aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,409 Commits
8 Branches
169 Tags
241 MiB
main-8.0.x
main
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.4
suricata-7.0.15
suricata-8.0.3
suricata-7.0.14
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '623ffdfdf8'
${ noResults }
Commit Graph

3409 Commits (623ffdfdf802a134a8b5413391b94ec95585c526)
 

Author SHA1 Message Date
Victor Julien 623ffdfdf8 Update changelog to reflect 1.3.4 changes. 14 years ago
Victor Julien 29bf61d33c libhtp: updated bundled libhtp to 0.2.11 14 years ago
Anoop Saldanha 05c329aaa8 fix wrong record hdr len check in ssl parser 14 years ago
Eric Leblond 63153e5fb6 coccinelle: fix distcheck 
distcheck is running run_check.sh from another directory and
run_check.sh was not ready for this.
 14 years ago
Eric Leblond 98a8110f17 coccinelle: improve run_check 
This patch adds two features to run_check.sh, it is now posssible
to specify a list of files to check:
 ./run_check.sh ../../src/suricata.c ../../src/detect.c
It is also possible to ask a review of the files modified by a commit.
To so simply put the SHA1 as argument
 ./run_check.sh HEAD
 ./run_check 6af7d5f
It is also possible to check all the files for an arbitrary range:
 ./run_check.sh origin/master..buildbot-fixes

Last improvement of this patch is to get a real error message in case
of problem as 2 is not redirected anymore to /dev/null.

Conflicts:
	qa/coccinelle/run_check.sh
 14 years ago
Victor Julien bed30c30f1 byte_jump: when from_beginning option is used, the number of bytes to convert should not be used in the jump. Bug 626. 14 years ago
Eric Leblond a735f7e93e backport oom fixes 
This is a backport of
9ea5e0e3e4
 14 years ago
Victor Julien f5f7f5fd7d OpenBSD 5.2 build fixes, Unit test fix. 14 years ago
Eric Leblond 129588dae3 yaml: update defrag variable 
This patch synchronizes the variable shown in the YAML with what
is really used in the code.
 14 years ago
Victor Julien cb7c33805c Fix GetUsed functions for Host and Flow. 14 years ago
Victor Julien 8129e64875 flow: fix crash when flow engine under extreme stress, and unable to force free any existing flow 14 years ago
Victor Julien f6bb95e919 Update changelog to reflect 1.3.3 changes. 14 years ago
Victor Julien a1a20cc50a libhtp: harden code against malloc failures. Bug #587. 14 years ago
Victor Julien 985cb92573 http: don't assume http tx to have header alloc'd. Can happen in OOM conditions. Bug #587. 14 years ago
Victor Julien cd27571220 Don't use SCStrdup in SCLogMessage as we call it on OOM condition, leading to endless recursion. SCStrdup failure calling SCLogMessage... 14 years ago
Eric Leblond d8f68ec2a0 ipfw: add missing include 
RunmodeGetActive() was used but not declared. This patch fixes
bug #612: on amd64 implicit declaration was triggering the conversion
of an int to a pointer during assignement and this was causing an
invalid read.
 14 years ago
Eric Leblond dab509ea43 defensive set of variable. 14 years ago
Eric Leblond ef10d70d7f FreeBSD: add missing include 14 years ago
Victor Julien 81dbbf72f5 filestore: fix logic flag in continued stateful detection 
Backport from 70bc9e2494 from
master branch.
 14 years ago
Victor Julien 5be687f7b5 Remove pcre jit warning. Bug #579. 14 years ago
Eric Leblond cb0532e5b7 pf_ring: don't set cluster for DNA interface. 14 years ago
Victor Julien bccda4d11f http: fix client and server body sometimes being inspected in wrong order 14 years ago
Victor Julien 49fb3d39a4 Fix drop (and other actions) not being applied to thresholded packets. Bug #615. 14 years ago
Victor Julien 559c8ae181 http: fix http header reassembly bug causing some headers to be left out of the inspected buffer 14 years ago
Anoop Saldanha dba7b8dc41 Move Flow Reference/Dereferene api from flow-util.h to flow.h. 
Remove duplicate FlowDeReference from decode.h
 14 years ago
Anoop Saldanha 73b3d28dc0 Update all flow referencing to use the new FlowReference and FlowDeReference macros 14 years ago
Anoop Saldanha cb9ff164fc fix for bug #557. 
In FFRv2, dereference flow from a packet using the new reference/dereference
util macros.  This allows the decr use_cnt for flow and reseting the flow
pointer to NULL for the pseudo pkt to happen simultaneously, in case there we
fail to retrieve a pseudo_packet and have to return the already obtained
pseudo packets, back to the packetpool.
 14 years ago
Anoop Saldanha e59cf418f6 Introduce utility flow macros to help referencing/dereferencing flows. 14 years ago
Anoop Saldanha 7f35e69b92 fix for bug #557. 
Reset hhd buffers list len if we exit before allocating the buffer.
 14 years ago
Victor Julien 2cdbdab38c libhtp: don't use internal iterator 
It violates thread safety. #601.

