aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,344 Commits
7 Branches
155 Tags
200 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0d3c551b83'
${ noResults }
Commit Graph

14344 Commits (0d3c551b836ee737f70d16b0b42a33a02c747413)
 

Author SHA1 Message Date
Victor Julien 96f29440cb streaming: add sbcfg to StreamingBufferAppendRaw 2 years ago
Victor Julien 30ee9165b5 streaming: add sbcfg to StreamingBufferAppend 2 years ago
Victor Julien 3b5deb4ec7 streaming: add sbcfg to StreamingBufferSlideToOffset 2 years ago
Victor Julien b9540d1073 streaming: add sbcfg to StreamingBufferInsertAt 2 years ago
Victor Julien 058dc02e81 streaming: add sbcfg to StreamingBufferAppendNoTrack 2 years ago
Victor Julien 355f259b8c output/filedata: trunc file in output again 2 years ago
Victor Julien e3e55406a7 files: update API and callers to take stream config 
This is to allow not storing the stream buffer config in each file.
 2 years ago
Victor Julien f7dbdb7631 output/filedata: don't call file close 
Will be reenabled after file API is updated.
 2 years ago
Victor Julien 71bc9e75f5 app-layer: get sbconfg with files 2 years ago
Victor Julien a1a221066f files: remove filecontainer drop trait 
In preparation of it becoming impossible to use due to the free
function getting an cfg argument.
 2 years ago
Victor Julien 0320c03f8c http2: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 2 years ago
Victor Julien 4b1e9f7c21 smb: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 2 years ago
Victor Julien 3a24cce289 nfs: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 2 years ago
Victor Julien 4bfeac6591 nfs: file handling cleanups 2 years ago
Victor Julien 33f6a16290 smb: file handling cleanups 2 years ago
Victor Julien d57510a10f files: remove unused Rust binding for file pruning 2 years ago
Victor Julien f19b40a7f6 streaming: set size and max regions defaults 2 years ago
Victor Julien 229b82721d htp: remove duplicate prototypes 2 years ago
Victor Julien f788d31f22 htp/body: minor optimization 2 years ago
Victor Julien b62a513c47 flow: inline commonly used getters 2 years ago
Victor Julien 76a256a8b1 streaming: remove inefficient buffer grow logic 2 years ago
Victor Julien 467234659d streaming: remove unused slide logic 2 years ago
Victor Julien 0b36bde9be streaming: remove unused config member 2 years ago
Victor Julien 2cfbefb6c6 streaming: make minimum region gap size configurable 2 years ago
Victor Julien 8e9dac99f3 stream/reassembly: make max-regions configurable; set default 2 years ago
Victor Julien f896f03b7b streaming: add max regions config option 2 years ago
Victor Julien 42d3cd2061 stream/list: hack around GAP handling in tests 2 years ago
Victor Julien d2001ef94b stream: improve gap tests 2 years ago
Victor Julien 96dfd65b96 eve: log max regions 2 years ago
Victor Julien 1bb6f44ff0 stream: flow timeout improvement 
Check continuous data for app-layer and post gap data as well for
stream inspection.
 2 years ago
Victor Julien 1dac2467c5 streaming: implement memory regions 
In TCP, large gaps in the data could lead to an extremely poor utilization
of the streaming buffer memory. This was caused by the implementation using
a single continues memory allocation from the "stream offset" to the
current data. If a 100 byte segment was inserted for ISN + 20MiB, we would
allocate 20MiB, even if only 100 bytes were actually used.

This patch addresses the issue by implementing a list of memory regions.
The StreamingBuffer structure holds a static "main" region, which can be
extended in the form of a simple list of regions.

    [ main region ] [ gap ] [ aux region ]
    [ sbb ]                 [ sbb ]

On insert, find the correct region and see if the new data fits. If it
doesn't, see if we can expand the current region, or than we need to add
a new region. If expanding the current region means we overlap or get
too close to the next region, we merge them.

On sliding, we free any regions that slide out of window and consolidate
auxilary regions into main where needed.

Bug: #4580.
 2 years ago
Victor Julien 61e47ad6f5 stream: reduce streaming buffer internals use 2 years ago
Victor Julien a24d7dc45c smb: fix post-trunc chunk behavior 
After a gap in a file transaction, the file tracker is truncated. However
this did not clear any stored out of order chunks from memory or stop more
chunks to be stored, leading to accumulation of a large number of chunks.

This patches fixes this be clearing the stored chunks on trunc. It also
makes sure no more chunks are stored in the tracker after the trunc.

Bug: #5781.
 2 years ago
Philippe Antoine e22b59b8c1 fuzz: check libpcap timestamp consistency 
That is microseconds should be positive
 2 years ago
Philippe Antoine 1c436fe0ca fuzz: fix use of uninitialized value 
packet timestamp is not set when function returns error.
also use C positive modulo for microseconds
 2 years ago
Philippe Antoine 1660172a8b ftp: completely resets port_line 
In the case port_line is first allocated and port_line_len is set,
Then a second request reaches memcap and frees port_line,
port_line_len should also be reset, because both will get used
by the response parsing.

Ticket: #5701
 2 years ago
jason taylor 0632233791 userguide: update http.cookie description 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
Victor Julien b79c14f710 flow-worker: prune frames and stream for pseudo packets as well 2 years ago
Victor Julien af211cbfad debug: add pkt_src to detect/stream entry log 2 years ago
Victor Julien ef2ed35311 stream: add debug statements 2 years ago
Victor Julien db28d85d01 stream: consider any uninspected data 2 years ago
Victor Julien 1a35801f96 stream: minor constification 2 years ago
Victor Julien 989e5c7ba2 streaming/sbb: fix debug message 2 years ago
Victor Julien a00db15bd4 stream: remove bug on from packet path 2 years ago
Victor Julien ee6c39b985 output: improve debug format by adding function name 2 years ago
Victor Julien 41ca206fdf src: fix deprecated-non-prototype compile warnings 
Tested on Fedora 37 with clang 15.

util-strlcatu.c:45:8: error: a function definition without a prototype is deprecated in all versions of C and is not supported in C2x [-Werror,-Wdeprecated-non-prototype]
size_t strlcat(dst, src, siz)
           ^
1 error generated.
 2 years ago
Victor Julien 1bc6976a06 src: fix unused-but-set-variable compile warnings 
Tested on Fedora 37 with clang 15.

datasets.c:852:9: error: variable 'n' set but not used [-Werror,-Wunused-but-set-variable]
    int n = 0;
        ^
1 error generated.
 2 years ago
Victor Julien ebd8728219 src: fix strict-prototype warnings 
Tested on Fedora 37 with clang 15.

app-layer.c:1055:27: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
void AppLayerSetupCounters()
                          ^
                           void
app-layer.c:1176:29: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
void AppLayerDeSetupCounters()
                            ^
                             void
2 errors generated.
 2 years ago
Philippe Antoine 55c4834e4e smb: configurable max number of transactions per flow 
Ticket: #5753
 2 years ago
Philippe Antoine 1d9183638f smb: convert transaction list to vecdeque 
Allows for more efficient removal from front of the list.

Ticket: #5753
 2 years ago