aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,620 Commits
12 Branches
155 Tags
192 MiB
dependabot/github_actions/actions/upload-artifact-4.6.1
dependabot/github_actions/codecov/codecov-action-5.4.0
dependabot/github_actions/github/codeql-action-3.28.10
dependabot/github_actions/actions/download-artifact-4.1.9
dependabot/github_actions/ossf/scorecard-action-2.4.1
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '606750f2a0'
${ noResults }
Commit Graph

11620 Commits (606750f2a0fc341d2ff68c5f874b27735753ddc9)
 

Author SHA1 Message Date
Jason Ish e71f2b22fa doc: add removal of individual json loggers 
Add link to multiple eve instances as a replacement for this
feature.
 5 years ago
Philippe Antoine 9b5c923327 http: disables lzma by default for HTTP 5 years ago
Philippe Antoine 6694737fcf http2: settings from http1 upgrade 5 years ago
Philippe Antoine 7011bddf84 http2: mimic HTTP1 request from upgrade 5 years ago
Philippe Antoine 9d1b030ff0 http2: first connection upgrade from http1 5 years ago
Philippe Antoine 9185a90fc9 dnp3: fix unit tests when fuzzing 5 years ago
Philippe Antoine 82f1758573 applayer: keep running detection on protocol change 
ie do not stop on first try if we do not have enough data
 5 years ago
Philippe Antoine 21e741795d applayer: on protocol change, use previous state 5 years ago
Philippe Antoine 828ff2dc3c http: removal of connect unit tests 
moved to suricata-verify
 5 years ago
Philippe Antoine 547d6c2d78 applayer: pass parameter to StateAlloc 
This parameter is NULL or the pointer to the previous state
for the previous protocol in the case of a protocol change,
for instance from HTTP1 to HTTP2

This way, the new protocol can use the old protocol context.
For instance, HTTP2 mimicks the HTTP1 request, to have a HTTP2
transaction with both request and response
 5 years ago
Sascha Steinbiss ed9fed4958 mqtt: add some extra tests for varint parsing 5 years ago
Philippe Antoine 1a88df7e88 http2: handles incomplete frames after banner 
To signal incomplete data, we must return the number of
consumed bytes. When we get a banner and some records, we have
to take into account the number of bytes already consumed by
the banner parsing before reaching an incomplete record.
 5 years ago
Philippe Antoine 7ab9a01db2 mqtt: limit size of variable integer 5 years ago
Jason Ish c4d0a61eca datasets: fix dataset load path construction 
Test the full path instead of just the filename provided in the
rule to see if it exists.

Fixes the case where a rule file is loaded from a directory
other than the default-rule-directory.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3916
 5 years ago
Philippe Antoine e3b28bcf2a http2: returns error in case of index 0 
As is documented in RFC 7541, section 6.1
The index value of 0 is not used.  It MUST be treated as a decoding
error if found in an indexed header field representation.
 5 years ago
Philippe Antoine 9788b2ec8d signature: frees transform options in SigMatchPrepare 5 years ago
Philippe Antoine 1674239442 detect: checks for overflow when comparing signatures priorities 5 years ago
Victor Julien abca451901 flow: suppress Coverity FP 5 years ago
Victor Julien 204302cbac flow: minor code cleanup 5 years ago
Victor Julien 42ce297e0e flow: turn BUG_ON into debug check 5 years ago
Eric Leblond 6494abc6b1 ebpf: fix invalid description in doc string 5 years ago
Victor Julien e1ecb7dc41 doc/datasets: explain reloads, general improvements 5 years ago
Victor Julien 6492fe0841 detect/app-layer-events: improve warnings/errors 
Improve handling of outdated events that are no longer supported by the engine.
 5 years ago
Eric Leblond 48c30efd34 prscript: port to python 3 5 years ago
Victor Julien 8cd82486e2 flow/bypass: don't bypass on flow timeout pseudo packets 5 years ago
Jason Ish cc2c7b731a rule parsing: valid that input rule string is UTF8 
Before parsing a rule string, validate that it is UTF-8 first.

