Commit Graph

8581 Commits (b9cf49e933d8216e31136ec4b64fc46653d6d729)
 

Author SHA1 Message Date
Victor Julien 68ddea0b26 detect: implement byte_extract support for isdataat 8 years ago
Victor Julien 862780c7c3 detect: add debug statements for byte_extract/isdataat 8 years ago
Victor Julien fbf097bbe4 detect-asn1: fix memory leak in error path 8 years ago
Victor Julien 1729ab7d94 detect: fix port parsing memory leak
Leak in error path as seen by scan-build:

  CC       detect-engine-port.o
detect-engine-port.c:1083:13: warning: Potential leak of memory pointed to by 'temp_rule_var_port'
    return -1;
            ^
8 years ago
Victor Julien 319a6f48ff detect-id: clean up to suppress minor coverity warning 8 years ago
Victor Julien 97cb5d3973 redis: suppress minor coverity warning 8 years ago
Victor Julien d5f7acd860 decoder: implement IEEE802.1AH 8 years ago
Victor Julien 7fb58e6783 random: fix random logic with getrandom
The older random functions returned random values in the range of
0 - RAND_MAX. This is what the http randomize code was expecting.

Newer methods, based on getrandom (or probably Windows too), return
a much large range of values, including negative values and >RAND_MAX.

This patch adds a wrapper to turn the returned value into the expected
range before using it in the http code.

The same is true for the stream engine.
8 years ago
Victor Julien 9b94679fce random: support getrandom(2) if available
Ticket: #2193
8 years ago
Victor Julien cf0a28bc6a napatech: fix minor memleak in error path 8 years ago
Victor Julien 72dd663e00 yaml: print errors if integers are invalid 8 years ago
Victor Julien b56c0b524b detect: error out on invalid detect.profile option
Bug #891.
8 years ago
Victor Julien 3e868188e6 yaml: add 'append' to stats-log entry
Bug #798
8 years ago
Victor Julien 207595396e changelog: update for 4.0.1 release 8 years ago
Jason Ish 7eead7dfbc autotools: fix distcheck with rust enabled 8 years ago
Sascha Steinbiss d9c7f9bb17 stats: use unshortened interface names in counters 8 years ago
Sascha Steinbiss 4d25593b4a json: skip over double dots in output tokenizing
Interface name shortening introduces double periods ('..') as spacers,
which cause issues during JSON stats serialization as there '.'
characters are also used as separators to define nesting of the JSON
output. This commit makes sure that '..' are skipped during tokenizing.
Fixes Redmine bug #2208.
8 years ago
Victor Julien d9e5dfa1f0 rust/file: improve truncation handling 8 years ago
qiangbei ce0fb39219 detect/state: fix offset mask logic
changed 0xef to 0x7f
8 years ago
Victor Julien 78486b1979 runmodes: fix 'threads' option parsing
Don't cast int to uint8_t for no reason. Add warning that upper
limit for threads is 1024.

Small code cleanups.

Bug: #2228
8 years ago
Victor Julien 3f6fbf94db output: harden output deinit
If thread setup fails allow output deinit code to be called with
NULL data without crashing.
8 years ago
Victor Julien 2577a64e44 stream: improve error handling of ssn/segment pools
With large number of threads the default memcaps lead to pool setup
failures. Make sure these are reported properly so that the user
knows what is going on.

Bug: #2226
8 years ago
Victor Julien e023ce9aad rust/dns: fix new warning in rustc 1.21 8 years ago
Victor Julien fd38e5e82b rust/nfs: fix new warnings in rustc 1.21 8 years ago
Victor Julien 1180687574 doc/file_data: add note on negated matching
Explain issue #2216 and how to avoid it.
8 years ago
Victor Julien 456af8faa8 doc/napatech: formatting fixes 8 years ago
Victor Julien e7428b321d profiling: fix app-layer profiling and csv output 8 years ago
Victor Julien 62b8431fdd debug: free pcre memory used for output filtering 8 years ago
Victor Julien c0d8def0e5 tls: don't set event on small input data
On very small data the max loop count could be 0. Make sure
it's always at least 1.
8 years ago
Eric Leblond 7ee989a3ab prscript: update urls to use OISF repo 8 years ago
Jason Ish eb5193c5b4 travis: hook check-setup.sh into the build
Only do it for one build, for now use the one that also
enables Rust.
8 years ago
Jason Ish 40a1a972d6 template: script to check the setup scripts
This script applies the setup scripts one by one followed
by a make distcheck.
8 years ago
Jason Ish d1ac839333 template scripts: allow to be called from top or src
Allow the template setup script to be called from the top source
directory or from ./src to unify where they can be executed
from.
8 years ago
Jason Ish ea2ef1b51a templates: rename scripts to use - instead of _
Use "-" consistently instead of a mix of - and _.

setup_decoder.sh -> setup-decoder.sh
setup_simple_detect.sh -> setup-simple-detect.sh
8 years ago
Victor Julien 21231fd198 github: codeowners syntax fixes 8 years ago
Victor Julien cfed351149 github: add codeowners file
Initial version.

See https://help.github.com/articles/about-codeowners/
8 years ago
Victor Julien 499afaba4b template: fix decoder setup script 8 years ago
Victor Julien 7783847467 template: fix setup detect script 8 years ago
Victor Julien 05d3a4db90 template: minor updates
Merge inspect engine into keyword
8 years ago
Derek d9a7a6d3e5 dns: fix last timestamp handling
Fixes incorrect variable in ticket #2207

In app-layer-dns-tcp.c in the DNSTCPResponseParse function
a variable is set to last_req when it should be last_resp.
This makes it consistent with UDP DNS response parsing.
8 years ago
Eric Leblond 8fa6e065bc af-packet: free bpf program
This fixes a small memory leak when Suricata is running with a
BPF filter.
8 years ago
Eric Leblond 7127ae2b44 af-packet: call thread deinit function 8 years ago
Eric Leblond 620f2540c6 prscript: update docker code
Update docker code to latest docker python API. This patch
preserves backwrd compatibility with older versions.
8 years ago
Andreas Herz c048ee6505 doc: reflect most recent cpu affinity settings
Some settings like output-cpu-set never been used and detect got renamed
to worker. This reflects those changes already present in the yaml also
within the documentation.
8 years ago
Mats Klepsland d363a165c1 app-layer-ssl: fix bug with >255 records in one stream 8 years ago
Andreas Herz a59390e8de rule-parser: bump sids within siggroup test 8 years ago
Andreas Herz a0ec5fe9b7 rule-parser: detect duplicate rev keyword 8 years ago
Andreas Herz ea02541913 rule-parser: detect duplicate sid keyword 8 years ago
Andreas Herz 0210d70550 rule-parser: detect duplicate classtype keyword 8 years ago
Victor Julien f47df5a671 afpacket: free ring mem on error 8 years ago