aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,823 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '861ffff972'
${ noResults }
Commit Graph

15823 Commits (861ffff972a57057995ba747fb706f38c318dffc)
 

Author SHA1 Message Date
Shivani Bhardwaj 861ffff972 eve/stats: add description for transactions 
Ticket 6434
 10 months ago
Philippe Antoine ce4119ae3d snmp: remove community keyword unit test 
Ticket: 3725

This test was moved to suricata-verify snmp-community
 10 months ago
dependabot[bot] 1297d96592 github-actions: bump actions/upload-artifact from 4.3.1 to 4.3.3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](5d5d22a312...65462800fd)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
dependabot[bot] f14a4a1bf8 github-actions: bump github/codeql-action from 3.24.9 to 3.25.3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.9 to 3.25.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.24.9...v3.25.3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
dependabot[bot] b9fbc5749d github-actions: bump actions/download-artifact from 4.1.4 to 4.1.7 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.4 to 4.1.7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](c850b930e6...65a9edc588)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
dependabot[bot] 76314cc00e github-actions: bump codecov/codecov-action from 4.1.1 to 4.3.1 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.1 to 4.3.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](c16abc29c9...5ecb98a3c6)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 10 months ago
Victor Julien 2b80689ee4 github-actions: convert dpdk tests to use script 10 months ago
Victor Julien 6edf05cdaa github-actions: add dpdk ids live test script 10 months ago
Victor Julien ed9ad0048d github-ci: add af-packet and dpdk codecov builds 
Adds live tests for DPDK and AF_PACKET, with support for code coverage.
 10 months ago
Shivani Bhardwaj 99eaf3943a util/base64: remove coverity reported dead code 
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)

** CID 1596621:  Control flow issues  (DEADCODE)
/src/util-base64.c: 238 in DecodeBase64RFC4648()

________________________________________________________________________________________________________
*** CID 1596621:  Control flow issues  (DEADCODE)
/src/util-base64.c: 238 in DecodeBase64RFC4648()
232         DEBUG_VALIDATE_BUG_ON(bbidx == B64_BLOCK);
233
234         /* Handle any leftover bytes by adding padding to them as long as they do not
235          * violate the destination buffer size */
236         if (bbidx > 0) {
237             padding = bbidx > 1 ? B64_BLOCK - bbidx : 2;
>>>     CID 1596621:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach the expression "3U" inside this statement: "numDecoded_blk = 3U - ((pad...".
238             uint32_t numDecoded_blk = ASCII_BLOCK - (padding < B64_BLOCK ? padding : ASCII_BLOCK);
239             if (dest_size < *decoded_bytes + numDecoded_blk) {
240                 SCLogDebug("Destination buffer full");
241                 return BASE64_ECODE_BUF;
242             }
243             /* Decode base-64 block into ascii block and move pointer */

Also, add a comment explaining the padding logic for leftover data.

Bug 6985
 10 months ago
Victor Julien fcca5c7514 detect/iprep: update doc about 0 value 
A value of 0 was already allowed by the rule parser, but didn't
actually work.

Bug: #6834.
 10 months ago
Victor Julien 64dc217f9f detect/iprep: allow 0 as a reputation value 
Rules would allow checking against value 0, but internally the value
was used to indicate "no value". To address this, the internals now
return negative values for not found. This way value 0 can be fully
supported.

Bug: #6834.
 10 months ago
Victor Julien 673d27c861 detect/iprep: minor code cleanups 10 months ago
Philippe Antoine c53e9ac0dd sdp: fix logging medias 
As introduced by bff790b6ac

Also handles errors in the caller

Ticket: 6994
 10 months ago
Jason Ish df8568ee30 rust/dns: visibility cleanups 
Remove pub from functions that don't require it.
 10 months ago
Jason Ish 556cfe56bf rust/dns: ffi naming and visibility cleanups 
- Remove no_mangle and pub from FFI functions that are only accessed
  with a function pointer.
- Rename all no_mangle FFI functions to our C naming scheme.
 10 months ago
Jason Ish 4fedba1140 github-ci: remove cocci from fedora 39 build 
Cocci on Fedora 39+ gets stuck for some reason. Cocci has been moved
to a new Ubuntu 24.04 build.
 10 months ago
Jason Ish 1c2402f5e7 github-ci: add ubuntu 24.04 build with cocci 
Rather basic 24.04 build for now, but use Cocci as Cocci is working
properly here, but not working in the latest Fedora releases.
 10 months ago
jason taylor aa919f8081 doc: update flowbits information 
Ticket: #6991

Signed-off-by: jason taylor <jtfas90@gmail.com>
 10 months ago
Philippe Antoine 47a1502dbb ci: fix macos build 
use brew instead of pip
limit the number of jobs for make
set a prefix where we can install
use brew flags for library finding
 10 months ago
Victor Julien 86a363b1bc decode/tcp: improve pointer hygene 
Avoid NULL pointer calculations.
 10 months ago
Victor Julien 0dfa5793db decode/icmpv4: rename ICMPV4_GET_EMB_IPV4 to PacketGetICMPv4EmbIPv4 
Follows function nameing style.

