[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0rc1-33-gdf927f7

OISF Git noreply at openinfosecfoundation.org
Thu Feb 27 14:38:20 UTC 2014


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  df927f7ea89b0652dd140bf2633422a76a00c9ab (commit)
       via  82ae41d320fac6739695ab7cc31cbc3f08dc1d25 (commit)
       via  fd6fd9ce4869c13141f3a0c36fa351687e29b5f3 (commit)
       via  bb4def7949e04322f5ae254683494b258f128cfa (commit)
       via  9eed83c62b5446abcddd596d47d45f26230e77d2 (commit)
       via  3f49eb843d68ddbfe09a3dacb304f9b27e748d20 (commit)
       via  3ce39433dd3607aa86d473b0b8e3514061940954 (commit)
       via  6630456a67f80af368a41137dc3e1025a9bfae8c (commit)
      from  f9213d7cc67cacef6b234fb105a08806f7f394ad (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit df927f7ea89b0652dd140bf2633422a76a00c9ab
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Feb 27 14:31:46 2014 +0100

    unittest: fix mutex unlock w/o a lock
    
    Fixes an error in a test. SCMutexUnlock was called w/o a prior
    SCMutexLock.

commit 82ae41d320fac6739695ab7cc31cbc3f08dc1d25
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Feb 27 13:23:45 2014 +0100

    pool: on Init() error, properly clean up
    
    In the stream engine, Init() can fail if the memcap is reached. In this
    case the segment was not freed by PoolGet:
    
    ==8600== Thread 1:
    ==8600== 70,480 bytes in 1,762 blocks are definitely lost in loss record 611 of 612
    ==8600==    at 0x4C2A2DB: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==8600==    by 0x914CC8: TcpSegmentPoolAlloc (stream-tcp-reassemble.c:166)
    ==8600==    by 0xA0D315: PoolGet (util-pool.c:297)
    ==8600==    by 0x9302CD: StreamTcpGetSegment (stream-tcp-reassemble.c:3768)
    ==8600==    by 0x921FE8: StreamTcpReassembleHandleSegmentHandleData (stream-tcp-reassemble.c:1873)
    ==8600==    by 0x92EEDA: StreamTcpReassembleHandleSegment (stream-tcp-reassemble.c:3584)
    ==8600==    by 0x8D3BB1: HandleEstablishedPacketToServer (stream-tcp.c:1969)
    ==8600==    by 0x8D7F98: StreamTcpPacketStateEstablished (stream-tcp.c:2323)
    ==8600==    by 0x8F13B8: StreamTcpPacket (stream-tcp.c:4243)
    ==8600==    by 0x8F2537: StreamTcp (stream-tcp.c:4485)
    ==8600==    by 0x95DFBB: TmThreadsSlotVarRun (tm-threads.c:559)
    ==8600==    by 0x8BE60D: TmThreadsSlotProcessPkt (tm-threads.h:142)
    
    tcp.segment_memcap_drop   | PcapFile                  | 1762
    
    This patch fixes PoolGet to both Cleanup and Free the Alloc'd data in
    case Init fails.

commit fd6fd9ce4869c13141f3a0c36fa351687e29b5f3
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Feb 27 11:35:47 2014 +0100

    Fix memory leak in proto - name mapping
    
    ==15745== 3 bytes in 1 blocks are definitely lost in loss record 5 of 615
    ==15745==    at 0x4C2A2DB: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==15745==    by 0x71858C1: strdup (strdup.c:42)
    ==15745==    by 0xA20814: SCProtoNameInit (util-proto-name.c:75)
    ==15745==    by 0x952D1B: PostConfLoadedSetup (suricata.c:1983)
    ==15745==    by 0x9537CD: main (suricata.c:2112)
    
    Also, clean up and add a check to make sure it's initialized only once.

commit bb4def7949e04322f5ae254683494b258f128cfa
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Feb 27 10:59:50 2014 +0100

    lua: fix minor memory leak
    
    The full path of the script names is stored in a buffer that wasn't
    freed at exit.
    
    ==24195== 41 bytes in 1 blocks are definitely lost in loss record 300 of 613
    ==24195==    at 0x4C2A2DB: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==24195==    by 0x565D06: DetectLoadCompleteSigPath (detect.c:251)
    ==24195==    by 0x7CABE8: DetectLuajitParse (detect-luajit.c:595)
    ==24195==    by 0x7CD2AE: DetectLuajitSetup (detect-luajit.c:827)
    ==24195==    by 0x7DC273: SigParseOptions (detect-parse.c:547)
    ==24195==    by 0x7DDC75: SigParse (detect-parse.c:856)
    ==24195==    by 0x7E1C2B: SigInitHelper (detect-parse.c:1336)
    ==24195==    by 0x7E2968: SigInit (detect-parse.c:1559)
    ==24195==    by 0x7E37B1: DetectEngineAppendSig (detect-parse.c:1831)
    ==24195==    by 0x566D17: DetectLoadSigFile (detect.c:335)
    ==24195==    by 0x567636: SigLoadSignatures (detect.c:423)
    ==24195==    by 0x951A97: LoadSignatures (suricata.c:1816)
    
