This also breaks out the fileinfo function into a method per file info
item. And likewise for state, just return the state and add a new method
for checking if the file is stored.
Ticket: #7491
If a password message was seen while logging passwords was disabled
for pgsql, this would lead to an empty request being logged.
Instead of simply not logging anything when there is a password message
and this is disabled, however, log instead that said password is
redacted.
Bug #7647
PKT_STREAM_EOF flag is set only when a pseudo packet is created. In all
the users of this flag, it suffices to use PKT_PSEUDO_STREAM_END
instead. PKT_PSEUDO_STREAM_END is the more widely used flag as well so
keep it and remove this unneeded flag creating a vacancy.
Whether minimum inspection depth should be respected is an important
parameter but it is only used by one caller of StreamReassembleRawDo fn
to calculate progress value. This progress value is already passed as a
parameter to the said fn.
CC detect-engine-loader.o
In file included from /usr/include/stdio.h:970,
from suricata-common.h:77,
from detect-engine-loader.c:24:
In function 'fgets',
inlined from 'DetectLoadSigFile' at detect-engine-loader.c:139:11:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:313:12: warning: argument 2 value -1 is negative [-Wstringop-overflow=]
313 | return __fgets_alias (__s, __n, __stream);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/features.h:523,
from /usr/include/dirent.h:25,
from suricata-common.h:73:
/usr/include/x86_64-linux-gnu/bits/stdio2-decl.h: In function 'DetectLoadSigFile':
/usr/include/x86_64-linux-gnu/bits/stdio2-decl.h:96:14: note: in a call to function '__fgets_alias' declared with attribute 'access (write_only, 1, 2)'
96 | extern char *__REDIRECT (__fgets_alias,
| ^~~~~~~~~~
Suppress the following warning:
util-pages.c:49:13: warning: Both PROT_WRITE and PROT_EXEC flags are set. This can lead to exploitable memory regions, which could be overwritten with malicious code [security.MmapWriteExec]
49 | if (mprotect(ptr, getpagesize(), PROT_READ|PROT_WRITE|PROT_EXEC) == -1) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
As the check is done to check if the OS allows it or not, for enabling
JIT in pcre.
util-mpm-hs-cache.c:83:25: warning: Value of 'errno' was not checked and may be overwritten by function 'fread' [unix.Errno]
83 | size_t bytes_read = fread(buffer, 1, file_sz, file);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
"After calling 'rewind' reading 'errno' is required to find out if the call has failed".
detect-bytetest.c:523:14: warning: 2nd function call argument is an uninitialized value [core.CallAndMessage]
523 | if (!DetectBytetestValidateNbytes(data, nbytes, optstr)) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
It generates a `compile_commands.json` suitable for clangd.
This is almost mandatory to have a command like this one for NixOs
users as tool like bear are not able to intercept correctly the
clang calls due to the usage of a wrapper.
Ticket: #7669
By adding a `shell.nix` file in the root directory of the source,
NixOs (https://nixos.org/) users can get a ready for development
environment by simply running `nix-shell` from the source tree.
This is really convenient as the installation of needed packages
is just done as user and transparently for the user/developer.
Ticket: #7669
Track per flow thread id for UDP and other non-TCP protocols. This
improves the timeout handling as the per thread timestamp is used in
offline mode.
Fixes: ada2bfe009 ("flow/worker: improve flow timeout time accuracy")
Fixes: ef396f7509 ("flow/manager: in offline mode, use owning threads time")
Bug #7687.
Ticket: 7665
Instead of each keyword calling DetectSetupDirection, use a
new flag SIGMATCH_SUPPORT_DIR so that DetectSetupDirection gets
called, before parsing the rest of the keyword.
Allows to support filesize keyword in transactional signatures
Philippe Antoine
Jeff Lucovsky
Victor Julien
Jason Ish
Juliana Fajardini
Shivani Bhardwaj
Eric Leblond