suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	b31ffde6f4	output: remove error codes from output	3 years ago
Philippe Antoine	ad713246a9	src: remove double includes Keep the unconditional include to be sure it works git grep '#include "' src/*.c \| sort \| uniq -c \| awk '$1 > 1'	3 years ago
Jason Ish	27672c950c	dnp3: fixups to work with unified json tx logger Update DNP3 to work with a single TX logger, and just register one logger instead of 2. This primarily creates a TX per message instead of correlating replies to requests, which fits the DNP3 model better, but we didn't really have this concept nailed down when DNP3 was written.	3 years ago
Philippe Antoine	83a8cd80b2	detect: remove wrappers around DetectEngineInspectGenericList	3 years ago
Philippe Antoine	02f2602dde	src: rework includes as per cppclean	3 years ago
Philippe Antoine	b8524e70d9	detect: change InspectEngineFuncPtr2 to return uint8_t	3 years ago
Philippe Antoine	c5cf2967b3	detect: fix integer warnings Ticket: #4516	3 years ago
Modupe Falodun	14b21de306	detect-dnp3: remove dnp3_data unittests These tests are reimplemented in Suricata-Verify Task: 4911	3 years ago
Jeff Lucovsky	1eeb96696b	general: Cleanup bool usage	4 years ago
Victor Julien	13cebb1857	detect: fix heap overflow issue with buffer setup In some cases, the InspectionBufferGet function would be followed by a failure to set the buffer up, for example due to a HTTP body limit not yet being reached. Yet each call to InspectionBufferGet would lead to the matching list_id to be added to the DetectEngineThreadCtx::inspect.to_clear_queue. This array is sized to add each list only once, but in this case the same id could be added multiple times, potentially overflowing the array.	5 years ago
Victor Julien	84385549fe	detect: remove unused arg from generic list inspect	5 years ago
Victor Julien	cd146adef0	detect/dnp3: convert to v2 inspect API	5 years ago
Victor Julien	6ab323d323	detect: hide RegisterTests behind ifdef UNITTESTS Update all callers to more aggressively use UNITTESTS guards as well.	5 years ago
Victor Julien	26bcc97515	detect/keywords: dynamic version part of doc URL	5 years ago
Jeff Lucovsky	d3a65fe156	detect: Provide `de_ctx` to free functions This commit makes sure that the `DetectEngineCtx *` is available to each detector's "free" function.	5 years ago
Shivani Bhardwaj	0e4f261224	Use StringParse* for all parsers and configurations	5 years ago
Shivani Bhardwaj	d801c3e588	detect: Make keyword description consistent Closes redmine ticket #3137.	6 years ago
Shivani Bhardwaj	b5b429c288	detect: Add missing keyword URLs and description Add missing keyword URLs and their description. Fix the ones that were incorrect. Partially closes redmine ticket #2974.	6 years ago
Victor Julien	14896365ef	detect: remove Threadvars argument from API calls Remove it as it's (almost) never used. If it is really needed it can be accessed through DetectEngineThreadCtx::tv as well.	6 years ago
Victor Julien	752bb1c410	detect/dnp3: add dnp3.data with v2 api support Adds MPM support as well. Add TxDetectFlags support to the parser to avoid duplicate matches.	6 years ago
Victor Julien	32fb7d773a	detect/content-inspect: turn void arg into Packet Replace the 'void data' argument by a 'Packet p' as this was the only user left of the data pointer.	6 years ago
Victor Julien	cbd5ca3f69	detect/dnp3: cleanup list and proto registration	7 years ago
Victor Julien	d14e51a4aa	detect/content: pass START/END flags to inspection	8 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	8 years ago
Victor Julien	d304be5bc3	detect: register progress in inspect engines Register required progress so we can stop inspecting as soon as the progress isn't far enough yet.	8 years ago
Victor Julien	dfac5276b8	detect: remove unused SIGMATCH_PAYLOAD flag	9 years ago
Victor Julien	775e182531	detect: remove AppLayerMatch API call	9 years ago
Victor Julien	8bd1422948	detect: detect engine registration cleanup	9 years ago
Victor Julien	cfdd934aba	dnp3: dynamic buffers/lists	9 years ago
Victor Julien	f370e88135	detect: move init only Signature members to init_data	9 years ago
Victor Julien	0a5ae415b8	detect: shrink Signature::sm_arrays Signature::sm_arrays now only contains 'built-in' lists, and so is sized appropriately.	9 years ago
Victor Julien	f281481b67	detect: use detect list passed to generic funcs Until now the GenericList users used hardcoded list id's.	9 years ago
Victor Julien	bd456076a8	detect: pass SigMatchData to inspect functions	9 years ago
Victor Julien	2f87c975d4	detect: add SigMatch arg to inspect functions	9 years ago
Victor Julien	bfd4bc8233	detect: constify Signature/SigMatch use at runtime	9 years ago
Jason Ish	2ce95babd6	dnp3: use _ in keyword names instead of "." dnp3.ind -> dnp3_ind dnp3.func -> dnp3_func dnp3.obj -> dnp3_obj The variations with a "." are now aliases.	9 years ago
Victor Julien	5dc9c1b874	DNP3: minor cleanup	9 years ago
Victor Julien	7cf231c7ec	DNP3: don't leak memory on dnp3_obj parsing	9 years ago
Jason Ish	a59f31a99f	DNP3: Lua detect support. Adds support for access the DNP3 transaction in Lua rules.	9 years ago
Jason Ish	1a31bded4a	DNP3: dnp3_data, dnp3_func, dnp3_ind, dnp3_obj rule keywords	9 years ago

40 Commits (b31ffde6f4f9069eaa7f366d3d9a3ab68e97209e)