aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,721 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4edd516250'
${ noResults }
Commit Graph

56 Commits (4edd5162508d7297bfc8d46c36d0116563a1fb40)

Author SHA1 Message Date
Philippe Antoine 9f21e2bcde src: remove unneeded double colon 
git grep ';;' src/ | grep -v for | cut -d: -f1 | uniq
| while read f; do sed -i -e 's/;;/;/' $f; done
 2 years ago
Victor Julien b31ffde6f4 output: remove error codes from output 2 years ago
Philippe Antoine 1f066cbbe8 unittest: fix unneeded includes as per cppclean 
Especially because there is conditional inclusion from a header
 2 years ago
Victor Julien 39cf5b151a src: includes cleanup 
Work towards making `suricata-common.h` only introduce system headers
and other things that are independent of complex internal Suricata
data structures.

Update files to compile after this.

Remove special DPDK handling for strlcpy and strlcat, as this caused
many compilation failures w/o including DPDK headers for all files.

Remove packet macros from decode.h and move them into their own file,
turn them into functions and rename them to match our function naming
policy.
 2 years ago
Victor Julien e250ef6402 debug: remove empty header 2 years ago
Philippe Antoine 02f2602dde src: rework includes as per cppclean 3 years ago
Juliana Fajardini a6bda3596b unittests: alloc Packet with PacketGetFromAlloc 
Some unittests used SCMalloc for allocating new Packet the unittests.
While this is valid, it leads to segmentation faults when we move to
dynamic allocation of the maximum alerts allowed to be triggered by a
single packet.

This massive patch uses PacketGetFromAlloc, which initializes a Packet
in such a way that any dynamic allocated structures within will also be
initialized.

Related to
Task #4207
 3 years ago
Modupe Falodun c33cfed704 detect-fragoffset: convert unittests to FAIL/PASS APIs 
Bug: #4040
 3 years ago
Philippe Antoine 56f664af6b pcre2: follow code naming style 3 years ago
Philippe Antoine 48dd0cf804 pcre2: check for PCRE2_ERROR_UNSET 
Needs maybe to be generalized
 3 years ago
Philippe Antoine 3de99a214c pcre2: migrate keywords parsing 3 years ago
Jeff Lucovsky 1eeb96696b general: Cleanup bool usage 4 years ago
Victor Julien 6ab323d323 detect: hide RegisterTests behind ifdef UNITTESTS 
Update all callers to more aggressively use UNITTESTS guards as well.
 5 years ago
Victor Julien 26bcc97515 detect/keywords: dynamic version part of doc URL 5 years ago
Jeff Lucovsky d3a65fe156 detect: Provide `de_ctx` to free functions 
This commit makes sure that the `DetectEngineCtx *` is available
to each detector's "free" function.
 5 years ago
Shivani Bhardwaj 0e4f261224 Use StringParse* for all parsers and configurations 5 years ago
Jeff Lucovsky 7f6af10fed general: copyright bump 5 years ago
Jeff Lucovsky 4b0085b03c detect: Update to take advantage of PCRE refactor 
This commit changes the keyword detectors to use the refactored PCRE
modifications from detect-parse.[ch]
 5 years ago
Jeff Lucovsky be4c6b85de general: Convert _Bool to bool 
This commit addresses task 3167 and changes usages of '_Bool` to `bool`.
The latter is included from `suricata-common.h`
 5 years ago
Shivani Bhardwaj d801c3e588 detect: Make keyword description consistent 
Closes redmine ticket #3137.
 6 years ago
Shivani Bhardwaj b5b429c288 detect: Add missing keyword URLs and description 
Add missing keyword URLs and their description. Fix the ones that
were incorrect.

Partially closes redmine ticket #2974.
 6 years ago
Victor Julien 14896365ef detect: remove Threadvars argument from API calls 
Remove it as it's (almost) never used. If it is really needed it can
be accessed through DetectEngineThreadCtx::tv as well.
 6 years ago
Victor Julien 91296d1eec detect/prefilter: add de_ctx to registration 7 years ago
Victor Julien ab1200fbd7 compiler: more strict compiler warnings 
Set flags by default:

    -Wmissing-prototypes
    -Wmissing-declarations
    -Wstrict-prototypes
    -Wwrite-strings
    -Wcast-align
    -Wbad-function-cast
    -Wformat-security
    -Wno-format-nonliteral
    -Wmissing-format-attribute
    -funsigned-char

Fix minor compiler warnings for these new flags on gcc and clang.
 8 years ago
Victor Julien 8edc954e82 detect: get rid of Signature::sm_lists 
Instead use the lists in init_data during setup and the SigMatchData
arrays during runtime.
 8 years ago
Victor Julien bfd4bc8233 detect: constify Signature/SigMatch use at runtime 8 years ago
Eric Leblond a2e2f50fb9 documentation: fix list keywords URLs 
Update URLs in keyword definition to point to sphinx documentation.
 8 years ago
Victor Julien 4104f8c066 detect-fragoffset: implement prefilter 9 years ago
Victor Julien 7c47016913 detect-fragoffset: minor cleanup 9 years ago
Victor Julien 68c7fae79f ipv6: simplify ext hdr parsing and storage 
This reduces size of the IPV6ExtHdr structure part of every packet
significantly.

