Commit Graph

1568 Commits (87f88867f4ee5f855a92bcfefa4bdffcbc79a23f)
 

Author SHA1 Message Date
Victor Julien 87f88867f4 Further improve B2gc. Add B2gm. Improve memory layout. 15 years ago
Victor Julien 4329261faa Fix setting hash size in the config for b2g pattern matcher. 15 years ago
Victor Julien 697167319e Change BloomFilter structure layout to reflect order of access. 15 years ago
Victor Julien 3971bcc83a Switch to faster tolower function for u8_tolower. 15 years ago
Victor Julien 9dfbab42f8 WIP B2gc 15 years ago
Victor Julien fc1687d875 Make sure the DetectHttpMethodData structure is properly initialized before using it. 15 years ago
William Metcalf 7b13ba9f9e Fixed broken nocase for http_method and http_header 15 years ago
Anoop Saldanha ea902cc7d7 fix bytejump segv from bug 237 15 years ago
Anoop Saldanha 38898d9b30 fix bytetest segv from bug 237 15 years ago
Anoop Saldanha 6e5a48c92c temporary fix, in case we still have any corner cases remaining in dce parser 15 years ago
Anoop Saldanha 24a88a689a fix opnum parsing for fragmented request dce pdus 15 years ago
Anoop Saldanha 1097de0d9d changed the endianness comparison to & for dcerpc pdus 15 years ago
Anoop Saldanha a3280c1a20 throw out malformed pdus, that result the parser having parsed the required data, but we still havne't thit the frag length limit for the parser 15 years ago
Anoop Saldanha 1aea3e56be for now ignore pdus with auth verifier. We will get back to this in the coming iteration 15 years ago
Anoop Saldanha fc37e9d6ee add internal ids to uuids. Use these internal ids to match uuids from bind and bind_ack. Create a new uuid list to hold all accepted uuids. Modifications to dce-iface to accomodate these changes as well + unittests 15 years ago
Anoop Saldanha 816d2ef0c0 if malformed pdus push the bytesprocessed beyond frag_length, that's a sure endless loop. Avoid it, by reseting the dce state on seeing this 15 years ago
Anoop Saldanha 5c5d8f8a5d indentation fix in DCERPCParseBINDCTXItem, following changes from the previous patch 15 years ago
Anoop Saldanha 38e26e5186 modify the dce parser to accept context ids that start with a non-zero value 15 years ago
Anoop Saldanha d57428471c fix endianness handling for bindacksecondaryaddrlen 15 years ago
Anoop Saldanha ba9355d688 Flag if we see a fragged pdu. Do not reset dce stub buffer, if we are dealing with fragmented pdus(holds good only for first frag request pdus). Also reset the dce state vars on seeing an invalid PDU. Some minor fixes with respect to endianess as well. 15 years ago
Anoop Saldanha 00f21252fa support fragmented pdus in dce + unittest 15 years ago
Anoop Saldanha ebc1f62050 some additional indentation changes in DCERPCParser 15 years ago
Anoop Saldanha c2bc8ca252 fix mem leak in tailq that holds dce uuids 15 years ago
Anoop Saldanha 1c443677b2 fix indentation in DCERPCParser 15 years ago
Anoop Saldanha fe700737a3 fix null dereference in detect parse test - clang fix 15 years ago
Gurvinder Singh 892dea31e4 added the counter for tcp.segment_memcap_drop to show the dropped segments count due to memory limit 15 years ago
Victor Julien 1c1c8cef89 Print engine uptime on the same line as date and time. 15 years ago
Gurvinder Singh 1d0492e2e7 added support to print the engine uptime in stats.log 15 years ago
Victor Julien e7cb7c6b97 Make outputs part of the flowpinned threads in the AutoFp runmode. 15 years ago
Victor Julien 99ad338e91 Bump version to 1.0.2 15 years ago
Victor Julien 0eb0d48f35 Disable broken unittests and fix one. 15 years ago
Victor Julien f1e6e80a1e Properly set tmp_ra_base_seq in streams. By Gurvinder. 15 years ago
Gurvinder Singh 6a5bc52461 support for several tcp evasion attacks. Thanks to Judy Novak and G2 Inc for reporting them 15 years ago
Victor Julien bc55fb27dc Compiler warning fix for memory macro's. Small layout changes. 15 years ago
Pablo Rincon 06a65cb460 moving http_client_body logic to use it per transactions. Adding unittests 15 years ago
Pablo Rincon ee34c70ad8 Reference atomic vars with SC_ATOMIC_EXTERN properly (considering if we support atomic operations or not) 15 years ago
Pablo Rincon 5c43db85ce Drop streams on inline mode when a drop rule match from a reassembled stream and/or app layer inspection 15 years ago
Pablo Rincon 76af1b049b Make malloc errors on initialization stage a fatal error, resulting on a exit() call 15 years ago
Anoop Saldanha eb9adf8129 fix NULL indirection while parsing dce sigs - clang fix 15 years ago
Anoop Saldanha f094523eb1 clang fix - some minor fixes for unittests 15 years ago
Pablo Rincon bbab0f9987 Set default gid to 1 on Sig init 15 years ago
Pablo Rincon 8f3322ef73 Fix segv condition on DetectHttpMethodMatch (if the applayer unset the connp) 15 years ago
Pablo Rincon f225bd1428 Adding modifiers /C /H and /M to pcre (http cookie, header and method) 15 years ago
Victor Julien 1d73e1fb7e Small update to the ssh module: fix a valgrind warning and a couple of compiler warnings. Do a few small style updates. 15 years ago
Pablo Rincon 9d7baa7a9f Adding ssh app layer module with two new keywords: ssh.protoversion and ssh.softwareversion 15 years ago
Gurvinder Singh 0dab0e3935 fix the reassembly depth test (bug 216) 15 years ago
Victor Julien 610b7702ba Bump version to 1.0.1 15 years ago
Victor Julien 04d3832d8f Remove ports check and fix small typo. 15 years ago
Victor Julien a492518e7a Properly detect detect-event-only sigs. 15 years ago
Pablo Rincon 21d79b05ad Fix for bug221 (avoid considering sig as "decoder event only" if ports are specified). Now the sig gets grouped to get a sgh at SigMatchSignatures 15 years ago