aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,787 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '717c271e58'
${ noResults }
Commit Graph

4787 Commits (717c271e58f09e560cd6274dba119f45ba014934)
 

Author SHA1 Message Date
Eric Leblond 58eb6428d1 suricata: ignore SIGHUP signal 
This patch ignores the SIGHUP signal instead of having the default
behavior.
 11 years ago
Ken Steele 3d81e50ab3 Check for compiler for -march=native support 
Check all compilers to see if they support the -march=native flags, rather
than assuming gcc 4.2 or later does. Tile GCC doesn't currently support it,
so not checking break Tile compiles.
 11 years ago
Victor Julien 4fdd1a7a71 Fix compilation on systems that use the fallback SC_ATOMIC_ API. 11 years ago
Victor Julien 01c440bf28 Add DrMemory suppression for Bug #980. Suppress useless (likely) buggy leak message too 11 years ago
Victor Julien 1509c9a2e6 Remove DrMemory suppressions for Bug #979, it is fixed. 11 years ago
Eric Leblond 5a7ad5b382 qa: prscript now output pastable line for PR. 11 years ago
Eric Leblond a597237aed coccinelle: fix malloc test 
We can have more than an identifier to be assigned the result of
a malloc function.
 11 years ago
Eric Leblond 6378db89f6 coccinelle: add option to continue on errors 
When a script has been updated or introduced, it is interesting to
detect all errors at once. With this patch it is now possible to
do so by using:
   NOT_TERMINAL=1 CONCURRENCY_LEVEL=12  qa/coccinelle/run_check.sh
 11 years ago
Eric Leblond 28c5c68192 error checking: add missing alloc error treatment 
The return of some malloc like functions was not treated in some
places of the code.
 11 years ago
Victor Julien f6e37dcc90 Bug 1061: fix multiple vars per sig in ordering 
In sigordering rules that had multiple vars doing the same operation,
like setting multiple flowbits, would not be considered correctly.

Bug 1061.
 11 years ago
Victor Julien b770fd2981 http header: improve realloc failure checking. Bug #1062. 11 years ago
Victor Julien 90cf8d4c6e port parsing: improve memory handling 11 years ago
Victor Julien b79b2fff25 cppcheck: add special BUG_ON so cppcheck understands we exit 11 years ago
Victor Julien d5db0cc033 port: don't lead memory on port parsing failure 
[src/detect-engine-port.c:1354]: (error) Memory leak: gh
 11 years ago
Victor Julien 435f99409f Fix small memleak in runmode setup 
[src/runmodes.c:338]: (error) Memory leak: custom_mode
 11 years ago
Victor Julien 86aad660a2 threading setup: fix small mem leak on failure 
[src/tm-threads.c:1058]: (error) Memory leak: slot
 11 years ago
Victor Julien b4631794a8 Fix realloc error handling in threshold.config file parsing. Bug #1062. 11 years ago
Victor Julien 35298a0146 Use %u for unsigned int in (console) output 11 years ago
Victor Julien a9d754c23d Use %u for unsigned ints in checksum warning 11 years ago
Victor Julien 76d3cb557b htp: minor cleanup to silence cppcheck warning 
[src/app-layer-htp.c:1967] -> [src/app-layer-htp.c:1978]: (warning) \
    Possible null pointer dereference: tx - otherwise it is redundant \
    to check it against null.
 11 years ago
Victor Julien 5ba898b738 cppcheck: don't use likely/unlikely when -DCPPCHECK is passed to the checker 11 years ago
Victor Julien b2c4a50e39 Fix small memory leak in classtype parsing 11 years ago
Victor Julien fe46c26e4e cppcheck: improve reporting cppcheck when passing -DCPPCHECK to the checker. 11 years ago
Victor Julien afb48cfcb5 log-http: fix error check leading to null-deref on malloc failure during setup 11 years ago
Victor Julien 4165bf8951 log-http: enforce hostname print limit 11 years ago
Victor Julien 1476db44d9 Convert Flow macros to inline functions 
Convert FlowReference and FlowDeReference to inline functions for
better readability and to aid static code analyzers.
 11 years ago
Victor Julien b4e6bbe4bc flowvar: initialize new memory to prevent issues on error handling 11 years ago
Victor Julien 0beb7ed781 pcap: fix stats dump logic 
pcap has a callback function that is called for each packet. Once a
second, it's meant to 'dump stats'. However, the timing logic was
broken, so it would actually dump stats for each packet.

