suricata

Commit Graph

Author	SHA1	Message	Date
Jeff Lucovsky	3286c3b912	detect/pcre: Use local match variables pcre2 is not thread-safe wrt match objects so use locally scoped objects. Issue: 4797	2 years ago
Victor Julien	27aa35cd5b	detect/base64_decode: use local pcre2_match_data	2 years ago
Victor Julien	af87b105dd	detect/base64_decode: remove obsolete test; test cleanups	2 years ago
Victor Julien	0eed8cefdf	detect/base64_decode: remove obsolete debug code	2 years ago
Victor Julien	b31ffde6f4	output: remove error codes from output	3 years ago
Shivani Bhardwaj	dad52f133d	base64: add new mode as per RFC 4648 As per RFC 4648, Implementations MUST reject the encoded data if it contains characters outside the base alphabet when interpreting base-encoded data, unless the specification referring to this document explicitly states otherwise. Add a new mode BASE64_MODE_RFC4648, and handle input strictly as per the specification. Bug 5223	3 years ago
Victor Julien	9fa0033966	detect: reduce datatype scope for various keywords	3 years ago
Victor Julien	08e349a8bb	detect: update copyright years	3 years ago
Philippe Antoine	02f2602dde	src: rework includes as per cppclean	3 years ago
Shivani Bhardwaj	5b27619778	base64: make decoder handle decoded data space constraints So far, it was the job of caller to send the bae64 decoder a perfect block of data and take care of the destination buffer (decoded data) size. Now, make it the decoder's job to take care of any space constraints that the destination buffer may have and return accordingly. Also, handle space characters in base64 encoded data as per RFC 2045. Update MIME parser accordingly to handle the base64 data. Ticket: 5315	3 years ago
Shivani Bhardwaj	9131d1d857	base64: add Base64Mode enum	3 years ago
Philippe Antoine	23fb139e00	detect: do not upgrade base64 decode when fuzzing As fuzzing will put a very big value, and then ThreadCtxDoInit will try to allocate it, ending in out of memory	4 years ago
Philippe Antoine	3de99a214c	pcre2: migrate keywords parsing	4 years ago
Victor Julien	6ab323d323	detect: hide RegisterTests behind ifdef UNITTESTS Update all callers to more aggressively use UNITTESTS guards as well.	5 years ago
Victor Julien	26bcc97515	detect/keywords: dynamic version part of doc URL	5 years ago
Jeff Lucovsky	d3a65fe156	detect: Provide `de_ctx` to free functions This commit makes sure that the `DetectEngineCtx *` is available to each detector's "free" function.	5 years ago
Shivani Bhardwaj	0e4f261224	Use StringParse* for all parsers and configurations	5 years ago
Jeff Lucovsky	7f6af10fed	general: copyright bump	5 years ago
Jeff Lucovsky	4b0085b03c	detect: Update to take advantage of PCRE refactor This commit changes the keyword detectors to use the refactored PCRE modifications from detect-parse.[ch]	5 years ago
Eric Leblond	2d11e9394c	detect-base64: fix url in list keywords commands	6 years ago
Victor Julien	579cc9f02b	const: constify decoder, app-layer, detect funcs	6 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	8 years ago
Victor Julien	dfac5276b8	detect: remove unused SIGMATCH_PAYLOAD flag	9 years ago
Victor Julien	e7d5e845c7	http_header / http_raw_header: dynamic buffers	9 years ago
Victor Julien	779d40cedf	detect: remove hardcoded sm_list logic from setup Introduce utility functions to aid this.	9 years ago
Victor Julien	f370e88135	detect: move init only Signature members to init_data	9 years ago
Victor Julien	8edc954e82	detect: get rid of Signature::sm_lists Instead use the lists in init_data during setup and the SigMatchData arrays during runtime.	9 years ago
Victor Julien	bd456076a8	detect: pass SigMatchData to inspect functions	9 years ago
Victor Julien	bfd4bc8233	detect: constify Signature/SigMatch use at runtime	9 years ago
Eric Leblond	a2e2f50fb9	documentation: fix list keywords URLs Update URLs in keyword definition to point to sphinx documentation.	9 years ago
maxtors	9d3fd82849	Removed duplicate include statements.	9 years ago
Victor Julien	e67ae0f174	detect keywords: use parse regex util func	9 years ago
Jason Ish	796dd5223b	tests: no longer necessary to provide successful return code 1 pass, 0 is fail.	9 years ago
Victor Julien	c858bfea4a	base64_decode: fix potential keyword parsing issue (CID 1340064)	10 years ago
Jason Ish	6b15686fd1	base64_decode, base64_data: decode and match base64	10 years ago

35 Commits (3b1558946dff9e0466910273c2588e3071d19cb5)