aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,827 Commits
8 Branches
163 Tags
195 MiB
main-8.0.x
main
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9f4dd4fc56'
${ noResults }
Commit Graph

13827 Commits (9f4dd4fc56a8885bdff0714352dffa5b897f5979)
 

Author SHA1 Message Date
Victor Julien 9f4dd4fc56 smtp/files: don't modify prev file on open failure 3 years ago
Victor Julien e601ebdfd8 files: always initialize inspect_window and min_inspect_depth 
This is to make sure the files buffers are properly managed even
when there are no rules or when there are no file.data rules.

Bug: #5703.
 3 years ago
Victor Julien cade6046c5 rust/files: open file without trackid as pointer 3 years ago
Victor Julien ad869e1c52 rust/filecontainer: remove unused declaration 3 years ago
Victor Julien df7d8d96c9 streaming/buffer: set hard limit on buffer size 
Don't allow the buffer to grow beyond 1GiB. Add a once per thread
warning if it does reach it.

Bug: #5703.
 3 years ago
Jason Ish bf1c185c03 github-ci/centos:7: cache yum RPMs 3 years ago
Jason Ish 1c13efb8d4 github-ci/windows: cache cargo artifacts 3 years ago
Jason Ish 6da066cc53 github-ci/macos: don't force cbindgen 
We want to use binary from the cache if available.
 3 years ago
Jason Ish 0dddfbc8e6 github-ci: cache RPMs on dnf distros 3 years ago
Jason Ish 814a76a217 github-ci: better .cargo caching 3 years ago
Philippe Antoine 086b28da3d http2: fix decompression buffering 
It was not enough to set Cursor position to 0,
also its inner Vec should be cleared.

This way, a new input gets written at the beginning of the
Cursor and its inner Vec...

Ticket: #5691
 3 years ago
Philippe Antoine c6349d3cfc http2: support padded data frames 
Ticket: #5691
 3 years ago
Victor Julien 2edfff7a0c src: unify how warnings specify ticket id's 3 years ago
Jason Ish 0c00f28ebc afpacket/netmap: warn about mixed ips, ids/tap deprecation 
Suricata already logs if AF_PACKET or Netmap are running in a mixed IPS
and IDS/TAP mode.  As the behavior is undefined when these modes are
mixed, it is best to deprecate and to not allow this behavior. For now
warn that it will be unsupported and fail in Suricata 8.

Ticket: 5587
 3 years ago
Philippe Antoine 222f2ac1c5 ci: remove unnecessary write permission to github workflow 3 years ago
Philippe Antoine 7fd3aaa81c ci: build with -Werror for -Wimplicit-int-conversion 
So that CI gets red
 3 years ago
Philippe Antoine 3e4f58e375 detect: fix memory leak when parsing signature 
Ticket: #5529
 3 years ago
Victor Julien 1e653cc36d profiling: fix includes 3 years ago
Todd Mortimer 15c77be937 swf-decompression: Disable by default. 
Add an entry to the upgrade guide noting the change.

Ticket: #5632
 3 years ago
Victor Julien 50b858aa49 ipfw: fix missing include 3 years ago
Victor Julien f3f2807202 netmap: fix missing include 3 years ago
Jason Ish dcd9dabc70 classification: continue processing on parse error 
Instead of returning on the first line that fails to parse, log the
error and continue instead of returning.

The fail fast makes sense in test mode, but not in a normal run mode
where you don't want one bad line to abort processing the whole file.

This will still fail out in test mode.

Related issue: 4554
 3 years ago
Philippe Antoine ad713246a9 src: remove double includes 
Keep the unconditional include to be sure it works

git grep '#include "' src/*.c | sort | uniq -c | awk '$1 > 1'
 3 years ago
Philippe Antoine 9af0dafbad src: fix some include orders 
So as to be able to get include removal right
 3 years ago
Philippe Antoine cc23923de1 src: remove obsolete comment 
Should have been removed along by commit
82dba07579
 3 years ago
Philippe Antoine 62352ad030 src: fix remaining cppclean warnings 3 years ago
Philippe Antoine 1f066cbbe8 unittest: fix unneeded includes as per cppclean 
Especially because there is conditional inclusion from a header
 3 years ago
Philippe Antoine 662f0ce503 util: fix includes for util-memcmp 
u8_tolower is now in suricata-common.h

Fixes commit 19e94e93fa
 3 years ago
Philippe Antoine 7cfc45a6f8 ci: adds one build with hyperscan 3 years ago
Philippe Antoine fbccd74f89 ci: adds build with luajit 3 years ago
Philippe Antoine e85f3916e3 src: fix integer warnings 
and adds defrag debug validations
 3 years ago
Philippe Antoine b5147189ae tls: fix off by one in supported versions extension 
Ticket: #5663
 3 years ago
Jeff Lucovsky a4239d433a detect/bsize: Validate bsize values after parsing 
Issue: 2982

This commit moves bsize validation with respect to content matches to
the post-parse validation stage. This allows bsize to consider all
content-related values, including those that follow the bsize keyword.
 3 years ago
Jeff Lucovsky 9d73777a46 bsize/general: Remove unnecessary includes 
This commit removes unused/commented out #include lines.
 3 years ago
Jeff Lucovsky 8b41754acd add to general: Typo fixup 3 years ago
Jeff Lucovsky 8df6701186 netmap: Fix include file issues 3 years ago
Jeff Lucovsky 197ad51138 doc: Update bsize documentation 
This commit updates the bsize documentation

1. Describe what happens when "content" immediately precedes "bsize"
2. Include the operators and
3. Include examples using the operators.
 3 years ago
Jeff Lucovsky ecfdc24e08 detect/bsize: Semantic validation of bsize values 
This commit adds validation of the bsize value(s) with the available
buffer size. Signatures are flagged if the bsize and buffer size are
incompatible.

Issue: 3682
 3 years ago
Jeff Lucovsky 25c0a6ea7c tests/bsize: Test cases with preceding content 
This commit adds test cases that validate behavior when "content"
immediately precedes "bsize".
 3 years ago
Jeff Lucovsky c91b987732 general: Typo fixup 3 years ago
Jeff Lucovsky 115297c016 detect/content: Use SCCalloc instead of malloc/memset 
This commit replaces a SCMalloc/memset with SCCalloc
 3 years ago
Jeff Lucovsky 7eb5fb1826 detect/content: Consider distance in validation 
Ticket: 2982

This commit validates that the content usage in a rule will not exceed
the dsize value.

Values of distance that cause the right edge to be exceeded are
considered an error and the signature will be rejected.
 3 years ago
Shivani Bhardwaj 58e5033a44 util/base64: use padding var for calculations 3 years ago
jason taylor 9dc8fffe05 userguide: update tos keyword information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor 1d9b91a987 userguide: update fragoffset keyword information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor 7c73144988 userguide: update fragbits information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor 4be9793e36 userguide: update geoip information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor e8eba6e4a1 userguide: update id keyword information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor cfd0da133e userguide: update ipv6.hdr keyword information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago
jason taylor 150a04b597 userguide: update ipv4.hdr keyword information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 3 years ago