aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,101 Commits
7 Branches
161 Tags
172 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'suricata-2.0.3'
${ noResults }
Commit Graph

5101 Commits (suricata-2.0.3)
 

Author SHA1 Message Date
Victor Julien c94b920874 flowint: fix compile warning 12 years ago
Victor Julien a8c416fc8b flowint: fix setup memory leaks 12 years ago
Victor Julien 16130cc974 ssh: fix memleaks during ssh.softwareversion init and cleanup 12 years ago
Victor Julien ec724a1e56 urilen: fix memory leak when freeing the rule 12 years ago
Anoop Saldanha cfa2cda42b fix for bug #973. 
An alternative solution for bug #970.

For chopped patterns, which in it's whole is a duplicate of another
pattern we assign an unique content id.
 12 years ago
Anoop Saldanha 4da2f29054 Unittest for bug #973. 12 years ago
Eric Leblond 013e7a0573 prscript: update code following buildbot upgrade 
The authentication scheme did change on the buildbot due to a
software upgrade. This patch update prscript.py to fix the build
submission.
 12 years ago
Eric Leblond fa861b09ac prscript: support bigger PR 
The script now looks for originan HEAD in 100 commits instead of 30.
It should be enough becasue a sane PR should not have 100 commits.
 12 years ago
Eric Leblond ad1546d59a prscript: display url where user can watch build 12 years ago
Victor Julien 0bfba8352d pcre: check for pcre_free_study, fall back to pcre_free if it unavailable 12 years ago
Victor Julien dd76e679fe mpm: clean up stream thread ctx 12 years ago
Victor Julien 6f450785fc profiling: properly clean up thread local memory. 12 years ago
Victor Julien eca1a8d73a profiling: don't alloc 0 bytes block if no rules are used 12 years ago
Victor Julien 468a8e1ca3 Properly cleanup NSS ctx 12 years ago
Victor Julien eedd4329da Change ParseSize api to not leak memory and only setup pcre once. 12 years ago
Victor Julien 3d78cc8ca6 DNS: free TX events using proper function 12 years ago
Victor Julien 6f2cb141cf Http: improve tx data cleanup 12 years ago
Victor Julien 239ab202c9 stream: clean up queue list in all cases 12 years ago
Victor Julien 67c12c61d3 Http: fix memory leaks when cleaning up our per-tx storage 12 years ago
Victor Julien 6aed56d093 Dns: fix memory leak when events are set 12 years ago
Anoop Saldanha cd7f0273a2 Add decoder event rule for tls event "invalid_ssl_record", which will now be available "app-layer-event:tls.invalid_ssl_record". 12 years ago
Anoop Saldanha cd80dcbfd4 bug #955 - Fix SSL parsing issue. 
The parser wasn't carrying out a bounds check on record length while
in the middle of parsing a handshake.  As a result we would step onto the
next record header and consider it a part of the current handshake.

- Contains an unittest to test the issue.
- Disable the duplicate parser unittest registration.

The issue came to light through an irregular ssl record, which was
reported by Sebastian Roschke, via CVE-2013-5919.

