aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,387 Commits
12 Branches
155 Tags
192 MiB
dependabot/github_actions/actions/upload-artifact-4.6.1
dependabot/github_actions/codecov/codecov-action-5.4.0
dependabot/github_actions/github/codeql-action-3.28.10
dependabot/github_actions/actions/download-artifact-4.1.9
dependabot/github_actions/ossf/scorecard-action-2.4.1
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'edfda9f69f'
${ noResults }
Commit Graph

15387 Commits (edfda9f69fb2f095a195860b382eed94655238be)
 

Author SHA1 Message Date
Stephen Donnelly c28cc93e23 source/erf-dag: compiler warnings 
Bug: #6667.

Fix compiler warnings for function pointer parameters missing const with --enable-dag
 1 year ago
Shivani Bhardwaj 26b81ca007 detect: make SigMatch.is_last bool 
It is used like bool so much so that nothing needs to be changed even
after changing its type.
 1 year ago
Shivani Bhardwaj 588af05565 detect: remove unneeded size in DetectEngineCtx 
sig_array_size can easily be calculated with length and is only used at
one place for debugging purposes. Remove it from the DetectEngineCtx
struct to avoid making it unnecessarily heavy.
 1 year ago
Shivani Bhardwaj 778820ba06 detect/alert: remove unnecessary else 1 year ago
Jeff Lucovsky 995f5fc8c5 htp/swf: Remove flash deprecation notice 
Issue: 6605

Flash decompression will remain so the deprecation notice is not needed.
 1 year ago
Jeff Lucovsky 58f882db94 doc/pcap-log: Remove squil documentation 
Issue: 6347
 1 year ago
Jeff Lucovsky 9101878e11 log/pcap: Remove sguil mode 
Issue: 6347

Remove sguil-mode pcap logging capability.
 1 year ago
Jeff Lucovsky ff609f5dc3 conf/log: Remove sguil mode 
Issue: 6347
 1 year ago
Jason Ish 90ae3a223f eve/schema: allow authorities in dns.answers in alert 
Factor out dns.authorities to a definition.
 1 year ago
Vincent Li f80d26db0b flow-bypass: Set bypass thread to running state 
When running Suricata in XDP bypass mode (bypass: yes),

Suricata started up with error:
Error: threads: thread "FB" failed to start in time: flags 0003

"FB" thread does not transition from THV_INIT_DONE to THV_RUNNING.

Set "FB" thread THV_RUNNING state in BypassedFlowManager().

Bug: #6254

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 1 year ago
Philippe Antoine 6896a93d87 rust: update test_case crate 
fixes unused_unit

warning: unneeded unit expression
   --> src/bittorrent_dht/parser.rs:590:5
    |
590 | /     #[test_case(
591 | |         b"",
592 | |         "Error: discovered Dict but expected EOF" ;
593 | |         "test parse bittorrent dht packet err 1"
594 | |     )]
    | |______^
 1 year ago
Philippe Antoine bedd48596f ci: run clippy on test code as well 1 year ago
Philippe Antoine 259cdf169e rust: fix single_binding 
error: this match could be written as a `let` statement
   --> src/nfs/nfs3_records.rs:747:9
    |
747 | /         match result {
748 | |             (r, request) => {
749 | |                 assert_eq!(r.len(), 0);
750 | |                 assert_eq!(request.handle, expected_handle);
751 | |                 assert_eq!(request.name_vec, br#"bln"#);
752 | |             }
753 | |         }
    | |_________^
 1 year ago
Philippe Antoine b141eb9f11 rust: fix single_match 
warning: you seem to be trying to use `match` for destructuring a single pattern. Consider using `if let`
   --> src/http2/parser.rs:882:17
    |
882 | /                 match ctx.value {
883 | |                     Some(_) => {
884 | |                         panic!("Unexpected value");
885 | |                     }
886 | |                     None => {}
887 | |                 }
    | |_________________^
 1 year ago
Philippe Antoine 9a84681bd9 rust: fix vec_init_then_push 
warning: calls to `push` immediately after creation
    --> src/pgsql/parser.rs:1179:9
     |
1179 | /         let mut database_param: Vec<PgsqlParameter> = Vec::new();
1180 | |         database_param.push(database);
     | |______________________________________^
help: consider using the `vec![]` macro: `let database_param: Vec<PgsqlParameter> = vec![..];`
 1 year ago
Philippe Antoine 85329f5351 rust: fix zero_prefixed_literal 
warning: this is a decimal constant
   --> src/mqtt/parser.rs:888:19
    |
888 |             0x00, 06, /* Topic Length: 6 */
    |                   ^^
    |
 1 year ago
Philippe Antoine a8199bf2ca rust: fix assertions_on_constants for assert!(false) 
using panic! instead with a string message
 1 year ago
Philippe Antoine c49463c86f rust: fix assertions_on_constants for assert!(true) 
Which will be optimized away by the compiler
 1 year ago
Gleb Smirnoff b239e88c93 ipfw: close(2) instead shutdown(2) of the divert(4) socket 
The shutdown(2) syscall would always return ENOTCONN for FreeBSD 11,
FreeBSD 12, FreeBSD 13 and FreeBSD 14.  It could do some action on the
socket in the kernel in FreeBSD 10 and before, did not test.
 1 year ago
Philippe Antoine adf5e6da7b detect: strip_pseudo_headers transform 
Ticket: 6546
 1 year ago
Victor Julien 1dcf69b211 eve/http: add location header independent of status availability 1 year ago
Victor Julien 9a14d7a723 eve/http: use numeric status code by default 
To avoid costly string operations.
 1 year ago
Victor Julien f5565f42e7 eve/email: improve logging binary data 
Use jb_append_string_from_bytes() as it works better than
BytesToString+jb_append_string when logging binary data.

