Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: default personal
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

default personal
fbf097bbe4a7...
Victor Julien
detect-asn1: fix memory leak in error path
f3fea60bae3e...
jason taylor
updated links to suricata.readthedocs.io
Signed-off-by: jason taylor <jtfas90@gmail.com>
e023ce9aad8f...
Victor Julien
rust/dns: fix new warning in rustc 1.21
d9e5dfa1f0e5...
Victor Julien
rust/file: improve truncation handling
d9c7f9bb17ca...
Sascha Steinbiss
stats: use unshortened interface names in counters
d5f7acd860f5...
Victor Julien
decoder: implement IEEE802.1AH
cf0a28bc6af9...
Victor Julien
napatech: fix minor memleak in error path
ceec247db162...
Victor Julien
detect/profile: minor fixes
ce0fb39219db...
qiangbei
detect/state: fix offset mask logic
changed 0xef to 0x7f
cb70d85c692d...
Wolfgang Hotwagner
conf: fix NULL-pointer dereference in CoredumpLoadConfig
An empty value for coredump.max-dump in the config-file leads to a segfault because of a NULL-pointer dereference in CoredumpLoadConfig().

Here is a configuration example:

coredump.max-dump: []

This lets suricata crash with a segfault:

ASAN-output:
==9412==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f22e851aa28 bp 0x7ffd90006fc0 sp 0x7ffd90006740 T0)
    0 0x7f22e851aa27 in strcasecmp (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x51a27)
    1 0x5608a7ec0108 in CoredumpLoadConfig /root/suricata-1/src/util-coredump-config.c:52
    2 0x5608a7e8bb22 in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2752
    3 0x5608a7e8c577 in main /root/suricata-1/src/suricata.c:2892
    4 0x7f22e4c622b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
    5 0x5608a7a30c59 in _start (/usr/local/bin/suricata+0xc4c59)

Bug #2276
b56c0b524bf3...
Victor Julien
detect: error out on invalid detect.profile option
Bug #891.
9b94679fce04...
Victor Julien
random: support getrandom(2) if available
Ticket: #2193
97cb5d397318...
Victor Julien
redis: suppress minor coverity warning
8fc82408b785...
Victor Julien
install: use up to date url for 'make install-full'
89b656d8eed0...
Danny Browning
unix socket: don't loose events when offline
https://redmine.openinfosecfoundation.org/issues/2215

Fixes issue with events being dropped since socket was non-blocking for
offline run modes.

Add a method for determining offline from run mode. Make sure SCInstance
offline is set correctly. Use current run mode to set socket flags.
862780c7c36e...
Victor Julien
detect: add debug statements for byte_extract/isdataat
7fb58e67831b...
Victor Julien
random: fix random logic with getrandom
The older random functions returned random values in the range of
0 - RAND_MAX. This is what the http randomize code was expecting.

Newer methods, based on getrandom (or probably Windows too), return
a much large range of values, including negative values and >RAND_MAX.

This patch adds a wrapper to turn the returned value into the expected
range before using it in the http code.

The same is true for the stream engine.
7eead7dfbccc...
Jason Ish
autotools: fix distcheck with rust enabled
7d032e26f116...
Peter Manev
valgrind: suppressions for NIC offloading calls
78486b197976...
Victor Julien
runmodes: fix 'threads' option parsing
Don't cast int to uint8_t for no reason. Add warning that upper
limit for threads is 1024.

Small code cleanups.

Bug: #2228
77c39b20f8f4...
Victor Julien
detect: handle very large byte_extract'ed values in isdataat
749fa014d13d...
Jason Ish
travis: allow rust-stable build to fail
72dd663e00df...
Victor Julien
yaml: print errors if integers are invalid
68ddea0b26dd...
Victor Julien
detect: implement byte_extract support for isdataat
664f826f8d63...
Victor Julien
detect/dns: fix misdetection on dns_query on udp
If 'raw' content patterns were used in a dns_query rule, the raw
patterns would only be evaluated for TCP, but not for UDP.

