suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	977c5ea719	detect: initialize empty buffers	2 years ago
Victor Julien	158e648d87	detect/http2: update buffer initialization logic	3 years ago
Victor Julien	b31ffde6f4	output: remove error codes from output	3 years ago
Victor Julien	3263202094	detect/tx: add AppLayerTxData to PrefilterTx In preparation of some file inspection optimizations, for which we need the tx data. Update all users.	3 years ago
Victor Julien	040404b093	detect/profiling: track bytes scanned by prefilter engines	3 years ago
Philippe Antoine	83a8cd80b2	detect: remove wrappers around DetectEngineInspectGenericList	3 years ago
Philippe Antoine	02f2602dde	src: rework includes as per cppclean	3 years ago
Philippe Antoine	b8524e70d9	detect: change InspectEngineFuncPtr2 to return uint8_t	3 years ago
Philippe Antoine	c5cf2967b3	detect: fix integer warnings Ticket: #4516	3 years ago
Philippe Antoine	f29b43defd	detect: rust generic functions for integers Move it away from http2 to generic core crate. And use it for DCERPC (and SMB) And remove the C version. Main change in API is the free function is not free itself, but a rust wrapper around unbox. Ticket: #4112	3 years ago
Philippe Antoine	7d0a39412b	detect: use u32 for InspectionBufferMultipleForList So that we do not have an endless loop casting index to u16 and having more than 65536 buffers in one transaction Changes for all protocols, even ones where it is impossible to have such a pattern, so as to avoid bad pattern copy/paste in the future	4 years ago
Victor Julien	3dc50322db	detect: fix multi inspect buffer issue; clean up Fix multi inspect buffer API causing cleanup logic in the single inspect buffer paths. This could lead to a buffer overrun in the "to clear" logic. Multi buffers now use InspectionBufferSetupMulti instead of InspectionBuffer. This is enforced by a check in debug validation. Simplify the multi inspect buffer setup code and update the callers.	4 years ago
Victor Julien	13cebb1857	detect: fix heap overflow issue with buffer setup In some cases, the InspectionBufferGet function would be followed by a failure to set the buffer up, for example due to a HTTP body limit not yet being reached. Yet each call to InspectionBufferGet would lead to the matching list_id to be added to the DetectEngineThreadCtx::inspect.to_clear_queue. This array is sized to add each list only once, but in this case the same id could be added multiple times, potentially overflowing the array.	5 years ago
Victor Julien	84385549fe	detect: remove unused arg from generic list inspect	5 years ago
Victor Julien	35310313de	detect/http2: inspect API v2	5 years ago
Philippe Antoine	1422b18a99	http2: initial support	5 years ago

16 Commits (f43b7191ae7cb52590e649d741187003ca207589)