Ticket: #5517.
 10 months ago
Victor Julien 6e23419665 decode/icmpv6: store embedded ip6h ptr as offset 
Reduces direct pointer usage and reduces Packet size.

Ticket: #6938.
 10 months ago
Victor Julien f2288ee39b decode/icmpv4: store embedded ip4h ptr as offset 
Reduces direct pointer usage and reduces Packet size.

Ticket: #6938.
 10 months ago
Victor Julien d89d4ceb3c decode/icmpv4: put embedded pointer first 
Reduce gaps in the structure.

Ticket: #6938.
 10 months ago
Victor Julien 13281109e3 decode/tcp: reduce TCPVars by turning bools into bitfields 
To reduce Packet size and make similar fields follow the same pattern.

Ticket: #6938.
 10 months ago
Victor Julien 8698610b4a af-packet: fix eBPF/XDP compilation 10 months ago
Victor Julien 68804b8c4b decode/tcp: move tcph into L4 packet data 
To reduce Packet size.

Ticket: #6938.
 10 months ago
Victor Julien 28ac86096a decode/udp: move udph into L4 packet data 
To recude Packet size.

Ticket: #6938.
 10 months ago
Victor Julien 54362d44db decode/ethernet: move ethh into L2 section 
L2 section similar to L3 and L4 sections.

Ticket: #6938.
 10 months ago
Victor Julien b2f7d3604b decode/pppoe: localize pppoedh pointer 
Remove from Packet struct as there were no users of it.

Ticket: #6938.
 10 months ago
Victor Julien b4ef910aff decode/pppoe: localize pppoesh header pointer 
Remove header pointer from Packet as there were no users of it.

Ticket: #6938.
 10 months ago
Victor Julien 852ff83d70 decode/icmpv4: move icmpv4h into L4 packet data 
To reduce Packet size.

Ticket: #6938.
 10 months ago
Victor Julien b959d1dba8 decode/icmpv6: move icmpv6h into L4 packet data 
Also start vars section in L4 for icmpv6vars.

To reduce Packet size.

Ticket: #6938.
 10 months ago
Victor Julien 30ae13f2c3 decode/esp: move esph into L4 packet data 
To reduce Packet size.

Ticket: #6938.
 10 months ago
Victor Julien 7d04216cad decode/gre: move greh into L4 packet data 
To reduce Packet size.

Ticket: #6938.
 10 months ago
Victor Julien 20b8c79259 decode/sctp: move sctph into L4 packet data 
Reduces Packet size.

Ticket: #6938.
 10 months ago
Victor Julien 2137bbbf9a decode/icmpv6: add and use PacketIsICMPv6 inline func 
For better readability and type checking.

Ticket: #5517.
 10 months ago
Victor Julien 3a1e60745e decode/icmpv6: switch ptr checks to PKT_IS_ICMPV6 
For better readability and type checking.

Ticket: #5517.
 10 months ago
Victor Julien 1002068e39 decode/icmpv4: add and use PacketIsICMPv4 inline func 
For better readability and type checking.

Ticket: #5517.
 10 months ago
Victor Julien 5c3036bea8 decode/udp: add and use PacketIsUDP inline func 
Replace PKT_IS_UDP macro with PacketIsUDP inline function.

For better readability and type checking.

Ticket: #5517.
 10 months ago
Victor Julien cca912e9b3 decode/tcp: add and use PacketIsTCP inline func 
To prepare future changes to the Packet header pointers.

Ticket: #5517.
 10 months ago
Victor Julien 329fb2affa decode: start l4 packet area; convert csum handling 10 months ago
Victor Julien 54b9f344b7 decode/icmpv4: switch ptr checks to PKT_IS_ICMPV4 
To prepare future changes to the Packet header pointers.

Ticket: #5517.
 10 months ago
Victor Julien c9ef85e620 decode: refactor L3 checkum handling 
Use a flag to indicate a calculated csum is available.

Allows packet reset to just use memset.
 10 months ago
Victor Julien 2001ddc583 decode: use macro's instead of direct ptr checks 
To prepare future changes to the Packet header pointers.

Ticket: #5517.
 10 months ago
Victor Julien 769b020a55 decode/icmpv6: improve packet vars layout 
Part of effort to make Packet more compact.

Ticket: #6938.
 10 months ago
Victor Julien 18d49c27ae decode/icmpv6: remove unused error_ptr field 
Was only set, never checked.

Part of effort to make Packet more compact.

Ticket: #6938.
 10 months ago
Victor Julien 4b492c2ded decode/icmpv6: remove embedded address storage 
Only used in tests. For the tests, switch to getting headers from embedded IPv6 header.

Part of effort to make Packet more compact.

Ticket: #6938.
 10 months ago
Victor Julien 521c968079 decode/icmpv6: remove unused L4 header pointers from Packet 
Not used, so no need to keep them.

Part of effort to make Packet more compact.

Ticket: #6938.
 10 months ago