aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,969 Commits
8 Branches
163 Tags
199 MiB
main
main-8.0.x
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '976748b777'
${ noResults }
Commit Graph

12969 Commits (976748b777fbbbba41491401c73c83e05e0a7c8a)
 

Author SHA1 Message Date
Victor Julien 976748b777 doc/smb: add resource limits section 4 years ago
Victor Julien fc9b65d8d3 smb2: validate negotiate read/write max sizes 
Raise event if they exceed the configured limit.
 4 years ago
Victor Julien 4be8334c9e smb2: allow limiting in-flight data size/cnt 
Allow limiting in-flight out or order data chunks per size or count.

Implemented for read and writes separately:

app-layer.protocols.smb.max-write-queue-size
app-layer.protocols.smb.max-write-queue-cnt
app-layer.protocols.smb.max-read-queue-size
app-layer.protocols.smb.max-read-queue-cnt
 4 years ago
Victor Julien 2c5ad8858e filetracker: track total queued data (in_flight) 
As well as expose number of chunks.
 4 years ago
Victor Julien 90d4b8e438 smb: log max read/write sizes 4 years ago
Victor Julien 5bcc4162f7 smb2: add options for max read/write size 
Add options for the max read/write size accepted by the parser.
 4 years ago
Victor Julien f28888513a smb2: track max read/write size and enforce its values 4 years ago
Victor Julien 594acec5dc smb: minor function cleanup 
Remove used argument from `filetracker_newchunk()`. We're not
using fill_bytes with smb.
 4 years ago
Victor Julien c7a474c725 filetracker: make FileChunk private 4 years ago
dependabot[bot] 276cae5d73 github-actions: bump codecov/codecov-action from 2.1.0 to 3 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2.1.0 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](f32b3a3741...e3c560433a)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] 725e1b6e4c github-actions: bump github/codeql-action from 1.0.26 to 2.1.8 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.26 to 2.1.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](5f53256358...1ed1437484)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] fe444011bc github-actions: bump actions/cache from 2.1.7 to 3.0.2 
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.0.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](937d244753...48af2dc4a9)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] 14125d7361 github-actions: bump actions/download-artifact from 2 to 3 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...fb598a63ae348fa914e94cd0ff38f362e927b741)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
dependabot[bot] ebcf6b6acf
github-actions: bump ossf/scorecard-action from 1.0.1 to 1.0.4 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.1 to 1.0.4.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Commits](e3e75cf2ff...c1aec4ac82)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 4 years ago
Victor Julien af90478167 detect/frames: reduce severity of validation check 4 years ago
Jason Ish 28898dbfb8 dependabot: monitor github actions 4 years ago
Jason Ish ad9c8fab25 github-ci: set safe directory before reset 
While the latest checkout action does set the "safe.directory"
parameter, it doesn't appear to stick for the following "git fetch", so
call this command again.
 4 years ago
Jason Ish 57a6f30431 github-ci: pin checkout action to latest release 4 years ago
Philippe Antoine 3b13008c1b mqtt: fix consumed bytes computation for truncated msg 
Ticket: 5268
 4 years ago
Victor Julien 3a7d09edfc detect/frame: get data using stream callback 
Inspect only data that has already been consumed by the
app-layer parser. This allows for simpler progress tracking.
 4 years ago
Victor Julien ffe036e881 frame: introduce entry for getting stream data for frame 4 years ago
Victor Julien 96bc11d0d0 stream: make raw data handling more generally usable 
Move raw detection logic out of main StreamReassembleRawDo() so that
it can be reused for other parts of the engine.

