aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,021 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd62616f805'
${ noResults }
Commit Graph

12021 Commits (d62616f80545c3bad845487973ef053dd8f886a1)
 

Author SHA1 Message Date
Victor Julien 5062023ffe detect/ftp: convert to v2 inspect API 4 years ago
Victor Julien 2320d62872 detect/mqtt: convert to v2 inspect API 4 years ago
Victor Julien 5611f9ddbd detect/modbus: convert to v2 inspect API 4 years ago
Victor Julien ce6f8605ea detect/enip/cip: convert to v2 inspect API 4 years ago
Victor Julien 35310313de detect/http2: inspect API v2 4 years ago
Victor Julien 67d45f7e3c detect/krb5: use inspect api v2 4 years ago
Victor Julien 197f99a134 detect/ftpbounce: switch to inspect api v2 4 years ago
Victor Julien 0f2c94ffea detect/files: remove unused prototypes 4 years ago
Victor Julien e0e4454db7 detect/files: inspect api v2 4 years ago
Victor Julien 48094b05c8 detect/file: minor cleanup 4 years ago
Victor Julien cd146adef0 detect/dnp3: convert to v2 inspect API 4 years ago
Victor Julien 9f8a8f368a detect/dcerpc: convert to v2 inspect API 4 years ago
Victor Julien db0665bccc detect/dns: convert to v2 inspect API 4 years ago
Victor Julien 8c7423fcb8 detect/app-layer-event: convert to v2 inspect API 4 years ago
Victor Julien c6c93d1d12 detect/stream: convert to inspect API v2 4 years ago
Victor Julien 51f38f6453 detect/payload: minor formatting fixup 4 years ago
Jason Ish 1f1a765132 github-ci: build cbindgen during prep 
Instead of building cbindgen in every build, build it once
during prep as a static musl binary to avoid library issues.
 4 years ago
Jason Ish f945acf733 github-ci: remove prep directories before upload 
Removing the libhtp, suricata-update and suricata-verify directories
before uploading the artifact reduces the upload time from minutes
to seconds.
 4 years ago
Jason Ish 42196e932e github-ci: fedora 33 test build (based on fedora 32) 4 years ago
Jason Ish ea36c01a8f github-ci: remove fedora 31 (eol) 4 years ago
Victor Julien 3fdfec860f version: start 7.0.0 development 4 years ago
Victor Julien e860b9eee9 version: set to 6.0.1 4 years ago
Victor Julien 1d84f72a65 changelog: update for 6.0.1 4 years ago
Philippe Antoine 8c4e53e803 dnp3: regenerates C code with script 4 years ago
Philippe Antoine 15980af7de dnp3: avoids DOS by too long loop over null-sized objects 4 years ago
Philippe Antoine 5749024e3f dnp3: fix memory leak with object containing bytearrays 4 years ago
Philippe Antoine 001350547a dnp3: fix signed integer overflow 
By using unsigned integers everywhere
 4 years ago
Shivani Bhardwaj ea0936199d output: use BASE64_BUFFER_SIZE macro 
Base64Encode function requires the maximum length of the output string
as its last parameter. Use the macro BASE64_BUFFER_SIZE to calculate it
correctly.
 4 years ago
Shivani Bhardwaj b0a6ed1e2a datasets/string: fix buffer overflow 
The size of encoded_data array and the maximum output length parameter
to Base64Encode function were incorrect leading to buffer overflow for
certain cases. The algorithm requires at least 5 bytes of space to even
convert a string of length 1.

Use BASE64_BUFFER_SIZE macro to correctly calculate this output length.
Set size of encoded_data array to the calculated output length.
 4 years ago
Shivani Bhardwaj 02942a123a util/crypt: Add macro for max base64encode len 
Maximum length of a base64 encoded string can be 33% over the actual
length of the input string. The formula to best cover all the edge cases
is mathematically
(4 * (input_length + 2) / 3) + 1

Add a macro to calculate this for a given input length.
 4 years ago
Philippe Antoine 057c4b34c8 ftp: optimize FTPGetOldestTx by starting from last handled tx 
Avoids DOS by quadratic complexity algorithm.
Attack is
1 stack many requests/transactions (like cwd commands on a line)
2 get many answers
 4 years ago
Philippe Antoine f574663352 http2: files inspection API fixes 
uses right transaction id for file tracker
uses FILE_USE_DETECT for good matches with keyword startswith
 4 years ago
Philippe Antoine a63ee5adbd http2: allow multiple size updates in one headers batch 
cf RFC 7541 section 4.2
 4 years ago
Victor Julien a8fc481cd3 http2: avoid null pointer deref in alert output 
Bug #4120.
 4 years ago
Philippe Antoine 096dce4bba http2: allow filestore to work with HTTP2 4 years ago
Philippe Antoine d5ac77ee8b packet: set length of 0 for too big copy 4 years ago
Philippe Antoine 6d2247391e ssl: improves keyword ssl_version parsing 
Removes the use of PCRE for performance
Forbids empty negations after a valid pattern
Forbids mixing negative and positive forms as it is irrelevant
Forbids useless repetition of a version
 4 years ago
Philippe Antoine 6181459086 smb: do not rely on one valid NBSS byte for probing 
Need to have the SMB header so as to validate
 4 years ago
Philippe Antoine 48f0c612e3 ssl: upgarde to uint32 for bytes_processed 
as it can overflow, and is compared with uint32 such as
message_length and message_start and
 4 years ago
Philippe Antoine 445e03d752 detect: null sanity checks for pkthdr 
Even when the rules are only applied on traffic with the protocol
the structure for the protocol header can be set to NULL if there
was an error parsing the header
 4 years ago
Victor Julien f5af8864f7 configure: require libhtp 0.5.36 4 years ago
Philippe Antoine 4e242645be doc: explicit header normalization further 
And their concatenation as described in RFC 2616
 4 years ago
Victor Julien 3ea33f5e47 github-ci: CentOS 6 is EOL 4 years ago
Philippe Antoine 6b30890de9 doc: http.uri.raw has no spaces 
as they are in the protocol

cf bug #2881
 4 years ago
Jason Ish f3c59ef8a6 rust: handle windows naming change from .lib to .a 
Prior to Rust 1.44, Cargo would name static libs with the .lib
extension. 1.44 changes this extension to .a when running under
a GNU environment on Windows like msys to make it more similar
to other unix environments.

Now assume static library name to be the same on Windows and
unix, but rename the .lib if found to still support older
versions of Rust on Windows.
 4 years ago
Jason Ish 10f639e9d1 configure/mingw: move libs in LDFLAGS to LDADD 
Moving the libs specified in LDFLAGS to LDADD put them into the
correct placement on in the link command.
 4 years ago
Philippe Antoine 466466883b rust: do not rebuild stdlib when coverage is enabled 
Because both seem incompatible for now
 4 years ago
Philippe Antoine 33905b0910 fuzz: check PacketCopyData return value before processing packet 4 years ago
Philippe Antoine 18d8164a27 fuzz: limit memcap for datasets when fuzzing 4 years ago
Philippe Antoine 65e232669c dnp3: better limit for tests when fuzzing 4 years ago