By moving the stats second timer into the thread vars, next calls of
the callback will be able to use the stored time.
 11 years ago
Victor Julien 9e85b8d35e flow timeout: remove now unused code 11 years ago
Victor Julien 85b1a8ff26 flow: fix typo in function name 
FlowForceReassemblyNeedReassmbly -> FlowForceReassemblyNeedReassembly
 11 years ago
Victor Julien 3b3dce8328 flow timeout cleanup and fix 
Flow timeout code worked by luck when checking if a flow still needed
reassembly for app layer inspection or logging. It would check for a
part of raw reassembly (smsg list) to determine if detection was
needed. In this case it would also process app layer cleanup,
including logging.

Introduced AppLayerTransactionGetActive which returns the lowest tx_id
in a direction that still needs some work.

FlowForceReassemblyNeedReassmbly now uses it to determine if the
applayer still needs work.

Converted FlowForceReassemblyForHash to use the checking function
FlowForceReassemblyNeedReassmbly as well, so that checking if a flow
needs work is now unified.
 11 years ago
Victor Julien b32abea06b flow/stream: use named values in flow timeout code 11 years ago
Victor Julien 8522da8ea5 stream: add option to disable raw reassembly 
Raw reassembly is used only by the detection engine. For users only
caring about logging it's a significant overhead, both in cpu and
memory usage.

The option is called 'raw' and lives under the stream.reassembly
options.

stream:
  memcap: 32mb
  checksum-validation: yes      # reject wrong csums
  inline: auto                  # auto will use inline mode in IPS mode, yes or no set it statically
  reassembly:
    memcap: 64mb
    depth: 1mb                  # reassemble 1mb into a stream
    toserver-chunk-size: 2560
    toclient-chunk-size: 2560
    randomize-chunk-size: yes
    #randomize-chunk-range: 10
    raw: false # <- new option
 11 years ago
Eric Leblond 47b5fc0934 erf-dag: fix typo in header guard 
Spotted out by clang:
 source-erf-dag.h|25 col 9| warning: '__SOURCE_ERR_DAG_H__'
 is used as a header guard here, followed by #define of a different macro
 [-Wheader-guard]
 11 years ago
Eric Leblond 105182f582 yaml: remove no more present files 
emerging-virus.rules is not present anymore in ET ruleset downloaded
by 'make install-rules'. This patch removes it from the list to avoid
an error message.
 11 years ago
Eric Leblond f9f1a666f0 dns: rules files was not installed 
Installed dns-events.rules files in rules directory with install-rules.
 11 years ago
Eric Leblond a8fde0112e prscript: add support for pcap build 
Now also start a pcap test build.
 11 years ago
Jason Ish eaff01a57f Use the stack for temporary memory buffers. 11 years ago
Jason Ish ab7091927e When setting final configuration nodes, set the whole tree as final. 
Prevents benign log message of parent nodes of final values being
redefined (which ends up having no affect as the final nodes
are protected from being removed).
 11 years ago
Eric Leblond 729540673e htp: display info about randomization 
When randomizatin is used display a message about actual values.
 11 years ago
Eric Leblond ff784075a2 htp: randomization of htp inspection sizes 
This is an implementation of #940. It randomize libhtp request
and response size if the same way this has been done for stream
inspection.
 11 years ago
Victor Julien 81ee6f5aad lua: push correct length back through ScFlowvarGet, work around valgrind warning 11 years ago
Victor Julien 86b299d06c lua: clear stack after each script run 11 years ago
Victor Julien ae69a4a024 luajit: pass calling rule's sid,gid,rev to script as SCRuleSid, SCRuleGid, SCRuleRev. 11 years ago
Eric Leblond f76448c1e6 decode: fix failure in layered tunnel 
If we have multiple layer of tunnel, the decoding of initial
Packet will recurse in DecodeTunnel function called in
PacketTunnelPktSetup. If we are not setting the pseudo
packet root before calling DecodeTunnel (as done in previous
code), then the tunnel root will no be correct for the lower
layer packets. This result in an counter problem and a suricata
failure after some time.
 11 years ago
Jason Ish e9a4871077 Fix alignment in usage. 11 years ago
Giuseppe Longo ae9393987e Adds a defrag configuration example in suricata.yaml 11 years ago
Victor Julien 0a24ac0855 Fix Conf api usage after rebase 11 years ago
Jason Ish 8d29dfca59 Instead of exiting on memory failure, log a warning then return NULL 
to signify an error to the caller.
 11 years ago
Jason Ish 5f6705c4dc Better document ConfSet and ConfSetFinal. 11 years ago