aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,267 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '72dab0a8b7'
${ noResults }
Commit Graph

11267 Commits (72dab0a8b75fabef3a1edeb59644231c26232c62)
 

Author SHA1 Message Date
Victor Julien 910922cdc4 htp: support AppLayerTxData 5 years ago
Victor Julien 5665fc8301 app-layer: add ApplyTxConfig API 
Optional callback a parser can register for applying configuration
to the 'transaction'. Most parsers have a bidirectional tx. For those
parsers that have different types of transaction handling, this new
callback can be used to properly apply the config.
 5 years ago
Victor Julien df27205451 output/tx: implement filtering 5 years ago
Victor Julien e15995e2d2 detect: store detect flags in AppLayerTxData 5 years ago
Victor Julien c797c9f09c app-layer: add logger flags to AppLayerTxData 5 years ago
Victor Julien 411f428a38 app-layer: define AppLayerTxData and AppLayerTxConfig 
AppLayerTxData is a structure each tx should include that will contain
the common fields the engine needs for tracking logging, detection and
possibly other things.

AppLayerTxConfig will be used by the detection engine to configure
the transaction.
 5 years ago
Victor Julien 274a033d65 htp: alloc user data at tx start 
This way the AppLayerTxData is set up from the start. Any type of
processing (logging, detection) will lead to setting up the user
data later on anyway.

Remove other places where it was added.
 5 years ago
Victor Julien f7ff7dbaed config: common definitions 5 years ago
Victor Julien 6dcdf394d7 rules: add config action 5 years ago
Jason Ish 8c98fa452f dnp3/eve: update for regenerated dnp3 object logging code 
Migration from Jansson to JsonBuilder.
 5 years ago
Jason Ish bf8d8c573a dnp3/eve: regenerator object logging code 5 years ago
Jason Ish 85eaa2276c scripts/dnp3-gen: update to generate JsonBuilder code 5 years ago
Jason Ish 03efbccfe6 jsonbuilder: set_float, append_float methods 
New methods for setting and appending float values.
 5 years ago
Jason Ish ccc057fdc9 dnp3/eve: convert to jsonbuilder (non generated code) 
First step of converting DNP3 to JsonBuilder by first converting
the non-generated code.
 5 years ago
Jason Ish 4976afd96a script/dnp3-gen: update generator to reflect in tree changes 
Some changes were made to the generated files instead of the
generator script. Update the script to generate what is
in the current state of the in-tree generated files.
 5 years ago
Shivani Bhardwaj 6f7d8e50c8 src: use FatalError whenever possible 
Replaces all patterns of SCLogError() followed by exit() with
FatalError(). Cocci script to do this:

@@
constant C;
constant char[] msg;
@@

- SCLogError(C,
+ FatalError(SC_ERR_FATAL,
  msg);
- exit(EXIT_FAILURE);

