ed332e redis: use 'binary' notation for output 8 years ago
Victor Julien df28c1ac6e common: add WARN_UNUSED macro 8 years ago
Victor Julien 8c65d45d55 detect: remove dead code 8 years ago
Eric Leblond 63a3b84127 util-magic: fix build when magic is not available 
If HAVE_MAGIC is not defined then we don't have the test functions
so we can't register them.
 8 years ago
Victor Julien bc38cd5932 doc: initial xbits documentation 8 years ago
Victor Julien cb08f02140 xbits: clean up parsing and tests 8 years ago
Jason Ish 27ec811187 pcap-log: fix memory leak during initialization of ring buffer 
A free was missing when files are removed during initialization
of the ring buffer.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/1985
 8 years ago
Eric Leblond 9f6b58747b smtp: commands and replies are not case sensitive 
RFC states that "Commands and replies are not case sensitive" and
patterns were registered to be case sensitive. So this patch fixes
a trivial evasion of SMTP signatures.
 8 years ago
Mats Klepsland ffcb4ad232 tls: fix tls_cert_subject prefilter bug 
If check in prefilter was checking that issuer was non-NULL, when
it in fact should be checking subject.
 8 years ago
Mats Klepsland 10c93221fa tls: increase max number of tls records per packet 
Tls packets may contain several records. This increase the number
of allowed records per packet from 30 to 255, and adds a new and
more informative decoder event when this limit is reached.
 8 years ago
Mats Klepsland 554065189c tls: don't trigger decoder event on no extensions in CLIENT_HELLO 
No extensions are allowed in <TLSv.1.2, so don't trigger SURICATA
TLS handshake invalid length decoder event when no extensions are
specified in CLIENT HELLO.
 8 years ago
Victor Julien 810e43f373 magic: make optional 
Make libmagic optional. If installed it will be enabled by default in
configure. Use --disable-libmagic to disable.
 8 years ago
Jason Ish 79a3c6c7b1 log-pcap: use a snaplen of 262144 instead of -1. 
Newer versions of libpcap will not open pcap files with a
snaplen of -1, instead use the current maximum value of
262144.

Issue:
https://redmine.openinfosecfoundation.org/issues/1987
 8 years ago
Victor Julien 41074a87a0 doc: DNP3 support is now available 8 years ago
Victor Julien a44b612a41 hostbits/xbits: free hostbit 
Fix memory leak. Hostbits were not actually freed.

Bug #1975.
 8 years ago
Victor Julien 579d6d3ff7 http: allow lower/mixed case in proto detect 
In HTTP detection registered patterns were upper case only. Since the
detection is based on both sides this would still work for sessions
where one of the talkers misbehaved. If both sides misbehave this
would fail however, so this patch introduces case insensive matching.
 8 years ago
Jason Ish 94bc7e5f5f travis: use a build matrix and add additional builds 
The following builds were added:
- linux, clang with -Wshadow
- linux w/ profiling
- linux w/ debug
- linux w/ no-json support

Removes the extra OS X build.

Travis file was reworked signficantly for readabilty.
 8 years ago
Jason Ish 92885d6960 profiling: fix shadow error 
Local variable store was shadowing variable in function
definition.
 8 years ago
Victor Julien abbc0f76eb unix-socket: clean up path handling 
Create/check socket path in a single place. Don't use dynamic
memory allocation.
 8 years ago
Victor Julien c5e550b10d unix-socket: create socket directory if possible 
Create the socket directory in the default case.

Since we're doing stat+mkdir indicate to Coverity not to worry about
the toctou case.
 8 years ago
Victor Julien 3f741e450b unix-socket: be more specific about problems 8 years ago
Victor Julien 9368013645 unix-socket: don't error out on unix socket failure 
If --init-errors-fatal is specified do error out.

Bug https://redmine.openinfosecfoundation.org/issues/1973
 8 years ago
Victor Julien 7db3172479 Update Changelog for 3.2 release 8 years ago
Jason Ish 2ce95babd6 dnp3: use _ in keyword names instead of "." 
dnp3.ind -> dnp3_ind
dnp3.func -> dnp3_func
dnp3.obj -> dnp3_obj

The variations with a "." are now aliases.
 8 years ago
Victor Julien ab8faefd37 af-packet: fix fanout support on Debian Jessie 
Debian Jessie with kernel 3.16 would not accept the 'id' of 99 used
in the test. Id 1 does work.
 8 years ago
Alexander Gozman e492f0dc89 Fix port parsing in config file, added one more corresponding test. 
Some examples from wiki caused parsing errors.
For example, "[1:80,![2,4]]" was treated as a mistake.

Also fixed loop detection in variables declaration. For example,
'A: "HOME_NET, !$HOME_NET"' resulted in parsing error.
 8 years ago
Victor Julien 8b8426934f qa: only run cocci tests on one linux builder 8 years ago
Jason Ish 51f5ce6563 travis: macos support 8 years ago
Jason Ish ba6a1aa73e unittest-helper: fix format string compiler warnings 8 years ago
Jason Ish 4aceaf9fcd detect-stream_size: fix format string compiler warnings 8 years ago
Jason Ish c0377a9870 stream-tcp: fix format string compiler warnings 8 years ago
Jason Ish 5c80a3edf7 modbus: fix format string compiler warnings 8 years ago
Jason Ish 53a8c75385 dnp3: rename "index" variables to "point_index" 
Gcc 4.6 will warning with -Wshadow for a local variable
named "index" as <strings.h> has a function named "index".

Newer versions of gcc handle this case.
 8 years ago
Jason Ish 2a0bb108d0 dnp3-gen: rename index variable to point_index 
Gcc 4.6 will warning with -Wshadow for a local variable
named "index" as <strings.h> has a function named "index".

Newer versions of gcc handle this case.
 8 years ago
Victor Julien 4d8e9ae665 qa: add -Wshadow to appveyor builds 8 years ago
Victor Julien b4ac048b41 proto detect: fix -Wshadow warning 8 years ago
Victor Julien 07e1e3e02a dcerpc: fix -Wshadow warnings 8 years ago
Victor Julien 783d2991e5 commandline: fix -Wshadow warnings 8 years ago
Victor Julien 66c213f30c detect-address: fix -Wshadow warnings 8 years ago
Victor Julien 9a20335b6d asn1: fix -Wshadow warnings 8 years ago
Victor Julien dab51144af asn1: modernize test 8 years ago
Victor Julien 613174e9ce yaml: fix tests for -Wshadow 8 years ago