cb01cc6929 
								
							
								 
							
						 
						
							
							
								
								base64: add Base64Ecode enum  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								9131d1d857 
								
							
								 
							
						 
						
							
							
								
								base64: add Base64Mode enum  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								1e3282f363 
								
							
								 
							
						 
						
							
							
								
								smtp: treat CR as a line terminator  
							
							... 
							
							
							
							The ideal line terminator for an SMTP line is <CRLF>. But, given that
bare LF is still allowed by many systems despite the prohibition by
standards, we have to consider that. In order to simplify things, we
consider bare CR as line terminators as well while updating the
delimiter parameter correctly if they were to be followed by a LF
immediately or as a part of next fragment.
This takes care of some edge cases that made base64 decoder error out
because unexpected data was sent to it at times.
Ticket: 5316 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								42a661f028 
								
							
								 
							
						 
						
							
							
								
								ci: adds CodeQL workflow and LGTM support  
							
							... 
							
							
							
							Ticket: #5307  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								51c78680d2 
								
							
								 
							
						 
						
							
							
								
								github-actions: bump ossf/scorecard-action from 1.1.0 to 1.1.1  
							
							... 
							
							
							
							Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](5c8bc69dc8...3e15ea8318 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								41314e0830 
								
							
								 
							
						 
						
							
							
								
								github-actions: bump github/codeql-action from 2.1.11 to 2.1.12  
							
							... 
							
							
							
							Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.11 to 2.1.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a3a6c128d7...27ea8f8fe5 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								d1a4dae36b 
								
							
								 
							
						 
						
							
							
								
								detect: use generic integer functions for streamsize  
							
							... 
							
							
							
							By the way, adds the prefilter feature
Ticket: #2697 
Ticket: #4112  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								35b6dcec7e 
								
							
								 
							
						 
						
							
							
								
								detect: use generic integer functions for filesize  
							
							... 
							
							
							
							Ticket: #4112  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								bfdf5b1952 
								
							
								 
							
						 
						
							
							
								
								detect: use generic integer functions for tcp mss  
							
							... 
							
							
							
							Ticket: #4112  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								025b510cac 
								
							
								 
							
						 
						
							
							
								
								detect: use generic integer functions for template2  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								261eebba12 
								
							
								 
							
						 
						
							
							
								
								detect: use generic integer functions for ttl  
							
							... 
							
							
							
							Ticket: #4112  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								2b0be91f28 
								
							
								 
							
						 
						
							
							
								
								detect: use generic integer functions for dsize  
							
							... 
							
							
							
							Ticket: #4112  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								f29b43defd 
								
							
								 
							
						 
						
							
							
								
								detect: rust generic functions for integers  
							
							... 
							
							
							
							Move it away from http2 to generic core crate.
And use it for DCERPC (and SMB)
And remove the C version.
Main change in API is the free function is not free itself, but
a rust wrapper around unbox.
Ticket: #4112  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								c4d9cb02ec 
								
							
								 
							
						 
						
							
							
								
								util: better hex print function  
							
							... 
							
							
							
							Without dangerous snprintf pattern identified by CodeQL
even if this pattern is not a problem in those precise cases,
it may easily get copy pasted in a dangerous place, so better
get rid of it and make CodeQL happy 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								6058792bee 
								
							
								 
							
						 
						
							
							
								
								rust: make suricata context const  
							
							... 
							
							
							
							So that it is read only and its pointers do not get modified 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								5a00acece2 
								
							
								 
							
						 
						
							
							
								
								ftp: remove temporary fields from state  
							
							... 
							
							
							
							As input, input_len and direction only last for the scope of
one call of AppLayerParserParse, it is not necessary to keep them
in FtpState which lives longer, so we consume less memory. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								6224e283fa 
								
							
								 
							
						 
						
							
							
								
								modbus: bump up rust crate version  
							
							... 
							
							
							
							So that probing parser is more strict and does not accept unknown
function code as valid modbus.
Ticket: #5377  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								c8a5207083 
								
							
								 
							
						 
						
							
							
								
								detect: introduce "like" ip-only signature type  
							
							... 
							
							
							
							Rules that look like they should be IP-only but contain a negated rule
address are now marked with an LIKE_IPONLY flag. This is so they are
treated like IPONLY rules with respect to flow action, but don't
interfere with other IPONLY processing like using the radix tree.
Ticket: #5361  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								d5abaf0b38 
								
							
								 
							
						 
						
							
							
								
								decode: fix integer warning  
							
							... 
							
							
							
							Newly introduced warning.
Regular cast as value is checked just before.
Ticket: #4516  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								717e51b7cf 
								
							
								 
							
						 
						
							
							
								
								defrag: fix integer warnings  
							
							... 
							
