aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,663 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8db78208f9'
${ noResults }
Commit Graph

11663 Commits (8db78208f94db524c98af3f84caf6a8951e0d884)
 

Author SHA1 Message Date
Victor Julien f31372ad1d dcerpc/tcp: fix compile warning 
warning: variable does not need to be mutable
    --> src/dcerpc/dcerpc.rs:1036:42
     |
1036 |                     let tx = if let Some(mut tx) = self.get_tx_by_call_id(current_call_id, core::STREAM_TOCLIENT) {
     |                                          ----^^
     |                                          |
     |                                          help: remove this `mut`
     |
     = note: `#[warn(unused_mut)]` on by default

warning: variable does not need to be mutable
    --> src/dcerpc/dcerpc.rs:1061:30
     |
1061 |                         Some(mut tx) => {
     |                              ----^^
     |                              |
     |                              help: remove this `mut`
 4 years ago
Victor Julien 67b5295bbc dcerpc/tcp: add missing detect state cleanup 4 years ago
Angelo Mirabella c72069c3b2 detect/magic: fix crash on rule reloading 
This changseset fixes a bug causing a segmentation fault.
When rules are reloaded and a rule using libmagic matches, suricata
crashes due to an improper reinitialization of the thread contexts.

Bug: #3726
 4 years ago
Angelo Mirabella ea15282f47 unix-socket: fix alert metadata logging 
This changeset fixes a bug that was preventing suricata to dump
alert metadata info when running in unix-socket mode.
When running in unix-socket mode, suricata was skipping the
initialization of the output modules and, as a consequence,
the metadata output module was never invoked.
 4 years ago
Victor Julien 62cc0c7acf alert/syslog: fix minor compile warning 4 years ago
Victor Julien 4e925ca260 stream: harden data size handling 
Handle edge cases around ACKs and last_ack getting below
'app_progress', which can happen during shutdown of a flow
with multiple GAPs.
 4 years ago
Victor Julien 5391746518 stream: bail early if no data after a gap 4 years ago
Victor Julien 27c9280735 stream: harden data size handling 4 years ago
Victor Julien 8a08fe82d4 stream: don't send STREAM_START multiple times 4 years ago
Victor Julien 479078d377 detect/content: add more negation tests 4 years ago
Victor Julien c41e64d637 dnp3: reword warning message 4 years ago
Victor Julien 36a93380a5 defrag: fix pthread warning on OpenBSD 4 years ago
Victor Julien 95729e923f configure: remove left over reference to unified2 4 years ago
Victor Julien c95850c6ce doc/rules: document config rule option 4 years ago
Victor Julien 8fdee4f685 version: start development towards 6.0.1 4 years ago
Victor Julien 5219691f45 version: update to 6.0.0, require libhtp 0.5.35 4 years ago
Victor Julien df5f96c5f0 changelog: update for 6.0.0 final 4 years ago
Jason Ish 400b26ad68 logrotate: reindent to 4 spaces 
4 spaces seems to be the norm on Linux, so reindent from a mix
of 8 spaces and tabs to 4 spaces.
 4 years ago
Philippe Antoine 61d0cd1399 signature: checks protocol for file.name keyword 
By setting the flags as for the filename keyword (not sticky version)
 4 years ago
Philippe Antoine bde0c88984 dnp3: more precise probing for banners 4 years ago
Philippe Antoine 12dfc33e05 dnp3: fix probing test not using final null in string 4 years ago
Philippe Antoine 1fd6f5bc61 http2: asymetric sizes for headers tables 
The headers table from client to server
and the one from server to client
may have different maximum sizes
(even if both endpoints have to keep both tables)
 4 years ago
Philippe Antoine 4706b38866 ssl: do not reuse struct session_id_length 
As it can be confused between SSLv2 and TLSv13
In SSLv2, this variable is not used after the function scope, so
we can use a temporary variable.
 4 years ago
Philippe Antoine aaa69fe3c5 smb: resistance against padding evasions 
Scenario is use of dummy padding in write AndX request
or other similar commands using a data offset.

