suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	1803af7aa6	eve/dns: improve version warning message	7 years ago
Victor Julien	758acd4b7e	detect/offset: improve value parsing	7 years ago
Mats Klepsland	b5dfc9ed41	app-layer-ssl: fix coverty error (RESOURCE_LEAK) Bug #2677	7 years ago
Victor Julien	36e84b929c	smtp/mime: fix null ptr deref on bad traffic Due to missing error handling, a bad mime message could put the mime parser in an error state, without the SMTP layer taking this into account. So the SMTP layer would continue to pass data to the mime parser, even though it was in an error state. When the parser would be fed a very long line while in this state, it would try to set an error flag in the state. However, due to the error state, this setting of the flag would dereference a null pointer. This patch fixes this issue by updating the mime parser to check the state it is in when receiving new input. It will refuse to process futher data while in the error state. It will also return a new error code to indicate to the SMTP layer that the parser was in an error state.	7 years ago
Jason Ish	961931e73a	filestore: fix compiler truncation warnings And error out if the constructed filename is truncated.	7 years ago
Mats Klepsland	033e756905	app-layer-ssl: add Facebook TLSv1.3 draft versions Add draft versions for Facebooks custom TLSv1.3 implementation "fizz" to SSLVersionToString().	7 years ago
Mats Klepsland	dd5374c20d	app-layer-ssl: change how TLSv1.3 drafts are logged Change from logging TLSv1.3 drafts as "TLS 1.3 (draft 28)" to "TLS 1.3 draft-28" instead.	7 years ago
Victor Julien	9291d434c6	pfring: default to runmode workers Now that threads:auto is implemented workers is a better default as it generally performs better.	7 years ago
Victor Julien	1467c30883	pfring: implement 'threads: auto' If threads is set to auto, first try the CPU count. If that would fail, fall back to RSS queue count.	7 years ago
Victor Julien	5f2831d60f	pfring: support checking/disabling offloading	7 years ago
Victor Julien	7c02b40be6	pfring: fix bypass counter print uninitialized values If the option was disabled in the config the value would be uninitialized.	7 years ago
Victor Julien	1360e030b1	storage: don't leak memory for unittests	7 years ago
Victor Julien	121b3021df	radix: fix a memleak when removing the last node	7 years ago
Victor Julien	3836fe2353	detect/address: minor memory handling cleanups	7 years ago
Victor Julien	00e9fd7a36	detect: suppress scan-build warnings	7 years ago
Victor Julien	0a39e06535	detect/flags: cleanup parsing to not alloc temp strings	7 years ago
Victor Julien	e22a833b94	mpm: fix minor scan-build warning	7 years ago
Victor Julien	e180576afe	pool: avoid possible double free in error path Should be impossible as a double free, but scan-build-7 thinks it is possible.	7 years ago
Victor Julien	7ce1ebe0d3	pool: small code cleanups	7 years ago
Victor Julien	478caac975	stream: don't assume malformed TCP packets This deep in the stream engine packets are valid, so don't check for the tcph header in a packet as it confuses scan-build. Do add a DEBUG_VALIDATE_BUG_ON so in QA we double check.	7 years ago
Victor Julien	cf37faff31	decode/tcp: rewrite options decoding to assist scan-build	7 years ago
Victor Julien	347e64e8d4	smb/c: don't accept null input	7 years ago
Victor Julien	ce1753c715	htp: fix potential (but unlikely) memleak in uri normalization	7 years ago
Victor Julien	7ef8d31e4f	thresholds: remove dead code in parsing	7 years ago
Victor Julien	8ef0818c3b	radix: fix memory leak in error path	7 years ago
Victor Julien	506f299b09	coverity: suppress warnings	7 years ago
Victor Julien	2010610c91	host/os/info: fix lookup memleak	7 years ago
Victor Julien	1bf658f9ee	debug/log: suppress coverity checked_return warning	7 years ago
Victor Julien	ec94d7b33d	bpf: suppress coverity toctou warning	7 years ago
Victor Julien	22c7be26c4	pcap: fix buffer size validation logic	7 years ago
Victor Julien	9c2c258f2b	uricontent: move debug func into unittests Cleanup header, which lead to the app-layer-htp.h header needing to be added in a few other places.	7 years ago
Victor Julien	4ae85f16c5	detect/replace: fix mem leak in error path	7 years ago
Victor Julien	0d0da7880e	isdataat: fix mem leak in error path	7 years ago
Victor Julien	2ef2febc7c	bits: avoid memory leak in case of adding types	7 years ago
Victor Julien	5c69bbb236	ipproto: fix memleak in error case	7 years ago
Victor Julien	5283796018	bytetest: don't leak memory in error condition	7 years ago
Victor Julien	9d54a8361d	yaml: fix potential memleak and suppress coverity issue	7 years ago
Victor Julien	15e0f7f5bb	outputs: fix memleaks in the error paths reported by coverity	7 years ago
Victor Julien	575fb69a06	coverity: suppress warning for intentional code	7 years ago
Victor Julien	335df629a2	rust/dns: don't compile unused C code if Rust is enabled	7 years ago
Victor Julien	f97bf298b2	coverity: fix filestore v2 memleak	7 years ago
Victor Julien	00111499b0	log-pcap: fix coverity memleak warning	7 years ago
Victor Julien	a683279137	coverity: don't warn on fall back random	7 years ago
Mats Klepsland	a8347e1bc2	app-layer-ssl: fix flow and inspection bypass for TLSv1.3	7 years ago
Mats Klepsland	3b73b7d542	app-layer-ssl: add 0-RTT support for TLSv1.3	7 years ago
Mats Klepsland	23993c18cd	app-layer-ssl: decode early data extension in ClientHello record Decode early data extension used by 0-RTT that is used to indicate that application data will be sent right after the ClientHello record.	7 years ago
Mats Klepsland	7556004a51	app-layer-ssl: use extension length when decoding extensions Pass extension length to functions decoding extensions, instead of passing the length left in the record. This enables us to also decode empty extensions.	7 years ago
Mats Klepsland	ee1de4c812	app-layer-ssl: handle all versions above TLSv1.2 as TLSv1.3 This makes it more likely to log custom versions of TLSv1.3 that doesn't comply with the draft version numbering.	7 years ago
Victor Julien	31b87d5f8f	tls: remove debug printfs	7 years ago
Mats Klepsland	16643befe7	detect-tls-ja3-hash: add another unit test Add unit test that covers the JA3 bug in TLS extensions decoding.	7 years ago

1 2 3 4 5 ...

8127 Commits (1803af7aa69b5131a210ab306709865ce8124dab)