Clean up macro's in the ipv6 header.
 9 years ago
maxtors 9d3fd82849 Removed duplicate include statements. 9 years ago
Victor Julien e67ae0f174 detect keywords: use parse regex util func 9 years ago
Jason Ish 796dd5223b tests: no longer necessary to provide successful return code 
1 pass, 0 is fail.
 9 years ago
Jason Ish 52983bf314 tests: convert all test to return 0 on failure, 1 on success 9 years ago
Ken Steele 923a77e952 Change Match() function to take const SigMatchCtx* 
The Match functions don't need a pointer to the SigMatch object, just the
context pointer contained inside, so pass the Context to the Match function
rather than the SigMatch object. This allows for further optimization.

Change SigMatch->ctx to have type SigMatchCtx* rather than void* for better
type checking. This requires adding type casts when using or assigning it.

The SigMatch contex should not be changed by the Match() funciton, so pass it
as a const SigMatchCtx*.
 10 years ago
Ken Steele 8f1d75039a Enforce function coding standard 
Functions should be defined as:

int foo(void)
{
}

Rather than:
int food(void) {
}

All functions where changed by a script to match this standard.
 11 years ago
Ken Steele f9705377ae Remove pkt variable from Packet structure. 
The uint8_t *pkt in the Packet structure always points to the memory
immediately following the Packet structure. It is better to simply
calculate that value every time than store the 8 byte pointer.
 11 years ago
Eric Leblond 6842545331 Add documentation url in list-keyword output. 
The output of the list-keyword is modified to include the url to
the keyword documentation when this is available. All documented
keywords should have their link set.

list-keyword can be used with an optional value:
 no option or short: display list of keywords
 csv: display a csv output on info an all keywords
 all: display a human readable output of keywords info
 $KWD: display the info about one keyword.
 12 years ago
Eric Leblond e176be6fcc Use unlikely for error treatment. 
When handling error case on SCMallog, SCCalloc or SCStrdup
we are in an unlikely case. This patch adds the unlikely()
expression to indicate this to gcc.

This patch has been obtained via coccinelle. The transformation
is the following:

@istested@
identifier x;
statement S1;
identifier func =~ "(SCMalloc|SCStrdup|SCCalloc)";
@@

x = func(...)
... when != x
- if (x == NULL) S1
+ if (unlikely(x == NULL)) S1
 13 years ago
Victor Julien cdba2f50d1 Various fixes and improvements based on feedback by Coverity analyzer. 13 years ago
Anoop Saldanha a4638fb0ad code cleanup - replace SigMatchAppendPacket with SigMatchAppendSMToList 13 years ago
Anoop Saldanha 17f3f36d38 packet keywords only added for packet mpm. Rest in stream mpm. Update detection engine to handle the same 14 years ago
Anoop Saldanha 54f8d56f48 Packet inspection keywords modified to not inspect pseudo packet 14 years ago
Gerardo Iglesias Galvan 44692c83aa Properly check retval for config and conversion function calls 14 years ago
Eric Leblond 1db4aadd16 Supress usage of Packet declaration in tests. 
For convenience, a massive usage of 'Packet p;' declaration has
been done in the tests function. Although this was completely
legal, this is not possible anymore because of the new Packet
allocation structure. This massive patch modifies all suricata
files to use a SCMalloc allocated pointer to Packet instead.

This patch has been done using coccinelle (http://coccinelle.lip6.fr)
which is a semantic patching tool. This ensures that things like call
to SCFree() should have not been forget because the semantic patch
explicitly forces the call to SCFree(p) before each return. With this
patch all unittests are running fine with a small and a big default
packet size.
 14 years ago
Eric Leblond dd038c1906 Modify files to avoid direct pckt payload access 
This patch implements the needed modification of payload access
in a Packet structure to support the abstraction introduced by
the extended data system.
 14 years ago
Gerardo Iglesias Galvan 9f4fae5b1a Fix inconsistent use of dynamic memory allocation 15 years ago
William Metcalf ce01927515 Import of GPLv2 Header 050410 15 years ago
Gurvinder Singh cf2d254cc6 fixed the memory leaks and buffer overflows reported by parfait 15 years ago
Victor Julien 8b30226914 Detection keyword cleanup 15 years ago