aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,124 Commits
7 Branches
161 Tags
210 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f6fd1b017f'
${ noResults }
Commit Graph

1207 Commits (f6fd1b017fdb051ecbb028971648e990d3295c2c)

Author SHA1 Message Date
Jason Ish 64cb687a65 rust: suppress specific manual_flatten list 
In this case of debug code, the explicit iterator seems to make more
sense.
 3 years ago
Jason Ish 7080ecbb76 rust: remove explicit lifetimes where not needed 3 years ago
Jason Ish e7f5bd047d rust: fix needless borrows of references 
Fixed automatically by cargo clippy --fix.
 3 years ago
Jason Ish 29f345af1a rust: allow uninlined_format_args 
Newer versions of Rust/clippy are getting picky about format strings.
We should allow and use the new style, but also not prevent the old
style.
 3 years ago
Jason Ish 3f4dad8676 ftp: add events for command too long 
Issue: 5235
 3 years ago
Jason Ish 48920bd784 rust/derive: allow event name to be set as attribute 
When deriving AppLayerEvent, allow the event name to be set with the
"name" attribute in cases where the transformed name is not suitable.

This allows us to use enum variant names like
"FtpEventRequestCommandTooLong" for direct use in C, but is also a
name that doesn't transform well to an event name in rules, where we
want to see "request_command_too_long".
 3 years ago
Philippe Antoine b52293b609 dcerpc: config limit maximum number of live transactions 
As is done for other protocols

Ticket: #5779
 3 years ago
Philippe Antoine ba99241957 http2: fix leak with range files 
Ticket: #5808

May have been introduced by a24d7dc45c

Function http2_range_open expects to be called only when
tx.file_range is nil. One condition to ensure this is to check
that we are beginning the files contents. The filetracker field
file_open is not fit for this, as it may be reset to false.
 3 years ago
Victor Julien 37f13a4fc7 smb: set defaults for file transfer limits 
Ticket: #5782.
 3 years ago
Jason Ish fab3f36b8c dns: never return error on UDP DNS 
UDP parsers should never return error as it should indicate to Suricata
that an unrecoverable error has occurred.  UDP being record based for
the most part is almost always recoverable, at least for protocols like
DNS.
 3 years ago
Jason Ish d720ead470 dns: split header and body parsing 
As part of extra header validation, split out DNS body parsing to
avoid the overhead of parsing the header twice.
 3 years ago
Jason Ish 595700ab7e dns: validate header on every incoming message 
As UDP streams getting probed, a stream that does not appear to be DNS
at first, may have a single packet that does look close enough to DNS
to be picked up as DNS causing every subsequent packet to result in a
parser error.

To mitigate this, probe every incoming DNS message header for validity
before continuing onto the body.  If the header doesn't validate as
DNS, just ignore the packet so no parse error is registered.
 3 years ago
Jason Ish c98c49d4ba dns: parse and alert on invalid opcodes 
Accept DNS messages with an invalid opcode that are otherwise
valid. Such DNS message will create a parser event.

This is a change of behavior, previously an invalid opcode would cause
the DNS message to not be detected or parsed as DNS.

Issue: #5444
 3 years ago
Jason Ish 7afc2e3aed dns: rustfmt 3 years ago
Jason Ish 39d2524bf6 dns: mark test buffers with rustfmt::skip 3 years ago
Victor Julien 6cc9811edd files: move FileContainer into FileTransferTracker 
Update SMB, NFS, HTTP2.
 3 years ago
Victor Julien e3e55406a7 files: update API and callers to take stream config 
This is to allow not storing the stream buffer config in each file.
 3 years ago
Victor Julien 71bc9e75f5 app-layer: get sbconfg with files 3 years ago
Victor Julien a1a221066f files: remove filecontainer drop trait 
In preparation of it becoming impossible to use due to the free
function getting an cfg argument.
 3 years ago
Victor Julien 0320c03f8c http2: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 3 years ago
Victor Julien 4b1e9f7c21 smb: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 3 years ago
Victor Julien 3a24cce289 nfs: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 3 years ago
Victor Julien 4bfeac6591 nfs: file handling cleanups 3 years ago
Victor Julien 33f6a16290 smb: file handling cleanups 3 years ago
Victor Julien d57510a10f files: remove unused Rust binding for file pruning 3 years ago
Victor Julien a24d7dc45c smb: fix post-trunc chunk behavior 
After a gap in a file transaction, the file tracker is truncated. However
this did not clear any stored out of order chunks from memory or stop more
chunks to be stored, leading to accumulation of a large number of chunks.