The caller now has to specify a right edge of the data.
 4 years ago
Victor Julien afb97d1dee stream: add offset to raw stream callback 
This gives the called function to understand where it is in the
stream.
 4 years ago
Victor Julien 205bc1e288 app-layer: disable stream app tracking on no parser 
If protocol has no parser enabled or implemented, disable the app
progress tracking in the stream engine to reduce the workload in
the stream engine.
 4 years ago
Philippe Antoine 8ecf7e403e source: pcap timestamp microsecond consistency 
That is it should be less than 1 000 000.
Have the same for fuzz targets where the bug came from.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44177
 4 years ago
Philippe Antoine 704bc878ea dcerpc: store consumed_bytes as i32 
As it can grow bigger than u16
 4 years ago
Philippe Antoine dfd17e9acc ike: fix integer underflow in parse_proposal 
By not restricting a usize to i16
 4 years ago
Philippe Antoine dccf2e4c30 detect: config checks alstate before getting tx 
Ticket: 4972

As is done in detect-lua-extensions.
We can have a flow with alproto unknown, no state, and therefore
cannot run AppLayerParserGetTx which could try to run a NULL
function
 4 years ago
Philippe Antoine 45d1a9ae77 detect: faster linked list copy 
In DetectAppLayerInspectEngineCopyListToDetectCtx
Avoid quadratic complexity by remembering last element
of the linked list we are inserting into
 4 years ago
Philippe Antoine 2a22b4ca1f flow: fix integer warnings 
Ticket: 4516
 4 years ago
Philippe Antoine 1cc9762b6a host/ippair: fix integer warnings 
Ticket: 4516
 4 years ago
Philippe Antoine b1eaa1e8cd util: using size_t len for byte utils 
Ticket: 4516

Like ByteExtractStringUint64, because most of their inputs come
from strlen which returns a size_t
 4 years ago
Philippe Antoine f30975fb16 app-layer: fix integer warnings 
Ticket: 4516
 4 years ago
Victor Julien 1c8559b3ab debug: support %m output format again 
Use thread local storage to avoid the previous dead lock issues.
 4 years ago
Victor Julien ce4e543719 threading: simplify thread name logic 4 years ago
Victor Julien 93d5bce0aa rust: update regex & memchr dependencies 
Bug: #5260.
 4 years ago
Victor Julien 053a9d2e68 smb/ntlmssp: add stricter len/offset validation 4 years ago
Philippe Antoine 3e48881b78 smb: prevents integer underflow 
Ticket: 5246

If msg_id is 0, we cannot find the previous request
 4 years ago
Philippe Antoine e72036f12f smb: ntlmssp domain_blob_offset underflow check 
Ticket: 5246
 4 years ago
Philippe Antoine 817a5001a5 smb: check on param parsing 
Ticket: 5246

so as not to overflow u16
 4 years ago
Victor Julien 013fb2dde3 frames: remove dead condition in eof check 4 years ago
Victor Julien 86e8611f5e app-layer: don't switch dir if proto already known 4 years ago
Victor Julien 7b55f8b2e3 fuzz/sigpcap_aware: set pkt_src to wire 
Avoids an assert if DEBUG is compiled in:

fuzz_sigpcap_aware: source-pcap-file.c:420: TmEcode DecodePcapFile(ThreadVars *, Packet *, void *): Assertion `!(p->pkt_src != PKT_SRC_WIRE && p->pkt_src != PKT_SRC_FFR)' failed.
 4 years ago
Victor Julien 61df4120da detect/frame: improve assert accuracy 
Handle frames of unknown size correctly.

Bug: #5226.
 4 years ago
Victor Julien c824804e2b eve: allow /dev/null in threaded mode 
Avoids creation of actual files called /dev/null.N which take
up space in /dev/ which lives in memory.
 4 years ago
Victor Julien 5deb479f4c flow: cleanup locking debug leftovers 4 years ago
Victor Julien 57533d3e47 flow: fix and simplify locking 
Since:

9551cd0535 ("threading: don't pass locked flow between threads")

`MoveToWorkQueue()` unconditionally unlocks the flow. This allows simpler
locking handling, including of tcp reuse flows.

The simpler logic also fixes a scenario where TCP reuse flows got "unlocked"
twice, once in `FlowGetFlowFromHash()` and once in `MoveToWorkQueue()`.

Bug: #5248.
Coverity: 1494354.
 4 years ago
Sascha Steinbiss 7eb279ac53 mqtt: remove redundant "where" keyword 4 years ago
Sascha Steinbiss d63e5b8c51 mqtt: make some functions non-public 4 years ago
Sascha Steinbiss 2a3ed9a6ae mqtt: rustfmt 4 years ago