suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	9bda558c59	stream/sack: optimize SACK size handling Optimize by keeping count during insert/remove instead of walking the tree per check.	7 years ago
Victor Julien	7ec7d234cc	stream/sack: turn SACK record list into rbtree Convert to rbtree from linked list. These ranges, of which there can be multiple per packet, are fully controlled by an attacked. The attacker could craft a stream of packet in such a way that the list would grow very large. This would make inserts/removals very expensive, as well as the list walk that is done and size calculation and pruning operations. The RBTREE makes inserts/removals much cheaper, at a slight overhead for 'normal' operations and slightly higher per record memory use.	7 years ago
Victor Julien	11be9bd971	mingw: add SCNtohl and SCNtohs macro's On MinGW the result of ntohl needs to be casted to uint32_t and the result of ntohs to uint16_t. To avoid doing this everywhere add SCNtohl and SCNtohs macros.	8 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	9 years ago
Victor Julien	1de1413863	stream: validate SACK right edge to be in window	9 years ago
Victor Julien	d84dc02bd7	tcp sack: improve tests	10 years ago
Victor Julien	d79208d93b	tcp sack: fix alignment issues	10 years ago
Jason Ish	796dd5223b	tests: no longer necessary to provide successful return code 1 pass, 0 is fail.	10 years ago
Tom DeCanio	ce472d88be	sanity check tcp SACK edges prior to recording. Attempt to avoid Cisco ASA tcp randomization issue with it not properly writing sequence numbers in SACK.	11 years ago
Ken Steele	8f1d75039a	Enforce function coding standard Functions should be defined as: int foo(void) { } Rather than: int food(void) { } All functions where changed by a script to match this standard.	11 years ago
Victor Julien	5206928702	stream: in SACK, always decrease memcap on free We should always decrease the stream memcap on freeing SACK records.	12 years ago
Victor Julien	b6995f7664	Bug 794: stream SACK list needs to respect memcap	13 years ago
Eric Leblond	e176be6fcc	Use unlikely for error treatment. When handling error case on SCMallog, SCCalloc or SCStrdup we are in an unlikely case. This patch adds the unlikely() expression to indicate this to gcc. This patch has been obtained via coccinelle. The transformation is the following: @istested@ identifier x; statement S1; identifier func =~ "(SCMalloc\|SCStrdup\|SCCalloc)"; @@ x = func(...) ... when != x - if (x == NULL) S1 + if (unlikely(x == NULL)) S1	13 years ago
Victor Julien	372ab9c433	Another batch of minor fixed for issues found by Coverity.	14 years ago
Victor Julien	cdba2f50d1	Various fixes and improvements based on feedback by Coverity analyzer.	14 years ago
Victor Julien	f303f3f523	Fix a logic error in the SACK list cleanup causing a memleak and invalid memory access at the same time.	15 years ago
Victor Julien	d0374ced38	Implement SACK in the stream engine.	15 years ago

17 Commits (fbcdd2ec267d49040ca178f8562767d8fb00aa73)