aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
866 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cf5266094d'
${ noResults }
Commit Graph

866 Commits (cf5266094d9dc110d55c64a65d4d575d96d0241d)
 

Author SHA1 Message Date
Steve Grubb f6653752c5 memory leak cleanup in alerts 
Hello,

I ran the code through an analysis program and found several memory leaks
in the alert code.

*In src/alert-fastlog.c at line 178, aft was not being freed
*In src/alert-debuglog.c at line 205, aftwas not being freed
*In src/alert-unified-log.c at lines 234 and 243, aun was not being freed
*In src/alert-unified-alert.c at lines 219 and 230, aun was not being freed
*In src/alert-unified2-alert.c at line 505, aun was not being freed

The patch below fixes this.

-Steve
 15 years ago
Victor Julien 5f5a44b365 PPPoE fixes. 15 years ago
William Metcalf 82978f9f27 new pfring runmode for quad core, other small pfring fixes 15 years ago
Victor Julien 434da6b965 Set no reassembly flags on sessions we don't recognize the protocol for. 15 years ago
Gurvinder Singh f6b0c481b0 urilen support for engine 15 years ago
Victor Julien 9b4f3f918b Fix broken debug code in stream reassembly 15 years ago
Pablo Rincon c1e6aabb0a Small fix 15 years ago
Pablo Rincon 705471e4ee Adding single pattern matcher algorithms. If you cannot store a context for the patterns, use SpmSearch() macro. Adding unittests and stats 15 years ago
Victor Julien cae8e06cb9 Properly lock app layer result pool and add some debugging code for memory tracking. 15 years ago
Victor Julien 4284276b11 Merge applayer detect function into normal match function. Should speed up detection. 15 years ago
Victor Julien bcd0682150 Make engine startup a little less verbose. 15 years ago
Jason Ish 5076452707 Potential fix for issue 60. 
- Increase the packet buffer so it can hold the link header when we
  have maximum size IP datagrams.
- Fix ip header length and pkt length calculation for re-assembled
  packets.
 15 years ago
Victor Julien 9d3a9273dd Rename fmem_t to SCFmem and make sure it's not exported. 15 years ago
Pablo Rincon 673afeb4d3 fmemopen wrapper added (fix compilation problems on macosx and freebsd) 15 years ago
Victor Julien 42e8a01221 Make sure pcre PCRE_EXTRA_MATCH_LIMIT_RECURSION check works with strict compiler settings. 15 years ago
William Metcalf 5bde121754 --enable-gccprofile sets -pg flag detect presence of pcre recursion 15 years ago
Eric Leblond db2d483d11 convert action_type to enum 
This patch converts packet action type to an enum. This will
provide some facilities and ease bad value detection by gcc.
 15 years ago
Gerardo Iglesias Galvan f5743afed5 Fix logging messages related to icmp_id parsing 15 years ago
Gerardo Iglesias Galvan 4b39ddaf95 Fix logging messages related to icmp_id parsing 15 years ago
Breno Silva 1d055b0e09 ICMP Seq Rule Keyword 15 years ago
Victor Julien 34e11e4784 Fixup unused variable compiler warning in the dce code. 15 years ago
root ddf5995049 endianness handling update 15 years ago
Kirby Kuehl 3d59f40640 style patch 15 years ago
root 706bb95209 fix bug 61 15 years ago
Jason Ish 7aac64f262 unit test for issue 59. 15 years ago
Jason Ish a7b37afc4e Fix issue 59. Drop a fragment that extends past the maximum IP packet size. 15 years ago
Gurvinder Singh fea277b2aa memory leak fixes 15 years ago
Gurvinder Singh 5c8d90afc8 memory leak fixes 15 years ago
Gurvinder Singh 66cc392177 init b46 15 years ago
Kirby Kuehl 90b42232fa dcerpc request smb transact and fix for dcerpc bindack 15 years ago
Gurvinder Singh 8f00718b0d bug 57 15 years ago
Eric Leblond 51be576a30 nfq: modify queue length computation logic 
This patch modifies  max queue length computation logic. The max queue
length was set to MAX_PENDING which is the total number of packet
processed simultaneously in suricata.

This value is correct but this will not permit to take all burst
effects into account (read sudden quantity of packet that arrives
faster than suricata is enable to parse). Furthermore there is a
delaying system when suricata gets overloaded which make necessary
to have packet storable into kernel for some time.

To improve this situation the patch increases the maximum queue
length to NFQ_BURST_FACTOR (4) time the MAX_PENDING packet and
it also increase the nfnetlink buffer size to be able to store
all packets waiting for suricata in the netlink receive buffer.
 15 years ago
Eric Leblond 775ac9ad9d fix code file permission 
detect-http-method.c was executable.
 15 years ago
Eric Leblond 84dfc0172a gcc warning fixes. 
This patch fixes gcc warning:
    warning: suggest braces around empty body in an ‘if’ statement
This was the case in  when the macro SCLogDebug was used:
    if (ssn != NULL)
        SCLogDebug("ssn->alproto %"PRIu16"", ssn->alproto);

It also fixes a signed-unsigned comparison.
 15 years ago
Eric Leblond bda8702474 configure: compile with -Wextra 
This patch modify CFLAGS to use -Wextra flag. To avoid problem
with "unused param" it disable this warning.
 15 years ago
Eric Leblond 72d48f6658 nfq: add sanity checking 
This patch adds sanity checking to payload handling. It set length
of packet to zero if an error occurs.
 15 years ago
Eric Leblond 56cccdfa62 nfq: use switch instead of 'else if' 
This patch convert a 'else if' serie to a switch to increase
the readability of the decision related code.

 Please enter the commit message for your changes. Lines starting
 15 years ago
Eric Leblond c96586446b ethernet: use switch instead of 'else if' 
This patch uses a switch instead of a 'else if' series. It also
adds a debug message for unsupported ethernet type.
 15 years ago
Eric Leblond 6cf00d6204 Fix typo in Makefile.am 
This patch fixes a typo in Makefile.am which was preventing
'make tags' from working.
 15 years ago
Victor Julien 9295193968 Fixup unittest error output for RAW decoder. 15 years ago
William Metcalf c5d0b492d3 small unittest fixes to decode-raw.c 15 years ago
William Metcalf 8a64321340 raw pcap support additionl ipv4/6 validation 15 years ago
Pablo Rincon 0c9f51498a Small fixes at unittest helper functions and TestBidirec03 15 years ago
Pablo Rincon c80160b96d More examples of unittest helper functions usage reference 15 years ago
Pablo Rincon b6a3395c08 Adding unittest helper functions for building generic packets, checking arrays of expected match results, perform generic tests, etc. Look at util-unittest-helper.c and detect-ipproto.c for references 15 years ago
Jason Ish 095f2cf6ef Consistency fix.. Xxxlog -> XxxLog. 15 years ago
Jason Ish e204d07717 Have output modules register themselves so run mode configurator becomes aware of them for purposes of being configured from the config file. 15 years ago
Victor Julien 9b90c553b5 Clean ip fields from packet as well when the packet is reused. Prevents issues with malformed packets that are rejected by the decoders before ipaddresses are set. 15 years ago
Victor Julien 27a138d862 Suppress some flow messages. 15 years ago
Gurvinder Singh b0dcd02c1b bug 56 patch 15 years ago