Suricata assures thread safety on the flow level for HTTP tracking. Part of the flow is (in case of HTTP) libhtp's htp_connp_t state. At startup the libhtp glue layer, app-layer-htp initializes as many htp_cfg_t instances as there are libhtp server configurations in the yaml. At HTTP session start, we look up the proper htp_cfg_t based on the server ip and pass it to htp_connp_create.  A ptr to the relevant htp_cfg_t is part of the htp_connp_t. The htp_cfg_t contains "hooks". The are registered based on yaml config at init time.

The hooks have lists of type list_t. The list is run with a built in iterator. The iterator is reset at the start of each "hook_run_all". Since multiple flows share the same htp_cfg_t flow A can reset the iterator while flow B is using it. The flow lock has no effect as flows share the htp_cfg_t.

This has been observed in real traffic. hook_response_body_data was run on the same data multiple times, leading to corrupt extracted files.
 14 years ago
Victor Julien 0e7c9af443 Fix/suppress a couple of harmless compiler warnings. 14 years ago
Victor Julien 6f6ba31eba yaml: default to cluster_flow type for AF_PACKET and PF_RING 14 years ago
Anoop Saldanha 89797de914 fix for #588. 
Respect pcre's anchor during content inspection.
 14 years ago
Anoop Saldanha 3630d01e6a detect-pcre.c cleanup. Delete old pcre functions that we no longer use. 14 years ago
Anoop Saldanha 34e59cd9d5 Unittest to display #bug 588. pcre anchor not respected. 14 years ago
Victor Julien 27e585f6d0 htp: update version numbers of bundled htp 14 years ago
Victor Julien d7efd062e7 Update Changelog to reflect changes in 1.3.2 release. 14 years ago
Victor Julien 6cba9b7c4f http: fix multipart parsing leading to missing chunks of files in file extraction. 14 years ago
Anoop Saldanha 2f8e83c539 fix for #562. 
disable inspection bypass for stream mpm patterns.
 14 years ago
Victor Julien 3c841ae931 bug #572: make sure we use profiling fallback for all architectures except x86_64 and i386. 14 years ago
Victor Julien 5ef71806a0 Fix flow keyword compilation failure. 14 years ago
Anoop Saldanha 1a0873ff10 fix for bug #575. 
If sig has no_stream set, don't mask it as requiring flow.  Should get rid of
FNs any.
 14 years ago
Victor Julien 16cd305d96 http: fix multipart parsing bug 14 years ago
Victor Julien 6688b23e60 stream: never resend reassembled data to app layer. 14 years ago
Eric Leblond 6f40f6c846 pf_ring: set cluster_id even if only one thread is used. 14 years ago
Eric Leblond 0a5bda8d34 defrag: don't use message for repetitive error 
When nothing can be fetch from the pool, this can repeat frequently.
Thus displaying a message in the log will not help. This patch
uses a counter instead of a log message. As this is a sort of memcap
this is conformed to what is done for other issues of the same type.
 14 years ago
Eric Leblond 2e4a16d1ee ipfw: avoid critical error for broadcast 
In some setup, suricata may receive broadcast packets and the call
to sendto may fail if the wrong interface is choosen by kernel.
This patch change the error treatment to avoid to leave when
this problem occurs.
 14 years ago
Eric Leblond 2fe39cf867 freebsd: fix function usage. 
The unlock function was not correctly used in error treatment.
 14 years ago
Eric Leblond 79c75bbb4d af-packet: fix kernel offset issue 
It seems that, in some case, there is a read waiting but the
offset in the ring buffer is not correct and Suricata need to
walk the ring to find the correct place and make the read.
 14 years ago
pi-rho 12aae61a3c fix regression (clobbered register; redmine #534) 14 years ago