Commit changes are made to avoid possible memory leaks. If the parser
is initialized before configuration file checking, there was no deinit
call before function return. Do check config file existance and type
before YAML parser initialization, so we don't need to deinit parser
before exiting the function.
Bug: #7302
Ticket: 6878
Follow up on 15649424a7
When adding many sequence nodes, either from start or scalar event
We add "sequence nodes" whose name is an integer cf sequence_node_name
and then run ConfNodeLookupChild to see if it had been already set
(from the command line cf comment in the code)
And ConfNodeLookupChild iterates the whole linked list...
1. We add node 1
2. To add node 2, we check if node 1 equals this new node
3. To add node 3, we check if nodes 1, or 2 equals this new node's name
And so on...
This commits avoids these checks ig the list is empty at the beginning
Includes from an "include" array were being loaded into the wrong
parent as the logic for array handing in include context was not
updated.
If we are descending into an array in include context, pass through
the current parent so the included configuration is included where it
is expected.
Bug: #6300
The YAML spec considers duplicate keys to be an error, as do some YAML
implementations, most notably Rust's serde_yaml which would be nice to
use in the future.
Multiple include lines at the same level will still work, but a warning
will be emitted.
These can be fixed by moving to an "include" array:
include:
- file1.yaml
- file2.yaml
Ticket: #5939
If a field named "include" is mapping it is not processed correctly.
Instead return a fatal error.
In our YAML, "include" has always been a reserved word, so this should
not break any known configuration.
Ticket: #5939
Add a new command line option, --include. This will merge additional
configuration files into the configuration specified in the main
suricata.yaml. It can be provided multiple times and the files will be
included in the order they appear on the command line.
Ticket: 3912
Allow configuration parameters to be overrided usually a fully
qualified name such as:
vars.address-groups.HOME_NET: "7.1.2.0/24"
In configuration files (including "include" files). This allows the
overriding of a specific value deeply nested in the configuration
without having to redefine the complete top-layer object.
Ticket: 4783
Replaces all patterns of SCLogError() followed by exit() with
FatalError(). Cocci script to do this:
@@
constant C;
constant char[] msg;
@@
- SCLogError(C,
+ FatalError(SC_ERR_FATAL,
msg);
- exit(EXIT_FAILURE);
Closes redmine ticket 3188.
A deeply nested YAML file can cause a stack-overflow while
reading in the configuration to do the recursive parser. Limit
the recursion level to something sane (128) to prevent this
from happening.
The default Suricata configuration has a recursion level of 128
so there is still lots of room to grow (not that we should).
Redmine ticket:
https://redmine.openinfosecfoundation.org/issues/3630
When loading an empty file, libyaml will fire a single scalar
event causing us to create a key that contains an empty string.
We're not interested in this, so skip an empty scalar value
when expecting a key.
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2418
Set flags by default:
-Wmissing-prototypes
-Wmissing-declarations
-Wstrict-prototypes
-Wwrite-strings
-Wcast-align
-Wbad-function-cast
-Wformat-security
-Wno-format-nonliteral
-Wmissing-format-attribute
-funsigned-char
Fix minor compiler warnings for these new flags on gcc and clang.
Add function to load a yaml file and insert it into the conf tree at
a specific prefix.
Example YAML:
somefile: myfile.txt
If loaded using ConfYamlLoadFileWithPrefix with prefix "myprefix", it
can be retrieved by the name of "myprefix.somefile".
Nodes that are sequences weren't being recorded as such, causing
rules to fail to load.
Change sequence test name to reflect better what it tests, and
test that the sequence node is detected as a sequence.
A node isn't known to be a sequence node until the YAML is parsed.
If a node sequence node was set on the command line, promote
it to a sequence node when it is discovered by YAML to be
a sequence node.
Fixes comment #18 in issue 921.
Jason Ish
Zemeteri Kamimizu
Alexey Simakov
Philippe Antoine
Victor Julien
Philippe Antoine
Shivani Bhardwaj
Victor Julien
Jason Ish
Jason Ish
Eric Leblond
Nikolay Denev
Gerardo Iglesias Galvan
William Metcalf