[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0beta2-263-gb603ad6
noreply at openinfosecfoundation.org
noreply at openinfosecfoundation.org
Sun Feb 9 11:33:30 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via b603ad62e56ae9aa8a18409a98abc2d2042573db (commit)
via f7b1aefaf451bc4675630d27d34357594f5b8cd7 (commit)
via 85760a7044d121b7d48cf2d28784c419758529c0 (commit)
via fdca557e0162e02ee5b40949948685e3ca8ae5c0 (commit)
via 43aa74d711eb774053e3fd85a9705638a49eaf60 (commit)
via 01b80e2d8fb8909ca32caea11383de3f7d4b94a4 (commit)
via b75eb77295984cb6ac8b0000e621e1e0f978b715 (commit)
via fd193107debd2a54f7372c75021b7404f3036bc9 (commit)
via cd91738a4b4d84f6191bb0081a8cf7fd7f6569fa (commit)
via d0a26c6a179a95bea60adf9584be63a36f426d97 (commit)
via 3b914eb7ba1feff68ddbd5d5c419b95adcdc91d1 (commit)
via 7b4be598c46da33b0fb4addf949ebb8aa7e8ab8a (commit)
from 7a9da787f9151d8a919c73ca25dfb66b353e1b20 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b603ad62e56ae9aa8a18409a98abc2d2042573db
Author: Eric Leblond <eric at regit.org>
Date: Sat Feb 8 22:01:13 2014 +0100
af-packet: declare TP_STATUS_VLAN_VALID if needed
Some old distribution don't ship recent enough linux header. This
result in TP_STATUS_VLAN_VALID being undefined. This patch defines
the constant and use it as it is used in backward compatible method
in the code: the flag is not set by kernel and a test on vci value
will be made.
This should fix https://redmine.openinfosecfoundation.org/issues/1106
commit f7b1aefaf451bc4675630d27d34357594f5b8cd7
Author: Victor Julien <victor at inliniac.net>
Date: Sat Feb 8 17:39:16 2014 +0100
Bug 1107: decoders: bail out on pseudo packets
Flow-timeout code injects pseudo packets into the decoders, leading
to various issues. For a full explanation, see:
https://redmine.openinfosecfoundation.org/issues/1107
This patch works around the issues with a hack. It adds a check to
each of the decoder entry points to bail out as soon as a pseudo
packet from the flow timeout is encountered.
Ticket #1107.
commit 85760a7044d121b7d48cf2d28784c419758529c0
Author: Victor Julien <victor at inliniac.net>
Date: Sat Feb 8 17:09:10 2014 +0100
Flow: fix flow reference cnt issues
FlowReference stores the flow in the destination pointer and increases
the flow reference counter (use_cnt). This should only be called once
per destination pointer. The reference counter is decremented when
FlowDereference is called. Multiple FlowReference calls would lead to
multiple use_cnt bumps, while there would be only one FlowRereference.
This lead to a use_cnt that would never become 0, meaning the flow
would stay in the hash for the entire lifetime of the process.
The fix here is to check if the destination pointer is already set to
the flow. If so, we don't increase the reference counter.
As this is really a bug, this condition will lead to a BUG_ON if the
DEBUG_VALIDATION checking is enabled.
commit fdca557e0162e02ee5b40949948685e3ca8ae5c0
Author: Victor Julien <victor at inliniac.net>
Date: Sat Feb 8 11:25:13 2014 +0100
ipv4 decoder: set 'invalid' event on icmpv6
ICMPv6 on IPv4 is invalid, so if we encounter this we set an event
and flag the packet as invalid.
Ticket #1105.
commit 43aa74d711eb774053e3fd85a9705638a49eaf60
Author: Victor Julien <victor at inliniac.net>
Date: Sat Feb 8 10:35:47 2014 +0100
debug-validation: fix packet check
On fragments and invalid packets we can have p->proto set, while the
matching protocol header pointer is null.
commit 01b80e2d8fb8909ca32caea11383de3f7d4b94a4
Author: Victor Julien <victor at inliniac.net>
Date: Fri Dec 20 14:38:22 2013 +0100
detect ip-only: update radix usage
Update IP-only lookups to the changed radix API.
