aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,318 Commits
7 Branches
161 Tags
178 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'adf5e6da7b'
${ noResults }
Commit Graph

15318 Commits (adf5e6da7bdf81d65ccfeb115e6bc50e7031a0ca)
 

Author SHA1 Message Date
Philippe Antoine adf5e6da7b detect: strip_pseudo_headers transform 
Ticket: 6546
 2 years ago
Victor Julien 1dcf69b211 eve/http: add location header independent of status availability 2 years ago
Victor Julien 9a14d7a723 eve/http: use numeric status code by default 
To avoid costly string operations.
 2 years ago
Victor Julien f5565f42e7 eve/email: improve logging binary data 
Use jb_append_string_from_bytes() as it works better than
BytesToString+jb_append_string when logging binary data.

Bug: #6664.
 2 years ago
Victor Julien 609cac58b7 flow: minor optimization 
Most of the time FlowGetFlowFromHash will succeed.
 2 years ago
Victor Julien 75c1b7fb10 detect: consolidate per rule group file loops 
Don't loop multiple times over the per group sig array.
 2 years ago
Victor Julien 3b8ed937d7 detect: remove DCERPC mask logic 
Added nothing over alproto check already in place.
 2 years ago
Victor Julien 44a8bf463e detect/rule-header: use bool type 
Update frame prototype as well, to match already returned true/false values.
 2 years ago
Victor Julien 72841be050 detect/rule-header: minor code cleanups 2 years ago
Victor Julien 5c6089f93f detect/address: refactor match array building 2 years ago
Victor Julien 7b2d6b6894 detect/address: minor cleanup 2 years ago
Victor Julien 96aee6434f mpm/ac: pointer hygene 2 years ago
Victor Julien aad403d87d mpm/hs: improve pointer hygene 2 years ago
Victor Julien 11bf60aa3a detect/mpm: minor cleanup 2 years ago
Victor Julien db2484276e detect: shrink sgh to have all runtime members on one cache line 2 years ago
Victor Julien 91f153fb1d detect: constify flow flags in tx rule inspect 2 years ago
Victor Julien e4550bee0a detect: minor cleanup for rule group get function 2 years ago
Victor Julien fd4ca53eb7 app-layer: micro optimization for AppProtoEquals 
Add most common condition first.
 2 years ago
Victor Julien 88cc999184 detect/bsize: constify keyword args during size check 2 years ago
Victor Julien e06d2c402a detect/content: limits prop comment cleanup 2 years ago
Victor Julien 4f0f7b1969 detect/dsize: minor code cleanup 2 years ago
Victor Julien 2b3ec34de8 detect: use do { } while loop for app engine loop 2 years ago
Victor Julien 2911656d6c detect/content: fix offset for negative distance 
Fix offset calculation on sigs with negative distance. Can lead to FN
in certain cases.

Bug: #6661.
 2 years ago
Victor Julien 18eafb622f detect/content-inspect: add more tests 2 years ago
Victor Julien 0172c01dc2 spm/bm: minor code cleanups; constification 2 years ago
Victor Julien 4a6a3dc296 mpm: UNITTESTS guard for RegisterUnittests func 2 years ago
Victor Julien ea5cf44fc2 mpm: remove unused flags field 2 years ago
Victor Julien 4558c5c515 detect/http_server_body: modernize test 2 years ago
Victor Julien bd66504a43 detect: implement --qa-skip-prefilter 
Option meant for testing performance of rule engine w/o prefilter
optimizations.
 2 years ago
Victor Julien 222dcf776e detect/content-inspect: add negation tests 
Test mixing of negation, endswith and depth.
 2 years ago
Victor Julien fd75aca1a1 detect/bytetest: remove unused Match function 
All matching is done as part of content inspection.
 2 years ago
Victor Julien f2e9c258c4 detect/pcre: remove unused match member 
pcre2_match_data is created per thread when needed.
 2 years ago
Victor Julien 3e8db97687 detect/bytemath: fix u32 buffer size logic 
Remove u16 cast. Remove debug assert for u16 size.

In 83ed2c3b97 the input was changed to
u32
 2 years ago
Victor Julien eca6639a82 detect/pcre: localize match limit option parsing 
No need to put it into a per ctx flag.
 2 years ago
Victor Julien 18dfa69364 detect/pcre: remove unused opts field 2 years ago
Victor Julien 9dc35fbd00 detect/pcre: put commonly used members on first cache line 2 years ago
Victor Julien e3f2b3418a detect/content-inspect: use of replace keyword is rare 
Hint compiler about this.
 2 years ago
Victor Julien bcb2b50cfc detect/profiling: improve pcap reading performance 
When reading a pcap, packet time can move much faster than wall
clock time. This would trigger many more profile syncs than before.

As the sync is using a lock to synchronize with other threads, this
is an expensive operation.

Bug: #6619.

Fixes: b591813b86 ("profiling/rules: reduce sync logic scope")
 2 years ago
Juliana Fajardini 8d3de85edd pgsql: fix u16 overflow in query data_row 
Found by oss-fuzz with quadfuzz.

Cf https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63113

According to PostgreSQL documentation the maximum number of rows can be
the maximum of tuples that can fit onto max u32 pages - 4,294,967,295 (cf
https://www.postgresql.org/docs/current/limits.html). Some rough
calculations for that indicate that this could go over max u32, so
updating the data_row data type to u64.

Bug #6389
 2 years ago
Philippe Antoine 4933b817aa doc: fix byte_test examples 
As this keyword has 4 mandatory arguments, and some examples
had only three...

Ticket: 6629
 2 years ago
Juliana Fajardini a37fa62710 devguide: explain example-rule container usage 
Have these options documented, so that whoever writes rule-related
documentation can easily know what they could use to make the doc look
better.
 2 years ago
Philippe Antoine d3218385e9 detect: case-insensitive comparison for requires 
Ticket: 6656
 2 years ago
Philippe Antoine 673d13d445 rust: allow clippy::items_after_test_module 
As clippy began to complain about jsonbuilder.rs
 2 years ago
Juliana Fajardini fc2acf8cb0 devguide: fix main channels list 
Sphinx and RtD sometimes render lists in weird ways. The communication
channels list barely looked like one, at all...
 2 years ago
Juliana Fajardini d15877b2c0 devguide: update branches, refer to backports guide 
Update the list of active branches to include 7 renaming and new master,
link to backports document.
 2 years ago
Juliana Fajardini 9fbdfd219c devguide: add chapter with backports guide 
Task #6568
 2 years ago
Juliana Fajardini de8bffd244 devguide: doc from behavior changes needs ticket # 
If a commit introduces code that changes Suricata behavior, the related
documentation changes should go in a separate commit, but refer to the
same ticket number.
This reduces the chances of said changes being lost if there are backports
while still keeping the backporting process a bit less bulky, for each
commit.

Related to
Task #6568
 2 years ago
Juliana Fajardini 71e4ca81ef devguide: reorganize pr-workflow section 
This section seemed to aim both at PR reviewers and PR authors at the
same time, even though some info is probably of low value for
contributors.

Created new section for PR reviewers and maintainers, and kept the info
for PR authors separated. Also highlighted information on requested
changes and stale PRs.
 2 years ago
Juliana Fajardini 08eb67f74c devguide: make 'contributing' a chapter 
This could be justified from a semantic point of view, and also can help
in bringing more attention to where this information is, as it is less
hidden, now.

Also add Dev Guide as one of our resources in our Readme.
 2 years ago
Jeff Lucovsky f12e026696 mqtt: Move conf code to rust 
Issue: 6387

This commit moves the configuration logic to Rust.
 2 years ago