Parsing skips now these dummy bytes, and generates one event
 4 years ago
Philippe Antoine caa7946888 smb: adds file overlap event against evasions 
Evasion scenario is
- a first dummy write of one byte at offset 0 is done
- the second full write of EICAR at offset 0 is then done
and does not trigger detection

The last write had the final value, and as we cannot "cancel"
the previous write, we set an event which is then transformed into
an app-layer decoder alert
 4 years ago
Philippe Antoine 3e96f96153 rdp: fix incomplete result 
Aggregating the consumed bytes
 4 years ago
Philippe Antoine f9c6b60edc detect: fix use of uninit memory in DetectDatarepParse 
By initializing to empty string
 4 years ago
Philippe Antoine 6b735a2e57 util: fix warning about format string for integer 4 years ago
Philippe Antoine dc7a9d2b46 util: THashInitConfig limits hash size when fuzzing 4 years ago
Philippe Antoine dcd5e4dec9 util: THashInitConfig does not exit but return error 4 years ago
Jason Ish 2b215a45e0 enip: set unidirection transaction flag 4 years ago
Jason Ish 0529a00ffd dhcp: set unidirection transaction flag 4 years ago
Jason Ish 3036ec4db0 ikev2: set unidirection transaction flag 4 years ago
Jason Ish ff674d0cd0 mqtt: set unidirection transaction flag 4 years ago
Jason Ish 54d5f336d4 sip: set unidirection transaction flag 4 years ago
Jason Ish 1d40d0c5f9 rdp: set unidirection transaction flag 4 years ago
Jason Ish f7dee602e9 krb5: set unidirection transaction flag 4 years ago
Jason Ish 984d3c7f20 ntp: set unidirection transaction flag 4 years ago
Jason Ish fc7d59d92f snmp: set unidirectional transaction flag 4 years ago
Jason Ish 60ebc27c4e app-layer: handle unidirectional transactions 4 years ago
Philippe Antoine 2eacc6a9a8 ssl: adds safety checks 
Ensure the client version is valid by checking hello flags

Ensure no integer underflow occurs in SSLv3ParseHandshakeType
 4 years ago
Jeff Lucovsky 4624e66cdd detect/transform: Validator for compress-ws 
This commit adds a buffer validator for compress whitespace. Buffers
containing two or more consecutive whitespace characters are invalid
with this transform.
 4 years ago
Jeff Lucovsky 30b1d7a9c1 detect: Correct typo 4 years ago
Jeff Lucovsky 7ab986250a detect/file-data: Apply transforms on file_data 
This commit cause transforms to be applied on the sticky buffer.
 4 years ago
Victor Julien e07a4393a9 http: error check htp_list_size 
This avoids a potential casting to uint64_t of -1, leading to a very
high upper bound of the tx loop.
 4 years ago
Jeff Lucovsky 6f9b7e052a doc/eve: Update threaded filename examples 4 years ago
Jeff Lucovsky 8f009cf9b5 output/json: Update threaded filename example 4 years ago
Jeff Lucovsky a75e9667ce log/eve: Threaded filename change: eve.N.json 
This commit changes the name of the file used with threaded eve logging
to better support log rotation

Instead of using "eve.json.N" and creating potential issues with log
rotation (which also uses a ".N" suffix), the eve logs will be named
"eve.N.json" when threaded.
 4 years ago
Jeff Lucovsky 73567272cd path: SCBasename - function to return basename 
This commit returns the basename of a file, if it exists
in the same way that `basename(1)` works.
 4 years ago
Jeff Lucovsky db9776af64 detect/rules: Fix copy/paste error 
This commit corrects a copy/paste error handling the `include-mpm-stats`
configuration setting.
 4 years ago