Related Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3850
 5 years ago
Jason Ish e9fec043b5 rust/util: expose function to test strings for valid UTF-8 
rs_check_utf8 will check that the provided string is valid
UTF-8 by converting it to a Rust string and returning true
or false.
 5 years ago
Jason Ish 583593aa1b http/eve: use set_string_from_bytes where appropriate 
The JsonBuilder set_string_from_bytes will escape unprintable
characters in the output stream. Using BytesToStringBuffer
can generate invalid UTF-8 which prevents the conversion from
a C string to a Rust string.
 5 years ago
Victor Julien d6cf4b3335 detect/dataset: error if set couldn't be fully loaded 5 years ago
Victor Julien 017c038bcb datasets: free old data when reusing a hash container 5 years ago
Jeff Lucovsky 00f77f9643 log: Log errors while writing log info 
This commit adds logic to log errors during output. Errors are logged
once and the number of errors is maintained.
 5 years ago
Jeff Lucovsky b9458adf8a log: Add log output error code 5 years ago
Jeff Lucovsky 6cdd87f5ad log: Use unlocked variants of stdio functions 
This commit uses the unlocked variants of additional stdio functions
 5 years ago
Jeff Lucovsky 3c91e14352 log: Add more stdio_unlocked macros 
This commit adds additional macros for interfaces in stdio_unlocked
according to their local availability.
 5 years ago
Victor Julien fa0b91b18f error: reformat enum 5 years ago
Victor Julien fbdc776525 app-layer: handle parser return code issues more gracefully 5 years ago
Victor Julien 5155982ba5 pcap: fix minor scan-build warnings 5 years ago
Victor Julien aac2b9dbb9 commandline: add static analyzer hint for -r parsing 5 years ago
Victor Julien 71297f575f commandline: minor formatting fixes 5 years ago
Jeff Lucovsky 9efb936697 general: Improve grammar in error messages 
This commit corrects a minor grammar issue in address/port error
messages.
 5 years ago
Victor Julien 57a611b429 decode/geneve: add config to yaml 5 years ago
Jason Ish 8b38db4a50 github-ci: apply default CFLAGS to all builds 5 years ago
Jason Ish 280ab65705 github-ci: add test build without jansson 
This is to cover a test from Travis CI where we make sure
that ./configure fails if libjansson is not available.
 5 years ago
Jason Ish cb963f8682 github-ci: update debian 9 test to use known Rust version 
Choose Rust 1.39.0 as a known version of Rust that we build against
to see in CI if we build with this version, but fail with latest.

This is to cover a similar test from Travis CI.
 5 years ago
Jason Ish b698f66c27 github-ci: enable debug on Fedora 32 build 5 years ago
Jason Ish 146a1ee1d7 github-ci: check that configure fails if rust to old 
Migration of similar test from Travis-CI.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3869
 5 years ago
Jason Ish 975b58c050 github-ci: Ubuntu 20.4 build with -NDEBUG 
To cover Travis-CI test that builds with -NDEBUG.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3869
 5 years ago
Jason Ish dfbd38e809 github-ci: ubuntu 20.04 build without nss/nspr 
Adds a test that builds and tests Suricata without nss/nspr
to replace the similar test on Travis-CI.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3869
 5 years ago
Jason Ish 1ec6307d9d github-ci: Fedora 32 builder with asan enabled 
Also enables -Wshadow and rust-strict to cover those cases
from Travis.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3868
 5 years ago
Ali Jad Khalil 6be08637c3 decode/teredo: Modified/refactored Teredo logic 
This is just a slight refactor to make analagous decoding/encapsulation
schemes - Geneve, Teredo, and VXLAN - be implemented as similarly as
possible.
 5 years ago