Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Victor Julien 82ae41d320 pool: on Init() error, properly clean up ... In the stream engine, Init() can fail if the memcap is reached. In this case the segment was not freed by PoolGet: ==8600== Thread 1: ==8600== 70,480 bytes in 1,762 blocks are definitely lost in loss record 611 of 612 ==8600== at 0x4C2A2DB: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==8600== by 0x914CC8: TcpSegmentPoolAlloc (stream-tcp-reassemble.c:166) ==8600== by 0xA0D315: PoolGet (util-pool.c:297) ==8600== by 0x9302CD: StreamTcpGetSegment (stream-tcp-reassemble.c:3768) ==8600== by 0x921FE8: StreamTcpReassembleHandleSegmentHandleData (stream-tcp-reassemble.c:1873) ==8600== by 0x92EEDA: StreamTcpReassembleHandleSegment (stream-tcp-reassemble.c:3584) ==8600== by 0x8D3BB1: HandleEstablishedPacketToServer (stream-tcp.c:1969) ==8600== by 0x8D7F98: StreamTcpPacketStateEstablished (stream-tcp.c:2323) ==8600== by 0x8F13B8: StreamTcpPacket (stream-tcp.c:4243) ==8600== by 0x8F2537: StreamTcp (stream-tcp.c:4485) ==8600== by 0x95DFBB: TmThreadsSlotVarRun (tm-threads.c:559) ==8600== by 0x8BE60D: TmThreadsSlotProcessPkt (tm-threads.h:142) tcp.segment_memcap_drop | PcapFile | 1762 This patch fixes PoolGet to both Cleanup and Free the Alloc'd data in case Init fails.		12 years ago
benches	…
contrib	Add option on Tile-Gx for logging for fast.log alerts over PCIe	12 years ago
doc	Update docs from wiki	13 years ago
m4	…
qa	Updated banned function cocci check	12 years ago
rules	Make sure tls-events is part of the dist	12 years ago
scripts	suricatasc: fix make distcheck.	13 years ago
src	pool: on Init() error, properly clean up	12 years ago
.gitignore	unittest: make check use a qa/log dir for logging	12 years ago
COPYING	…
ChangeLog	Update Changelog for 2.0rc1 release	12 years ago
LICENSE	…
Makefile.am	dns: rules files was not installed	12 years ago
Makefile.cvs	…
acsite.m4	…
autogen.sh	OpenBSD 5.2 build fixes, Unit test fix.	13 years ago
classification.config	…
config.rpath	Add file needed for some autotools version.	12 years ago
configure.ac	configure: fix typo in libjansson warning message	12 years ago
doxygen.cfg	doxygen: document all code	12 years ago
reference.config	…
suricata.yaml.in	yaml: add and comment missing dns settings	12 years ago
threshold.config	…