The return of user_data is treated as a succesful lookup, instead of
the node.
commit b75eb77295984cb6ac8b0000e621e1e0f978b715
Author: Victor Julien <victor at inliniac.net>
Date: Fri Dec 20 14:37:10 2013 +0100
host-os-info: update radix lookups
Update host OS lookups to use the new API.
The return of user_data is treated as a succesful lookup, instead of
the node.
commit fd193107debd2a54f7372c75021b7404f3036bc9
Author: Victor Julien <victor at inliniac.net>
Date: Fri Dec 20 14:36:14 2013 +0100
unused reputation: radix update
Update the unused reputation code to compile after radix update.
commit cd91738a4b4d84f6191bb0081a8cf7fd7f6569fa
Author: Victor Julien <victor at inliniac.net>
Date: Fri Dec 20 14:34:48 2013 +0100
defrag: update radix usage
Update defrag timeout lookup to use the updated radix API.
The return of user_data is treated as a succesful lookup, instead of
the node.
commit d0a26c6a179a95bea60adf9584be63a36f426d97
Author: Victor Julien <victor at inliniac.net>
Date: Fri Dec 20 14:32:33 2013 +0100
radix: update HTP config lookup logic
The HTP config tree is a radix. The lookups are updated to the new API.
The return of user_data is treated as a succesful lookup, instead of
the node itself.
commit 3b914eb7ba1feff68ddbd5d5c419b95adcdc91d1
Author: Victor Julien <victor at inliniac.net>
Date: Fri Dec 20 14:29:13 2013 +0100
radix: update tests after API change
This patch updates all the radix tests to the new API. In most cases
it just passes a NULL user data return pointer.
It also removes the tests related to SC_RADIX_NODE_USERDATA, as this
macro is removed.
Bug #1073
commit 7b4be598c46da33b0fb4addf949ebb8aa7e8ab8a
Author: Victor Julien <victor at inliniac.net>
Date: Fri Dec 20 14:19:23 2013 +0100
radix: don't modify node prefix on lookup
The radix tree stores user data. However, it had no function to return
this data to the consumers of the API. Instead, on lookup, it would
set a field "user_data_result" in the nodes prefix structure which
could then be read by the caller.
Apart for this not being a very nice design as it exposes API internals
to the caller, it is not thread safe. By updating the global data
structure without any form (or suggestion) of locking, threads could
overwrite the same field unexpectedly.
This patch modifies the lookup logic to get rid of this stored
user_data_result. Instead, all the lookup functions how take an
addition argument: void **user_data_result.
Through this pointer the user data is returned. It's allowed to be
NULL, in this case the user data is ignored.
This is a significant API change, that affects a lot of tests and
callers. These will be updated in follow up patches.
Bug #1073.
-----------------------------------------------------------------------
Summary of changes:
rules/decoder-events.rules | 3 +-
src/app-layer-htp.c | 57 ++---
src/decode-events.h | 1 +
src/decode-ipv4.c | 3 +
src/defrag-config.c | 19 +-
src/detect-engine-event.h | 1 +
src/detect-engine-iponly.c | 140 +++++------
src/flow.h | 9 +
src/reputation.c | 58 +++--
src/source-af-packet.c | 9 +
src/source-erf-dag.c | 5 +
src/source-erf-file.c | 5 +
src/source-ipfw.c | 5 +
src/source-mpipe.c | 5 +
src/source-napatech.c | 5 +
src/source-nfq.c | 5 +
src/source-pcap-file.c | 5 +
src/source-pcap.c | 5 +
src/source-pfring.c | 5 +
src/util-host-os-info.c | 26 ++-
src/util-radix-tree.c | 595 ++++++++++++++++++++------------------------
src/util-radix-tree.h | 32 +--
src/util-validate.h | 22 +-
23 files changed, 505 insertions(+), 515 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list