aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,600 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c95850c6ce'
${ noResults }
Commit Graph

11600 Commits (c95850c6ce334af9174ef6efeeb19347e2804b1b)
 

Author SHA1 Message Date
Jeff Lucovsky f6a399f154 general: Correct typos 5 years ago
Jeff Lucovsky fb409664d2 detect: byte_math support 5 years ago
Jeff Lucovsky 1a726731e4 detect: Use byte-math to byte var handling func 5 years ago
Jeff Lucovsky 0e4ba7b13e detect: Add byte_math detector 5 years ago
Jeff Lucovsky ac01adc260 detect: Add utility module for byte var handling 5 years ago
Victor Julien c1673908ac eve/alert: minor cleanups 5 years ago
Victor Julien d2c48d4faf eve/alert: move files logging into util func 5 years ago
Victor Julien 3dacbcddef eve/alert: move app-layer logic into a util func 5 years ago
Shivani Bhardwaj 537fb7a1c6 hyperscan: better error message if not compiled 5 years ago
Philippe Antoine ece29c4210 ssh: fix incomplete return for ssh kex 
In the case where we already parsed some records
 5 years ago
Philippe Antoine ca6d072297 dcerpc: detect right parsing of empty op version 5 years ago
Philippe Antoine abe3f6e6ef rfb: set app proto for signature keyword rfb.secresult 5 years ago
Jeff Lucovsky a58fdcd41d suricata.yaml.in: update stream-depth description 5 years ago
Jeff Lucovsky 496306e6a9 doc: update stream-depth description 5 years ago
Jeff Lucovsky ec07f58705 doc: update file-store stream depth description 5 years ago
Jeff Lucovsky 2f32d7f831 filestore: Use proper string in error case 
When make-open-files has an invalid value, the incorrect value was being
displayed improperly
 5 years ago
Jeff Lucovsky 823f6b35d0 filestore: Validate stream-depth when non-zero 
Make sure that configured non-zero values for stream-depth are
greater than stream_config.depth
 5 years ago
Jeff Lucovsky 6bb89c37f1 output/json: Correct clang warning 
This commit corrects the warning for mismatched type.
 5 years ago
Jeff Lucovsky b2c1dab2da output/alert: Correct FORWARD_NULL Coverity issue. 
This commit corrects the FORWARD_NULL issue in AlertJson by
null-checking p->flow
 5 years ago
Jeff Lucovsky bd22e0d7a4 output/ftp: Correct Coverity DEADCODE issue 
This commit corrects the deadcode (CID 1465224) issue in
EveFTPLogCommand.
 5 years ago
Jeff Lucovsky ac70d925f5 filestore: Correct Coverity RESOURCE_LEAK issue 
This commit corrects the RESOURCE_LEAK issue (CID 1465222) of the `FILE`
pointer.
 5 years ago
Jeff Lucovsky 2d055ed1f7 detect: Correct Coverity REVERSE_INULL issue 
This commit corrects the "Null pointer dereferences" issue (CID
1465221).
 5 years ago
Shivani Bhardwaj db75675f45 qa: add atoi to list of banned functions 5 years ago
Shivani Bhardwaj d27b407bc3 pfring: fix StringParse* warnings 
Closes redmine ticket 3808.
 5 years ago
Shivani Bhardwaj 7cbb8c44c5 ttl: Make IPV4 TTL uint_8t 5 years ago
Shivani Bhardwaj 4ed72addf3 src: remove multiple uses of atoi 
atoi() and related functions lack a mechanism for reporting errors for
invalid values. Replace them with calls to the appropriate
ByteExtractString* functions.

Partially closes redmine ticket 3053.
 5 years ago
Emmanuel Thompson 6e5d64f102 detect/asn1: Simplify errors and checks 5 years ago
Emmanuel Thompson 4fc45b5c60 detect/asn1: Update ASN1 struct lifetime 
- 'static is only realistic when allocating and leaking it over the
FFI boundary
 5 years ago
Emmanuel Thompson 627e90a4bd detect/asn1: Log out errors 
- Failure to parse asn1-max-frames
- Failure on asn1 detection checks
 5 years ago
Emmanuel Thompson 88601b1993 detect/asn1: Update relative_offset keyword 
- To be consistent with recent C version changes
- Add checks for over/underflows
 5 years ago
Emmanuel Thompson 275f6ae96f detect/asn1: Remove asn1 C parser 
- In favor of rust parser
 5 years ago
Emmanuel Thompson 7af6cdb7ec detect/asn1: Update asn1 C files to use rust code 
Mark rust extern "C" functions as pub in asn1 module to expose via cbindgen
Update detect-asn1.c/h to use rust functions
 5 years ago
Emmanuel Thompson 63704fdf13 rust/asn1: Introduce ASN1 rust module 
This module uses the `der-parser` crate to parse ASN1 objects in order to replace src/util-decode-asn1.c
It also handles the parsing of the asn1 keyword rules and detection checks performed in src/detect-asn1.c
 5 years ago
Emmanuel Thompson 6b8517dc12 rust: Update der, kerberos and snmp parser dependencies 
- The update to der-parser allows us to use the latest API changes
 5 years ago
Jeff Lucovsky dfcc8a88f6 util/proto: Convert validation routine to bool 
This commit changes the signature of the protocol validation code to
bool and simplifies the validation steps.
 5 years ago
Jeff Lucovsky 1e8d4af29a output/json: Improve protocol output handling 
Improve protocol label handling by eliminating an unneeded copy.

Additionally, unknown protocol values are no longer zero-padded.
 5 years ago
Jeff Lucovsky a06a706078 output/flow: Improve protocol output handling 
This commit improves handling of the protocol label by removing an
unnecessary copy.

Additionally, unknown protocol values are no longer zero-padded.
 5 years ago
Jeff Lucovsky 5776a98f67 log/syslog: Improve protocol output handling 
Move protocol handling outside of the packet alert loop.
 5 years ago
Jeff Lucovsky 0a1c36759a log: Use updated SCProtoNameValid signature 5 years ago
Jeff Lucovsky a843b36c97 output/lua: Remove unused proto code 
This commit removes unused protocol string handling logic.
 5 years ago
Jason Ish 43b9bfaed4 applayer template (rust): convert to JsonBuilder 5 years ago
Jason Ish d71fc50212 applayer template (C): convert to JsonBuilder 5 years ago
Shivani Bhardwaj 0ebeaf4fe4 modbus: align comments properly 5 years ago
Shivani Bhardwaj d5a672fbcf modbus: make subfunction uint16_t 5 years ago
Shivani Bhardwaj dfd872c1a7 enip: remove unnecessarry definition 5 years ago
Shivani Bhardwaj 0dac699197 src: remove multiple uses of atoi 
atoi() and related functions lack a mechanism for reporting errors for
invalid values. Replace them with calls to the appropriate
ByteExtractString* functions.

Closes redmine ticket 3053.
 5 years ago
Victor Julien a98a209732 fuzz/sigpcap: make sure hassh is enabled 5 years ago
Vadym Malakhatko a80f705d4b userguide: add documentation for Hassh usage 
1. Rules keywords
2. Json keywords
3. Usage in lua
4. Enabling in configuration file
 5 years ago
Vadym Malakhatko 8a8212d0f6 lua: add functions to get hassh parameters 5 years ago
Vadym Malakhatko 126597144c eve: add Hassh fields to SSH JSON logger and add ssh log condition 5 years ago