This patch adds the inspection for UDP as well.

Bug #2263.
65ac1f822482...
Victor Julien
detect: test for byte_extract/isdataat large values
63e1371c8bd2...
Alexander Gozman
syslog: treat SC_LOG_PERF messages as LOG_DEBUG
SCLogMapLogLevelToSyslogLevel(): treat SC_LOG_PERF messages as LOG_DEBUG

Previously, when logging to syslog, perf events had a default EMERG priority,
which could be a bit confusing.
4d25593b4aa1...
Sascha Steinbiss
json: skip over double dots in output tokenizing
Interface name shortening introduces double periods ('..') as spacers,
which cause issues during JSON stats serialization as there '.'
characters are also used as separators to define nesting of the JSON
output. This commit makes sure that '..' are skipped during tokenizing.
Fixes Redmine bug #2208.
3f6fbf94db0d...
Victor Julien
output: harden output deinit
If thread setup fails allow output deinit code to be called with
NULL data without crashing.
3e868188e6b1...
Victor Julien
yaml: add 'append' to stats-log entry
Bug #798
319a6f48ffbf...
Victor Julien
detect-id: clean up to suppress minor coverity warning
303238586c29...
Jason Ish
travis: rust 1.21.0 build
2e27a5df6b6c...
Wolfgang Hotwagner
conf: fix NULL-pointer dereference in ParseSizeString
If someone accidently writes invalid characters in some parts of the suricata.yaml-configfile, the size-parameter of the ParseSizeString-function becomes NULL and gets dereferenced. Suricata crashes with SEGV. This commit fixes Ticket #2274

The following config value leads to a Segfault:
app-layer.protocols.smtp.inspected-tracker.content-inspect-window: *4096
288d2ce3e9ad...
Jason Ish
travis: do make distcheck on Rust 1.15.0 build
2577a64e4404...
Victor Julien
stream: improve error handling of ssn/segment pools
With large number of threads the default memcaps lead to pool setup
failures. Make sure these are reported properly so that the user
knows what is going on.

Bug: #2226
2413b81d10f2...
Victor Julien
detect: add unittest for byte_extract/isdataat
207595396e90...
Victor Julien
changelog: update for 4.0.1 release
1729ab7d9467...
Victor Julien
detect: fix port parsing memory leak
Leak in error path as seen by scan-build:

  CC      detect-engine-port.o
detect-engine-port.c:1083:13: warning: Potential leak of memory pointed to by 'temp_rule_var_port'
    return -1;
            ^
0f65257a5077...
Victor Julien
detect: don't register http_*_line twice
094632730ee2...
Wolfgang Hotwagner
conf: fix NULL-pointer dereference in ConfGetInt
If there are empty values in the config-file where integer values are expected, strtoimax in the ConfGetInt-function will segfault because of NULL-pointer dereference.

Here is a configuration example:

pcre.match-limit: []

This will let suricata crash with a segfault.
ASAN-output:

ASAN:DEADLYSIGNAL =================================================================
16951ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fa690e3ccc5 bp 0x000000000000 sp 0x7ffd0d770ad0 T0)
0 0x7fa690e3ccc4 (/lib/x86_64-linux-gnu/libc.so.6+0x36cc4)
1 0x7fa6946a6534 in strtoimax (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x44534)
2 0x55e0aeba6499 in ConfGetInt /root/suricata-1/src/conf.c:390
3 0x55e0aed2545d in DetectPcreRegister /root/suricata-1/src/detect-pcre.c:99
4 0x55e0aec1b4ce in SigTableSetup /root/suricata-1/src/detect.c:3783
5 0x55e0aeeed58d in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2690
6 0x55e0aeeee4f2 in main /root/suricata-1/src/suricata.c:2892
7 0x7fa690e262b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
8 0x55e0aea92d39 in _start (/usr/local/bin/suricata+0xc7d39)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x36cc4)

This commit fixes Ticket #2275