							
							
							Ticket: #4516  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								2d761810db 
								
							
								 
							
						 
						
							
							
								
								rust: cbindgen first verifies existing bindings  
							
							... 
							
							
							
							So as not to recompile every C file inclusing rust.h 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ced96a8aad 
								
							
								 
							
						 
						
							
							
								
								detect: parsing avoiding infinite loop  
							
							... 
							
							
							
							by comparing size_t to strlen result
Instead of uint16_t which would loop
Ticket: #5310  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								875eb58fb0 
								
							
								 
							
						 
						
							
							
								
								file: use functions on fd to avoid toctou  
							
							... 
							
							
							
							Ticket: #5308  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ecb8dd4de0 
								
							
								 
							
						 
						
							
							
								
								util: check for unsigned overflow in rohash  
							
							... 
							
							
							
							To make CodeQL happy 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								adda8801d8 
								
							
								 
							
						 
						
							
							
								
								conf: remove ConfGetValue  
							
							... 
							
							
							
							All uses of ConfGetValue are satisfied by ConfGet 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								5bd19135b0 
								
							
								 
							
						 
						
							
							
								
								util: remove malloc from streaming buffer config  
							
							... 
							
							
							
							as it is unused 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								0dd7c23fa0 
								
							
								 
							
						 
						
							
							
								
								github-actions: bump actions/cache from 3.0.2 to 3.0.3  
							
							... 
							
							
							
							Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](48af2dc4a9...30f413bfed 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								db73a12540 
								
							
								 
							
						 
						
							
							
								
								doc/tls: Add documentation for TLS logging  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								f42bb45ccd 
								
							
								 
							
						 
						
							
							
								
								doc/tls: Remove redundant example  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								e9976a0e14 
								
							
								 
							
						 
						
							
							
								
								suricata.yaml.in: Fix default value of prealloc-sessions  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								324f5ec10c 
								
							
								 
							
						 
						
							
							
								
								doc: Add missing ")" in example  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								32b39d054f 
								
							
								 
							
						 
						
							
							
								
								suricata.yaml.in: Remove duplicate "with" in comment.  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								e4163c4e02 
								
							
								 
							
						 
						
							
							
								
								doc: Fix typos  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								49bd6cfa5d 
								
							
								 
							
						 
						
							
							
								
								doc: Fix broken link  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								284ad462fc 
								
							
								 
							
						 
						
							
							
								
								output: adds schema.json  
							
							... 
							
							
							
							Ticket: #1369  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ebf0629615 
								
							
								 
							
						 
						
							
							
								
								log-pcap: remove tunnel locks  
							
							... 
							
							
							
							The tunnel lock mutex only "protects" the tunnel synchronization,
not the packet data, length or datalink fields. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								e7ab96c389 
								
							
								 
							
						 
						
							
							
								
								nflog: fix datalink compile issue  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								43d28f251f 
								
							
								 
							
						 
						
							
							
								
								util/action: convert unittests to FAIL/PASS API  
							
							... 
							
							
							
							Task #5371  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								9b9b6aa2ce 
								
							
								 
							
						 
						
							
							
								
								util/action: unittests clean-up (to sv tests)  
							
							... 
							
							
							
							Removing all unittests that work better as suricata-verify tests.
Task #5371  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								4ed6c928aa 
								
							
								 
							
						 
						
							
							
								
								unittest: minor helper cleanup  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								41b5364511 
								
							
								 
							
						 
						
							
							
								
								detect/parse: cleanup test  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								a437dde739 
								
							
								 
							
						 
						
							
							
								
								detect: parsing test cleanups/improvements  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								e738b10e23 
								
							
								 
							
						 
						
							
							
								
								host-os-info: add test to show mixed ipv4/ipv6  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								f3d887310c 
								
							
								 
							
						 
						
							
							
								
								rule/vars: clean up tests  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								1b65af2867 
								
							
								 
							
						 
						
							
							
								
								detect/iponly: minor code cleanup  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								beecc1890f 
								
							
								 
							
						 
						
							
							
								
								detect/iponly: include postmatch in determination  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								4b097460c2 
								
							
								 
							
						 
						
							
							
								
								detect/iponly: simplify handling of 'any' parsing  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ffef10c5d7 
								
							
								 
							
						 
						
							
							
								
								detect: address parsing variable rename to match code style  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								51ef6f4e3a 
								
							
								 
							
						 
						
							
							
								
								detect/iponly: remove unused code  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								6ccc01a79c 
								
							
								 
							
						 
						
							
							
								
								rust: fix doc comments that trigger rust warnings  
							
							... 
							
							
							
							Rust generates warnings that are treated as errors for documentation
blocks before `extern` blocks. 
							
						 
						
							3 years ago