aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,426 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '833c7c64be'
${ noResults }
Commit Graph

16426 Commits (833c7c64beae56e79bb1349933a9dc97b7bfe987)
 

Author SHA1 Message Date
dependabot[bot] 285113a1e5 github-actions: bump actions/checkout from 4.2.0 to 4.2.1 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](d632683dd7...eef61447b9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 9e0151cce5 github-actions: bump github/codeql-action from 3.26.10 to 3.26.12 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.10 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.10...v3.26.12)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 4ad45fc8d0 github-actions: bump actions/upload-artifact from 4.4.0 to 4.4.3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](50769540e7...b4b15b8c7c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
Alice Akaki fa1addae64 detect/analyzer: add more details for icmp_id 
Ticket: #6360
 5 months ago
Philippe Antoine 378f678d95 fuzz/detect: forbid rule with pcre only on stream 
to avoid fuzzing blocks on timeouts with known bad rules

Ticket: 4858
 5 months ago
Philippe Antoine 81f7ef89c4 stream: fix -Wshorten-64-to-32 warnings 
Ticket: #6186
 5 months ago
Philippe Antoine 58f7af8a31 output: fix -Wshorten-64-to-32 warnings 
Ticket: #6186
 5 months ago
Philippe Antoine 2fb89f1b79 ldap: improve some rust style 5 months ago
Victor Julien 97d525d18d github-action: share cargo registry cache 5 months ago
Victor Julien d574d88bca github-action: share cargo cache for windows jobs 5 months ago
Victor Julien f334532063 rust: update dependencies 5 months ago
Victor Julien 9b6a1355ac github-actions: cache netmap checkout 
To avoid build failures due to rate limiting, cache the netmap checkout.

Explicitly restore and save to avoid the checkout action cleaning the
checkout up before it can be stored in the cache.
 5 months ago
Jason Ish 15c4eb3d16 threads: move wait for unpause outside of loop 
Threads are only set to paused upon initialization and never again, we
should only have to wait once, so move the wait before any loop that
was waiting before.

Additionally, if the thread was killed while waiting to be unpaused,
don't enter the loop.
 5 months ago
Jason Ish 7492fb6a91 threads: merge unpause test into wait for pause function 
TmThreadTestThreadUnPaused was only being used by
TmThreadsWaitForUnpause and is still enough to just become one
function.
 5 months ago
Jason Ish 3f8c3698db threads: helper function TmThreadsWaitForUnpause 
The pattern of checking the pause flag, setting to paused then
waiting to unpause was done enough times to factor out into its own
function. This is also needed by library users who bring their own
packet acquisition threads.
 5 months ago
Philippe Antoine 7d854bd97f template/detect: allow empty buffers 5 months ago
Philippe Antoine 96c8470cdd template: move detect keywords to pure rust 
Ticket: 3195

Also remove unused src/tests/detect-template-buffer.c

Completes commit 4a7567b3f0
to remove references to template-rust
 5 months ago
Zemeteri Kamimizu 87e6e9374f conf: init parser after check with stat() 
Commit changes are made to avoid possible memory leaks. If the parser
is initialized before configuration file checking, there was no deinit
call before function return. Do check config file existance and type
before YAML parser initialization, so we don't need to deinit parser
before exiting the function.

Bug: #7302
 5 months ago
Victor Julien 1591ad4408 packetpool: allow larger max-pending-packets 
Original limit was due to a specific data structure.

(lifted from 96a0ffadde)
 5 months ago
Jeff Lucovsky 1e0d3435db doc: add napatech plugin upgrade notes 
Issue: 7165
 5 months ago
Jeff Lucovsky 88451b400d configure: fail on --enable-napatech and --disable-shared 
Issue: 7165

Plugins can't be build using the standard autoconf/automake
methods. We can get around this by creating our own Makefiles, but
they're often less portable.

For now, fail during ./configure instead of during compile.
 5 months ago
Jeff Lucovsky d32b28c85e napatech: bring back command line argument 
Re-introduce support for command line argument "--napatech"

Issue: 7165
 5 months ago
Jeff Lucovsky 792f5e1d57 napatech: load plugin by default 
Issue: 7165
 5 months ago
Jeff Lucovsky d5feb8accc napatech: add as plugin 
Issue: 7165
 5 months ago
Jeff Lucovsky 330c408930 napatech: remove, to make room for plugin 
Issue: 7166
 5 months ago
Philippe Antoine 58556b7f8b template: remove -rust references 
Ticket: 7315

