suricata

Commit Graph

Author	SHA1	Message	Date
Jason Ish	961931e73a	filestore: fix compiler truncation warnings And error out if the constructed filename is truncated.	6 years ago
Mats Klepsland	033e756905	app-layer-ssl: add Facebook TLSv1.3 draft versions Add draft versions for Facebooks custom TLSv1.3 implementation "fizz" to SSLVersionToString().	6 years ago
Mats Klepsland	dd5374c20d	app-layer-ssl: change how TLSv1.3 drafts are logged Change from logging TLSv1.3 drafts as "TLS 1.3 (draft 28)" to "TLS 1.3 draft-28" instead.	6 years ago
Mats Klepsland	be8c06adfd	userguide: add documentation for ssl_version keyword	6 years ago
Victor Julien	9291d434c6	pfring: default to runmode workers Now that threads:auto is implemented workers is a better default as it generally performs better.	6 years ago
Victor Julien	1467c30883	pfring: implement 'threads: auto' If threads is set to auto, first try the CPU count. If that would fail, fall back to RSS queue count.	6 years ago
Victor Julien	5f2831d60f	pfring: support checking/disabling offloading	6 years ago
Victor Julien	7c02b40be6	pfring: fix bypass counter print uninitialized values If the option was disabled in the config the value would be uninitialized.	6 years ago
Victor Julien	1360e030b1	storage: don't leak memory for unittests	6 years ago
Victor Julien	121b3021df	radix: fix a memleak when removing the last node	6 years ago
Victor Julien	3836fe2353	detect/address: minor memory handling cleanups	6 years ago
Victor Julien	00e9fd7a36	detect: suppress scan-build warnings	6 years ago
Victor Julien	0a39e06535	detect/flags: cleanup parsing to not alloc temp strings	6 years ago
Victor Julien	e22a833b94	mpm: fix minor scan-build warning	6 years ago
Victor Julien	e180576afe	pool: avoid possible double free in error path Should be impossible as a double free, but scan-build-7 thinks it is possible.	6 years ago
Victor Julien	7ce1ebe0d3	pool: small code cleanups	6 years ago
Victor Julien	478caac975	stream: don't assume malformed TCP packets This deep in the stream engine packets are valid, so don't check for the tcph header in a packet as it confuses scan-build. Do add a DEBUG_VALIDATE_BUG_ON so in QA we double check.	6 years ago
Victor Julien	cf37faff31	decode/tcp: rewrite options decoding to assist scan-build	6 years ago
Victor Julien	347e64e8d4	smb/c: don't accept null input	6 years ago
Victor Julien	ce1753c715	htp: fix potential (but unlikely) memleak in uri normalization	6 years ago
Victor Julien	7ef8d31e4f	thresholds: remove dead code in parsing	6 years ago
Victor Julien	8ef0818c3b	radix: fix memory leak in error path	6 years ago
Victor Julien	506f299b09	coverity: suppress warnings	6 years ago
Victor Julien	2010610c91	host/os/info: fix lookup memleak	6 years ago
Victor Julien	1bf658f9ee	debug/log: suppress coverity checked_return warning	6 years ago
Victor Julien	ec94d7b33d	bpf: suppress coverity toctou warning	6 years ago
Victor Julien	22c7be26c4	pcap: fix buffer size validation logic	6 years ago
Victor Julien	9c2c258f2b	uricontent: move debug func into unittests Cleanup header, which lead to the app-layer-htp.h header needing to be added in a few other places.	6 years ago
Victor Julien	4ae85f16c5	detect/replace: fix mem leak in error path	6 years ago
Victor Julien	0d0da7880e	isdataat: fix mem leak in error path	6 years ago
Victor Julien	2ef2febc7c	bits: avoid memory leak in case of adding types	6 years ago
Victor Julien	5c69bbb236	ipproto: fix memleak in error case	6 years ago
Victor Julien	5283796018	bytetest: don't leak memory in error condition	6 years ago
Victor Julien	9d54a8361d	yaml: fix potential memleak and suppress coverity issue	6 years ago
Victor Julien	15e0f7f5bb	outputs: fix memleaks in the error paths reported by coverity	6 years ago
Victor Julien	575fb69a06	coverity: suppress warning for intentional code	6 years ago
Victor Julien	335df629a2	rust/dns: don't compile unused C code if Rust is enabled	6 years ago
Victor Julien	f97bf298b2	coverity: fix filestore v2 memleak	6 years ago
Victor Julien	00111499b0	log-pcap: fix coverity memleak warning	6 years ago
Victor Julien	a683279137	coverity: don't warn on fall back random	6 years ago
Mats Klepsland	a8347e1bc2	app-layer-ssl: fix flow and inspection bypass for TLSv1.3	6 years ago
Mats Klepsland	3b73b7d542	app-layer-ssl: add 0-RTT support for TLSv1.3	6 years ago
Mats Klepsland	23993c18cd	app-layer-ssl: decode early data extension in ClientHello record Decode early data extension used by 0-RTT that is used to indicate that application data will be sent right after the ClientHello record.	6 years ago
Mats Klepsland	7556004a51	app-layer-ssl: use extension length when decoding extensions Pass extension length to functions decoding extensions, instead of passing the length left in the record. This enables us to also decode empty extensions.	6 years ago
Mats Klepsland	ee1de4c812	app-layer-ssl: handle all versions above TLSv1.2 as TLSv1.3 This makes it more likely to log custom versions of TLSv1.3 that doesn't comply with the draft version numbering.	6 years ago
Victor Julien	31b87d5f8f	tls: remove debug printfs	6 years ago
Mats Klepsland	16643befe7	detect-tls-ja3-hash: add another unit test Add unit test that covers the JA3 bug in TLS extensions decoding.	6 years ago
Mats Klepsland	fc53b2ecd5	app-layer-ssl: fix JA3 bug in TLS extension decoding	6 years ago
Mats Klepsland	89bd274f44	app-layer-ssl: fix JA3 bug in TLS version decoding	6 years ago
Victor Julien	215e37a9c0	capture: multidev is not experimental	6 years ago

1 2 3 4 5 ...

9338 Commits (961931e73a223c6fa1fa03fd83b245efc90f9ccb) All Branches Search

9338 Commits (961931e73a223c6fa1fa03fd83b245efc90f9ccb)

All Branches