    This patch frees the buffer.

commit 9eed83c62b5446abcddd596d47d45f26230e77d2
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Feb 27 10:55:01 2014 +0100

    profiling: fix memory leak
    
    For packets that were freed, not recycled, profiling memory wasn't
    freed:
    
    ==15745== 13,312 bytes in 8 blocks are definitely lost in loss record 611 of 615
    ==15745==    at 0x4C2C494: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==15745==    by 0xA190D5: SCProfilePacketStart (util-profiling.c:963)
    ==15745==    by 0x4E4345: PacketGetFromAlloc (decode.c:134)
    ==15745==    by 0x83FE75: FlowForceReassemblyPseudoPacketGet (flow-timeout.c:276)
    ==15745==    by 0x8413BF: FlowForceReassemblyForHash (flow-timeout.c:588)
    ==15745==    by 0x841897: FlowForceReassembly (flow-timeout.c:716)
    ==15745==    by 0x9540F6: main (suricata.c:2296)
    ==15745==
    ==15745== 14,976 bytes in 9 blocks are definitely lost in loss record 612 of 615
    ==15745==    at 0x4C2C494: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==15745==    by 0xA190D5: SCProfilePacketStart (util-profiling.c:963)
    ==15745==    by 0x4E4345: PacketGetFromAlloc (decode.c:134)
    ==15745==    by 0x83FE75: FlowForceReassemblyPseudoPacketGet (flow-timeout.c:276)
    ==15745==    by 0x841508: FlowForceReassemblyForHash (flow-timeout.c:620)
    ==15745==    by 0x841897: FlowForceReassembly (flow-timeout.c:716)
    ==15745==    by 0x9540F6: main (suricata.c:2296)
    
    This patch addresses that.

commit 3f49eb843d68ddbfe09a3dacb304f9b27e748d20
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Jan 7 11:56:23 2014 +0100

    lock profiling: fix memory leak
    
    If lock profiling was compiled in, but disabled in the config a
    serious memory leak condition was triggered.
    
    Valgrind output:
    
    ==11169== 9,091,248 bytes in 189,401 blocks are definitely lost in loss record 564 of 564
    ==11169==    at 0x4C2A2DB: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==11169==    by 0xABC44C: LockRecordAdd (util-profiling-locks.c:112)
    ==11169==    by 0xABC950: SCProfilingAddPacketLocks (util-profiling-locks.c:141)
    ==11169==    by 0xA04CD5: TmThreadsSlotVarRun (tm-threads.c:562)
    ==11169==    by 0x958793: TmThreadsSlotProcessPkt (tm-threads.h:142)
    ==11169==    by 0x9599C3: PcapFileCallbackLoop (source-pcap-file.c:172)
    ==11169==    by 0x56FC130: ??? (in /usr/lib/x86_64-linux-gnu/libpcap.so.1.4.0)
    ==11169==    by 0x959D24: ReceivePcapFileLoop (source-pcap-file.c:210)
    ==11169==    by 0xA05B9E: TmThreadsSlotPktAcqLoop (tm-threads.c:703)
    ==11169==    by 0x6155F6D: start_thread (pthread_create.c:311)
    ==11169==    by 0x6E399CC: clone (clone.S:113)

commit 3ce39433dd3607aa86d473b0b8e3514061940954
Author: Eric Leblond <eric at regit.org>
Date:   Thu Feb 27 11:47:38 2014 +0100

    capture: use 64 bits counters
    
    Some of the packets counters were using a 32bit integer. Given the
    bandwidth that is often seen, this is not a good idea. This patch
    switches to 64bit counter.

commit 6630456a67f80af368a41137dc3e1025a9bfae8c
Author: Eric Leblond <eric at regit.org>
Date:   Thu Feb 27 11:41:07 2014 +0100

    af-packet: fix livedev packets counter
    
    Packets counter is incremented in AFPDumpCounters and it was
    also incremented during packet reading. The result was a value
    that is twice the expected result.
    
    Spotted-by: Victor Julien <victor at inliniac.net>

-----------------------------------------------------------------------

Summary of changes:
 src/decode.h               |    1 +
 src/detect-luajit.c        |    2 ++
 src/detect.c               |    1 -
 src/source-af-packet.c     |   11 +++++------
 src/source-pfring.c        |    4 ++--
 src/util-device.c          |    2 +-
 src/util-device.h          |    6 +++---
 src/util-pool.c            |    9 ++++++++-
 src/util-profiling-locks.c |    4 ++++
 src/util-proto-name.c      |   29 ++++++++++++++++++++---------
 10 files changed, 46 insertions(+), 23 deletions(-)


hooks/post-receive
-- 
OISF


More information about the Oisf-devel mailing list