Bug: #6664.
 1 year ago
Victor Julien 609cac58b7 flow: minor optimization 
Most of the time FlowGetFlowFromHash will succeed.
 1 year ago
Victor Julien 75c1b7fb10 detect: consolidate per rule group file loops 
Don't loop multiple times over the per group sig array.
 1 year ago
Victor Julien 3b8ed937d7 detect: remove DCERPC mask logic 
Added nothing over alproto check already in place.
 1 year ago
Victor Julien 44a8bf463e detect/rule-header: use bool type 
Update frame prototype as well, to match already returned true/false values.
 1 year ago
Victor Julien 72841be050 detect/rule-header: minor code cleanups 1 year ago
Victor Julien 5c6089f93f detect/address: refactor match array building 1 year ago
Victor Julien 7b2d6b6894 detect/address: minor cleanup 1 year ago
Victor Julien 96aee6434f mpm/ac: pointer hygene 1 year ago
Victor Julien aad403d87d mpm/hs: improve pointer hygene 1 year ago
Victor Julien 11bf60aa3a detect/mpm: minor cleanup 1 year ago
Victor Julien db2484276e detect: shrink sgh to have all runtime members on one cache line 1 year ago
Victor Julien 91f153fb1d detect: constify flow flags in tx rule inspect 1 year ago
Victor Julien e4550bee0a detect: minor cleanup for rule group get function 1 year ago
Victor Julien fd4ca53eb7 app-layer: micro optimization for AppProtoEquals 
Add most common condition first.
 1 year ago
Victor Julien 88cc999184 detect/bsize: constify keyword args during size check 1 year ago
Victor Julien e06d2c402a detect/content: limits prop comment cleanup 1 year ago
Victor Julien 4f0f7b1969 detect/dsize: minor code cleanup 1 year ago
Victor Julien 2b3ec34de8 detect: use do { } while loop for app engine loop 1 year ago
Victor Julien 2911656d6c detect/content: fix offset for negative distance 
Fix offset calculation on sigs with negative distance. Can lead to FN
in certain cases.

Bug: #6661.
 1 year ago
Victor Julien 18eafb622f detect/content-inspect: add more tests 1 year ago
Victor Julien 0172c01dc2 spm/bm: minor code cleanups; constification 1 year ago
Victor Julien 4a6a3dc296 mpm: UNITTESTS guard for RegisterUnittests func 1 year ago
Victor Julien ea5cf44fc2 mpm: remove unused flags field 1 year ago
Victor Julien 4558c5c515 detect/http_server_body: modernize test 1 year ago
Victor Julien bd66504a43 detect: implement --qa-skip-prefilter 
Option meant for testing performance of rule engine w/o prefilter
optimizations.
 1 year ago
Victor Julien 222dcf776e detect/content-inspect: add negation tests 
Test mixing of negation, endswith and depth.
 1 year ago
Victor Julien fd75aca1a1 detect/bytetest: remove unused Match function 
All matching is done as part of content inspection.
 1 year ago