Completes commit 4a7567b3f0

Allows keyword template.buffer to work properly when template
protocol is enabled
 5 months ago
Jason Ish 09d604f7c3 github-ci: install prepared cbindgen on rpm distros 
Currently cbindgen from system packages is broken, for now use the
cbindgen artifact we build.
 5 months ago
Jason Ish a5e13d0dee github-ci: break out cbindgen installation to action 5 months ago
Jeff Lucovsky c9e4524b3c misc: Eliminate compiler warnings 
Issue: 7314

Fixup macro usages to eliminate compiler warnings.
 5 months ago
Philippe Antoine 76527dde79 http: fix condition check 
Ticket: 7309

Do not use a constant expression in a condition
 5 months ago
Alice Akaki d5dd549bcd detect/address: convert ipv4 unittests to FAIL/PASS 
Ticket: OISF#6318
 5 months ago
Philippe Antoine 40e97423b4 transform/base64: check for 0-sized buffer 
So as to avoid undefined behavior with a 0-sized variable length
array

Ticket: #7296
 5 months ago
Zemeteri Kamimizu adcac9ee0f detect: add new_de_ctx release in case of errors in initialization 
Detect engine tenant reloading function hasn't got engine release call
under error label, so it is possible memory leak in case of errors in
further new detect engine initialization.

Bug: #7303
 5 months ago
Jason Ish 6ae5ae701b doc/userguide: generate eve documentation 
Add EVE documentation for QUIC and Pgsql to their respective sections of
the userguide.

Also add a complete EVE reference as an appendix.

Other protocols can be done, but its a manual process to document in the
schema, then add the glue to pull them into the documentation.

The documentation is generated during "make dist", or if it doesn't
exist, "conf.py" will attempt to generate the eve documentation for
building on Readthedocs.
 5 months ago
Jason Ish 2626895a93 evedoc.py: script to generate rst doc from eve schema 
Also supports a "--flat" command line option to produce a "dot"
separated version of all the fields in the EVE schema.
 5 months ago
Jason Ish 2b16369071 github-ci: run macos python jobs in virtualenv 
With the latest brew changes, a virtualenv is required to install
pyyaml.
 5 months ago
Jason Ish d8f73c9215 tm-modules: minor code cleanups 
- includes
- loops
 5 months ago
Jason Ish 415c5786de threading: remove TM_FLAG_LOGAPI_TM as its not used 
This flag is never set, remove.
 5 months ago
Philippe Antoine 3f0512ebeb rust: unpin serde 
As oss-fuzz uses a newer compatible rustc version
 5 months ago
Jason Ish 75b760b450 github-ci: add rpm build job 
Build RPMs for Fedora 40 and EPEL 9 (using AlmaLinux).
 5 months ago
Jason Ish c9369641f8 ebpf: include llvm_bpfload.h in distribution 
Otherwise we fail to build ebpf from a release archive.
 5 months ago
Jason Ish 9816a795dd github-ci: cache deb packages on Ubuntu dist builder 
Should speed up setup a little.
 5 months ago
Shivani Bhardwaj 501f79c0ed detect/engine: deduplicate fn definitions 5 months ago
dependabot[bot] 06dd6bacb0 github-actions: bump actions/checkout from 4.1.7 to 4.2.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](692973e3d9...d632683dd7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 0ffd33ab92 github-actions: bump codecov/codecov-action from 4.5.0 to 4.6.0 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](e28ff129e5...b9fd7d16f6)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 908ff2faa3 github-actions: bump github/codeql-action from 3.26.6 to 3.26.10 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.6 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.6...v3.26.10)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
Alexey Simakov c72404e554 yaml: Add check of allocation for node object 
Fix potential dereference of nullptr in case
of unsuccessful allocation of memory for
list node

Bug: #7270
 5 months ago
Liam Wilson 592d860434 configure: clear cached header value 
Unset ac_cv_header_hs_h before checking for header. This allows
hyperscan to be included in compilation when switching from a non-hs
build to a hs build.
 5 months ago
Jason Ish 3b6f709331 threads: don't drop capabilities for packet threads 
Remove the call to SCDropCaps for packet processing threads. This
logic in this function is required to setup packet processing even
when the thread is provided by a library user, in which case Suricata
should not be touching is capabilities.

As SCDropCaps is currently a no-op its clear this feature needs to
be (re)designed properly, taking into consideration library users as
well.

Related ticket: https://redmine.openinfosecfoundation.org/issues/2375
 5 months ago
Ilya Bakhtin 976dec7f33 detect: pseudo-packets inherit inspect flags from parent packet 
Instead of inheriting from flow, because encrypted protocols like TLS
and SSH may have just set the flow flags to indicate rest of stream is
encrypted and does not need to run stream inspection. But inspection
still needs to be run detection on this last flushing packet.

Ticket: #7235.
 5 months ago