suricata

Author	SHA1	Message	Date
Victor Julien	13cebb1857	detect: fix heap overflow issue with buffer setup In some cases, the InspectionBufferGet function would be followed by a failure to set the buffer up, for example due to a HTTP body limit not yet being reached. Yet each call to InspectionBufferGet would lead to the matching list_id to be added to the DetectEngineThreadCtx::inspect.to_clear_queue. This array is sized to add each list only once, but in this case the same id could be added multiple times, potentially overflowing the array.	4 years ago
Philippe Antoine	445e03d752	detect: null sanity checks for pkthdr Even when the rules are only applied on traffic with the protocol the structure for the protocol header can be set to NULL if there was an error parsing the header	4 years ago
Victor Julien	26bcc97515	detect/keywords: dynamic version part of doc URL	5 years ago
Victor Julien	367e3e1895	detect/tcp/udp: minor cleanups	5 years ago
Victor Julien	4dff903b35	detect: introduce pkt mpm engines Instead of the hardcode L4 matching in MPM that was recently introduced, add an API similar to the AppLayer MPM and inspect engines. Share part of the registration code with the AppLayer. Implement for the tcp.hdr and udp.hdr keywords.	5 years ago
Victor Julien	35be8385eb	detect: tcp.hdr sticky buffer Sticky buffer to inspect the TCP header.	5 years ago