thanks !<br><br><div class="gmail_quote">On Sun, Jan 8, 2012 at 6:02 AM, Delta Yeh <span dir="ltr"><<a href="mailto:delta.yeh@gmail.com">delta.yeh@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Both or the second one only.<br>
<br>
The first patch fix #234 which support enable/disable app layer<br>
parser in suricata.yaml file.<br>
<br>
The second patch fix a segment fault if http app layer parser is disabled<br>
in suricata.yaml because some API exposed by http parser is called in<br>
suricata.c.<br>
<br>
The app layer parser init is done in a thread module so we can't<br>
ensure the init function is called before the API called in suricata.c<br>
<br>
So if you apply the first patch, you should also patch the second one.<br>
<br>
<br>
<br>
<br>
2012/1/8 Peter Manev <<a href="mailto:petermanev@gmail.com">petermanev@gmail.com</a>>:<br>
<div class="HOEnZb"><div class="h5">><br>
><br>
> On Fri, Jan 6, 2012 at 3:00 PM, Victor Julien <<a href="mailto:victor@inliniac.net">victor@inliniac.net</a>> wrote:<br>
>><br>
>> On 01/06/2012 02:24 PM, Delta Yeh wrote:<br>
>> > Hi all,<br>
>> > The attachment is the patch to fix segment fault if http app layer<br>
>> > parser is not enabled.<br>
>> > This bug is introduced when fix #234.<br>
>> ><br>
>> > I would be appreciated if someone will review it.<br>
>><br>
>> It would probably be a good idea to invalidate all signatures that use<br>
>> http_* content modifiers and "alert http" as well if the app layer<br>
>> module is disabled.<br>
>><br>
>> --<br>
>> ---------------------------------------------<br>
>> Victor Julien<br>
>> <a href="http://www.inliniac.net/" target="_blank">http://www.inliniac.net/</a><br>
>> PGP: <a href="http://www.inliniac.net/victorjulien.asc" target="_blank">http://www.inliniac.net/victorjulien.asc</a><br>
>> ---------------------------------------------<br>
>><br>
>> _______________________________________________<br>
>> Oisf-devel mailing list<br>
>> <a href="mailto:Oisf-devel@openinfosecfoundation.org">Oisf-devel@openinfosecfoundation.org</a><br>
>> <a href="http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" target="_blank">http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>
><br>
><br>
> should we use just this patch , or should we use it over the previous one<br>
> you sent ?<br>
> Thanks<br>
><br>
> --<br>
> Peter Manev<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Peter Manev<br>