Thanks to Sebastian Roschke for reporting this issue.
 12 years ago
Anoop Saldanha 8c1e855632 fix for bug #970(ac-gfbs). 
Content strings that are a duplicate of a pattern from another sig, but
have a fast_pattern chop being applied, would end up being assigned the
same pattern id as the duplicate string.  But the string supplied to the
mpm would be the chopped string, which might result in the state_table
output_state content entry being over-riden by the the fuller string at
the final state of the smaller content length, because of which during a
match we might end up inspecting the search buffer against the fuller
content pattern, instead of the chopped pattern, which would end up being
an inspection beyond the buffer bounds.
 12 years ago
Anoop Saldanha 92a8b2b738 Unittest to display bug #970(ac-gfbs). 12 years ago
Anoop Saldanha 496f30a5e4 fix for bug #970(ac-bs). 
Content strings that are a duplicate of a pattern from another sig, but
have a fast_pattern chop being applied, would end up being assigned the
same pattern id as the duplicate string.  But the string supplied to the
mpm would be the chopped string, which might result in the state_table
output_state content entry being over-riden by the the fuller string at
the final state of the smaller content length, because of which during a
match we might end up inspecting the search buffer against the fuller
content pattern, instead of the chopped pattern, which would end up being
an inspection beyond the buffer bounds.
 12 years ago
Anoop Saldanha af95df67a5 Unittest to display bug #970(ac-bs). 12 years ago
Victor Julien 68ba9df8a0 Fix valgrind warning on memrchr unittest. 12 years ago
Anoop Saldanha d2ea799d38 fix for bug #970. 
Content strings that are a duplicate of a pattern from another sig, but
have a fast_pattern chop being applied, would end up being assigned the
same pattern id as the duplicate string.  But the string supplied to the
mpm would be the chopped string, which might result in the state_table
output_state content entry being over-riden by the the fuller string at
the final state of the smaller content length, because of which during a
match we might end up inspecting the search buffer against the fuller
content pattern, instead of the chopped pattern, which would end up being
an inspection beyond the buffer bounds.
 12 years ago
Anoop Saldanha da75db9330 Unittest to display bug #970. 12 years ago
Victor Julien 397a55457d Add sanity checks for command line argument handling 
Coverity 1075221.

Normally getopt_long should cover this case, but can't hurt to
add in some extra checks.
 12 years ago
Victor Julien c8b71938ff Add a fallback memrchr implementation for those platforms that dont support it. Bug #963. 12 years ago
Victor Julien e77b21a7f7 Suppress compiler warning about comparing signed and unsigned vars 12 years ago
Victor Julien bb8298ffa2 Move header thread_affinity declaration to extern to avoid duplicate declarations. 12 years ago
Victor Julien 3470b07ea5 Fix several compile and runtime warnings found by clang 3.2 with the -fsanitize=address option. 12 years ago
Victor Julien c82ecf553a Tag: document in the code that 'tag' is compatible with ip only 12 years ago
Victor Julien d12761233c Don't set tag on pseudo packets 12 years ago
Victor Julien 02cbbd0b89 unified2: fix tags not being logged. Bug #968 12 years ago
Anoop Saldanha 3749fc98fd Modify handling of negated content. 
The old behaviour of returning a failure if we found a pattern while
matching on negated content is now changed to continuing searching
for other combinations where we don't find the pattern for the
negated content.

Thanks to Will Metcalf for reporting this.
 12 years ago
Victor Julien 8539791c7e Coverity 1038102: remove dead code from host hash 12 years ago
Victor Julien 8237bbf18a Coverity 1038101: remove dead code from host hash timeout code 12 years ago
Victor Julien 440124a4b9 Coverity 1038100: remove dead code from flow hash timeout code(2) 12 years ago
Victor Julien 243060a6b7 Coverity 1038099: remove dead code from flow hash timeout code 12 years ago
Victor Julien 2e82772a0a Coverity 1038098: remove dead code from flow hash 12 years ago
Victor Julien aecefd00bd Coverity 1038095: remove dead code from defrag hash timeout code 12 years ago
Victor Julien 16056d51f2 Coverity 1038094: remove dead code from defrag hash 12 years ago
Victor Julien 32503bafaa Coverity 1038089: error check fseek call 12 years ago
Victor Julien 4827a4dcef Coverity 400477: pcre_get_substring retval 
Add missing return code check to pcre_get_substring call.
 12 years ago
Victor Julien 790866656b Coverity 1038129 fix 
Don't leak memory on malloc error in b2gm mpm implementation.
 12 years ago
Victor Julien 33919559d0 Fix memory leak on invalid luajit signature. Coverity 1038520. 12 years ago
Victor Julien 51c6a333d9 geoip: never try to store more locations than possible (Coverity 1038517) 12 years ago