Closes redmine ticket 3188.
 5 years ago
Jeff Lucovsky 901fbae7b9 doc: Add byte_math documentation 5 years ago
Jeff Lucovsky f6a399f154 general: Correct typos 5 years ago
Jeff Lucovsky fb409664d2 detect: byte_math support 5 years ago
Jeff Lucovsky 1a726731e4 detect: Use byte-math to byte var handling func 5 years ago
Jeff Lucovsky 0e4ba7b13e detect: Add byte_math detector 5 years ago
Jeff Lucovsky ac01adc260 detect: Add utility module for byte var handling 5 years ago
Victor Julien c1673908ac eve/alert: minor cleanups 5 years ago
Victor Julien d2c48d4faf eve/alert: move files logging into util func 5 years ago
Victor Julien 3dacbcddef eve/alert: move app-layer logic into a util func 5 years ago
Shivani Bhardwaj 537fb7a1c6 hyperscan: better error message if not compiled 5 years ago
Philippe Antoine ece29c4210 ssh: fix incomplete return for ssh kex 
In the case where we already parsed some records
 5 years ago
Philippe Antoine ca6d072297 dcerpc: detect right parsing of empty op version 5 years ago
Philippe Antoine abe3f6e6ef rfb: set app proto for signature keyword rfb.secresult 5 years ago
Jeff Lucovsky a58fdcd41d suricata.yaml.in: update stream-depth description 5 years ago
Jeff Lucovsky 496306e6a9 doc: update stream-depth description 5 years ago
Jeff Lucovsky ec07f58705 doc: update file-store stream depth description 5 years ago
Jeff Lucovsky 2f32d7f831 filestore: Use proper string in error case 
When make-open-files has an invalid value, the incorrect value was being
displayed improperly
 5 years ago
Jeff Lucovsky 823f6b35d0 filestore: Validate stream-depth when non-zero 
Make sure that configured non-zero values for stream-depth are
greater than stream_config.depth
 5 years ago
Jeff Lucovsky 6bb89c37f1 output/json: Correct clang warning 
This commit corrects the warning for mismatched type.
 5 years ago
Jeff Lucovsky b2c1dab2da output/alert: Correct FORWARD_NULL Coverity issue. 
This commit corrects the FORWARD_NULL issue in AlertJson by
null-checking p->flow
 5 years ago
Jeff Lucovsky bd22e0d7a4 output/ftp: Correct Coverity DEADCODE issue 
This commit corrects the deadcode (CID 1465224) issue in
EveFTPLogCommand.
 5 years ago
Jeff Lucovsky ac70d925f5 filestore: Correct Coverity RESOURCE_LEAK issue 
This commit corrects the RESOURCE_LEAK issue (CID 1465222) of the `FILE`
pointer.
 5 years ago
Jeff Lucovsky 2d055ed1f7 detect: Correct Coverity REVERSE_INULL issue 
This commit corrects the "Null pointer dereferences" issue (CID
1465221).
 5 years ago
Shivani Bhardwaj db75675f45 qa: add atoi to list of banned functions 5 years ago
Shivani Bhardwaj d27b407bc3 pfring: fix StringParse* warnings 
Closes redmine ticket 3808.
 5 years ago
Shivani Bhardwaj 7cbb8c44c5 ttl: Make IPV4 TTL uint_8t 5 years ago
Shivani Bhardwaj 4ed72addf3 src: remove multiple uses of atoi 
atoi() and related functions lack a mechanism for reporting errors for
invalid values. Replace them with calls to the appropriate
ByteExtractString* functions.

Partially closes redmine ticket 3053.
 5 years ago
Emmanuel Thompson 6e5d64f102 detect/asn1: Simplify errors and checks 5 years ago
Emmanuel Thompson 4fc45b5c60 detect/asn1: Update ASN1 struct lifetime 
- 'static is only realistic when allocating and leaking it over the
FFI boundary
 5 years ago
Emmanuel Thompson 627e90a4bd detect/asn1: Log out errors 
- Failure to parse asn1-max-frames
- Failure on asn1 detection checks
 5 years ago
Emmanuel Thompson 88601b1993 detect/asn1: Update relative_offset keyword 
- To be consistent with recent C version changes
- Add checks for over/underflows
 5 years ago
Emmanuel Thompson 275f6ae96f detect/asn1: Remove asn1 C parser 
- In favor of rust parser
 5 years ago
Emmanuel Thompson 7af6cdb7ec detect/asn1: Update asn1 C files to use rust code 
Mark rust extern "C" functions as pub in asn1 module to expose via cbindgen
Update detect-asn1.c/h to use rust functions
 5 years ago
Emmanuel Thompson 63704fdf13 rust/asn1: Introduce ASN1 rust module 
This module uses the `der-parser` crate to parse ASN1 objects in order to replace src/util-decode-asn1.c
It also handles the parsing of the asn1 keyword rules and detection checks performed in src/detect-asn1.c
 5 years ago