This patches fixes this be clearing the stored chunks on trunc. It also
makes sure no more chunks are stored in the tracker after the trunc.

Bug: #5781.
 3 years ago
Philippe Antoine 55c4834e4e smb: configurable max number of transactions per flow 
Ticket: #5753
 3 years ago
Philippe Antoine 1d9183638f smb: convert transaction list to vecdeque 
Allows for more efficient removal from front of the list.

Ticket: #5753
 3 years ago
Philippe Antoine cb89192ec3 smb: fix typo in comment 3 years ago
Haleema Khan cfcb7df9dc mqtt: rustfmt parser.rs 3 years ago
Haleema Khan 23acb89653 mqtt: add unittests for nom7 parsers 
Ticket: #5742
 3 years ago
Haleema Khan cdc5ccd7f7 rfb: rustfmt parser.rs 3 years ago
Haleema Khan b95d7efbd0 rfb: add unittests for nom7 parsers 
Task: #5741
 3 years ago
Philippe Antoine 3979acb5ed smb: set event for ntlmssp unusual order 3 years ago
Philippe Antoine e41c01a483 smb: rustfmt ntlmssp_records.rs 3 years ago
Philippe Antoine 1db8685848 smb/ntlmssp: parse fields independently of order 
Instead of relying on the usual ordering...

Ticket: #5258
 3 years ago
Jason Ish ae192ebae7 rust: sync log levels with C 3 years ago
Jeff Lucovsky f8474344cd log: Add module and subsystem identifiers to log 
Issue: 2497

This changeset provides subsystem and module identifiers in the log when
the log format string contains "%S". By convention, the log format
surrounds "%S" with brackets.

The subsystem name is generally the same as the thread name. The module
name is derived from the source code module name and usually consists of
the first one or 2 segments of the name using the dash character as the
segment delimiter.
 3 years ago
Victor Julien b31ffde6f4 output: remove error codes from output 3 years ago
Jason Ish bd9adac3ac rust/clippy: comments on why we have specific allows 3 years ago
Jason Ish dfd7abe185 rust/clippy: fix lint: type_complexity 
Convert a DNS sub-parser to use a return type rather than a large
tuple. For mqtt, allow the lint for now, but remove the global allow.
 3 years ago
Jason Ish e49ce49471 rust/clippy: allow result_unit_err in http2 only 
Its the only module making use of this pattern, but we shouldn't let
new modules use this pattern.
 3 years ago
Jason Ish 7ba2dadc7f rust/clippy: fix lint: upper_case_acronyms 3 years ago
Jason Ish 029ac650d7 rust/clippy: fix lint: manual_find 
These get_tx methods look like ideal candidates for generic and/or
derived methods.
 3 years ago
Jason Ish 4940dfb3bd rust/clippy: fix lint: len_without_is_empty 3 years ago
Jason Ish e1cffd348f rust/clippy: fix lint: field_reassign_with_default 3 years ago
Jason Ish 9df7c326b9 rust/clippy: remove allow: collapsible_else_if 3 years ago
Jason Ish 30ee5fc835 rust/clippy: remove allow: collapsible_if 
Already clean.
 3 years ago
Jason Ish da12b77f18 rust/clippy: fix lint: new_without_default 3 years ago
Jason Ish c4cf062a6f rust/clippy: fix lint: redundant_pattern_matching 3 years ago