suricata

Commit Graph

Author	SHA1	Message	Date
Philippe Antoine	7f9d25fa86	fuzz: use forced file store to find bugs such as 5408	3 years ago
Philippe Antoine	a2f857ed90	threshold: fix regex to accept by_both and by_rule As is done in detect-threshold.c or in DETECT_RATE_REGEX and is expected by switch (rule_type) which makes the same for THRESHOLD_TYPE_THRESHOLD and THRESHOLD_TYPE_RATE Ticket: #5327	3 years ago
Philippe Antoine	1621f5e453	detect/nfs: use inclusive ranges	3 years ago
Philippe Antoine	8dbb07e4fe	detect: use generic integer functions for itype Ticket: #4112	3 years ago
Philippe Antoine	2817f1a6ed	detect: use generic integer functions for snmp.version Ticket: #4112	3 years ago
Philippe Antoine	c72571ea28	detect: use generic integer functions for rfb.sectype Ticket: #4112	3 years ago
Philippe Antoine	6c9091c86f	detect: use generic integer functions for nfs.version Ticket: #4112	3 years ago
Philippe Antoine	ddac6165c9	detect: use generic integer functions for nfs.procedure Ticket: #4112	3 years ago
Philippe Antoine	ed6955ee98	detect: use generic integer functions for iprep Ticket: #4112	3 years ago
Philippe Antoine	bdc359bed3	detect: use generic integer functions for bsize Ticket: #4112	3 years ago
Philippe Antoine	cfb60d0fce	detect: use generic integer functions for urilen Ticket: #4112	3 years ago
Philippe Antoine	e87c53bb55	defrag: use util function for timeout To fix timestamp overflow as found by oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44608 fixu	3 years ago
jason taylor	d600a1603c	detect: update text for nocase used with http.host Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	34e0a384ad	doc: update to include additional rule references Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	4405704372	doc: update intro direction content Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	3eeacf8a3d	doc: fixed HOME_NET/EXTERNAL example formatting Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	f2c7998903	doc: add clarity around HOME_NET/EXTERNAL_NET Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	76cca8b08a	doc: minor example rule description update Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	4f61a35fe7	doc: minor wording restructure Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	845ba154a6	doc: add tcp-pkt/tcp-stream to intro Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	56f49bfe8e	doc: minor punctuation update Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	ab300ab0ae	doc: intro example rule update to simpler example Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	2f240230f0	doc: minor intro wording update Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
Philippe Antoine	c57052181c	snmp: rustfmt detect.rs	3 years ago
Philippe Antoine	c7214be99b	snmp: adds usm keyword as is logged Ticker: #5416	3 years ago
Victor Julien	4adab8f271	github/codeowners: update	3 years ago
Philippe Antoine	5a31b3508d	ftp: optimized tx iterator To be more efficient with larger number of transactions. Ticket: #5314	3 years ago
Victor Julien	6d3140bc01	mime: remove unused length fields	3 years ago
Victor Julien	816bbeb7dc	fuzz/mime: fix call conditions and args The SMTP parser should not supply lines w/o EOL chars to the mime parser unless its in the BODY parsing stage. Mimic this in the fuzz target by testing the state for inputs that have no EOL. Additionally, make sure the delim cnt reflects the missing EOL.	3 years ago
Victor Julien	d81582c4a2	mime: fix corner case Fix a corner case where a base64 sequence including a space was followed by a newline in the input data.	3 years ago
Victor Julien	5805ed47f5	mime: add base64 related debug messages	3 years ago
Victor Julien	41c2c1ed5a	mime: improved empty line handling Make sure a new body is not set up on empty lines unless it is a body that is not encoded as base64/quoted printable.	3 years ago
Victor Julien	074cfb5c68	mime: fix and cleanup tests Line count check was failing after recent delim handling updates.	3 years ago
Victor Julien	6e2c066ce1	smtp: fix passing a wrong delim len around	3 years ago
Victor Julien	b82b8825e7	mime: properly pass full lines to non-decoded body Use actual delim count and make sure we also pass on empty lines (so delim(s) only).	3 years ago
Victor Julien	0d6ab727c5	mime/base64: fix final data not getting processed If the last data of the body was not a multple of 4 and not padded to be a multiple of 4, it would not be processed.	3 years ago
Victor Julien	100d821a9f	stream: fix GAP check Gap check would consider a GAP when the current data was in fact exactly not a gap, but next segment(s) were already available.	3 years ago
Victor Julien	29ec1b1e7b	mime: minor code cleanup	3 years ago
Victor Julien	0871029d17	mime: remove unused 'linerem' logic	3 years ago
Victor Julien	5953a7d2eb	smtp/mime: fix parsing edge case Correctly track "remaining" bytes after partial base64 decoding. Add comment clarifications and debug validation checks.	3 years ago
Victor Julien	a38f2f2a52	smtp: skip preprocessing for mime headers Mime parser doesn't expect partial lines, which preprocessing can provide. Add a check to let mime headers be handled by regular line parsing.	3 years ago
Victor Julien	929faae6d4	eve/schema: add drop.udplen, email fields	3 years ago
Juliana Fajardini	2544be4672	source/pcap: fix infinite loop if interface goes down When in live-pcap mode, if the sniffed interface went down and up again, Suri would enter an infinite and keep running, while not registering new events. This fixes that behavior by allowing Suri to retry to open the pcap in case of a retry on an already activated capture ('PCAP_ERROR_ACTIVATED'). This change is based on Zhiyuan Liao's work. Bug #3846	3 years ago
dependabot[bot]	dc6fff2cca	github-actions: bump ossf/scorecard-action from 1.1.1 to 1.1.2 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.1 to 1.1.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](`3e15ea8318...ce330fde6b`) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	3 years ago
Philippe Antoine	585e5e0d3c	detect: impose limits on pcrexform As is done for pcre keyword Ticket: #5409	3 years ago
Juliana Fajardini	45b7aad2b5	devguide: incorporate contribution process page That page existed only in our redmine. Updated and added a few things, like a paragraph about our expectations for feature contributors. Also updated links, contacts and some other processes that may have changed since last edition. Added some section labels in related documents, for ease of referencing. Task #4929	3 years ago
Victor Julien	a89840929b	detect: set drop reason for rule based drops Call `PacketDrop` with drop reason for drops, keep old logic in place for the rest.	3 years ago
Victor Julien	ad14e71efe	stream: suppress exception policy debug message	3 years ago
Victor Julien	046287c2b5	detect/filestore: clean up stream flag handling	3 years ago
Victor Julien	7ced8de6c4	github/workflows: add cargo for all Ubuntu jobs	3 years ago

... 6 7 8 9 10 ...

13653 Commits (6ba0a67143460d8f1cdce7ea53370a02d76259b4) All Branches Search

13653 Commits (6ba0a67143460d8f1cdce7ea53370a02d76259b4)

All Branches