[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta3-204-g04ccfda
OISF Git
noreply at openinfosecfoundation.org
Thu Apr 30 14:37:05 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 04ccfda6398820ccc570497ea76aea5966dc368c (commit)
via 97a2d1ac267a13b6c623bf57ad1b8ad8d95290a1 (commit)
via 11d6770ae4814a7b61fd53bdf9ec02a20c1b482d (commit)
via 75d21851cf9492ccca56432e3774bf274b3bf270 (commit)
via 0376b60da91230e5dcb9aafa014a1476e30b2ec4 (commit)
via bd67000b6980555d2232569f986127e4ec7d08cf (commit)
via 7b8184947ac6a32a2a23ff29042e716febf90829 (commit)
via 91ddf85323f66fa62ae8277ba2826a413139479c (commit)
via 1a83fee5f561d0f32f00e3bf59da2f655b96b526 (commit)
via 54d5e2eed5921f42fe44b8c414a440593dd9a47a (commit)
via b9aaf5a9ab5f38c9a77b9482b08876c1a35b25fb (commit)
from 94321b8a2f797002b65846d7810b32974a06845e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 04ccfda6398820ccc570497ea76aea5966dc368c
Author: Victor Julien <victor at inliniac.net>
Date: Mon Apr 13 12:12:46 2015 +0200
pcap: implement LINKTYPE_NULL
Implement LINKTYPE_NULL for pcap live and pcap file.
From: http://www.tcpdump.org/linktypes.html
"BSD loopback encapsulation; the link layer header is a 4-byte field,
in host byte order, containing a PF_ value from socket.h for the
network-layer protocol of the packet.
Note that ``host byte order'' is the byte order of the machine on
which the packets are captured, and the PF_ values are for the OS
of the machine on which the packets are captured; if a live capture
is being done, ``host byte order'' is the byte order of the machine
capturing the packets, and the PF_ values are those of the OS of
the machine capturing the packets, but if a ``savefile'' is being
read, the byte order and PF_ values are not necessarily those of
the machine reading the capture file."
Feature ticket #1445
commit 97a2d1ac267a13b6c623bf57ad1b8ad8d95290a1
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Thu Apr 16 21:28:03 2015 -0700
fix reputation parser so that it accepts ipv6 addresses in configuration file.
commit 11d6770ae4814a7b61fd53bdf9ec02a20c1b482d
Author: Jason Ish <ish at unx.ca>
Date: Mon Apr 20 12:12:55 2015 -0600
afl - SCHINfoLoadFromConfig - check for NULL before parsing.
Found by AFL on suricata.yaml.
commit 75d21851cf9492ccca56432e3774bf274b3bf270
Author: Jason Ish <ish at unx.ca>
Date: Mon Apr 20 11:47:18 2015 -0600
afl - Don't fail if app-layer proto enabled value is NULL.
Found by using AFL on suricata.yaml.
commit 0376b60da91230e5dcb9aafa014a1476e30b2ec4
Author: Eric Leblond <eric at regit.org>
Date: Wed Apr 29 14:57:53 2015 +0200
email-json: free temporary 'cc' string
commit bd67000b6980555d2232569f986127e4ec7d08cf
Author: Eric Leblond <eric at regit.org>
Date: Wed Apr 29 14:57:07 2015 +0200
email-json: free temporary 'to' string
commit 7b8184947ac6a32a2a23ff29042e716febf90829
Author: Eric Leblond <eric at regit.org>
Date: Wed Apr 29 15:43:47 2015 +0200
app-layer-smtp: fix SMTPTransactionFree function
A typo was causing some freeing tasks not to be executed.
commit 91ddf85323f66fa62ae8277ba2826a413139479c
Author: Victor Julien <victor at inliniac.net>
Date: Wed Apr 29 23:34:44 2015 +0200
profiling: fix sorting on very long runs
Fix poor int handling breaking sorts of profiling on long runs
where the numbers could get really big.
commit 1a83fee5f561d0f32f00e3bf59da2f655b96b526
Author: Victor Julien <victor at inliniac.net>
Date: Wed Apr 29 15:51:19 2015 +0200
xbits: fix coverity warnings
Switch statement would contain NOALERT even though this was
unreachable.
commit 54d5e2eed5921f42fe44b8c414a440593dd9a47a
Author: Victor Julien <victor at inliniac.net>
Date: Wed Apr 29 15:38:39 2015 +0200
coverity fix: don't do pointer check on static array
commit b9aaf5a9ab5f38c9a77b9482b08876c1a35b25fb
Author: Victor Julien <victor at inliniac.net>
Date: Wed Apr 29 15:03:23 2015 +0200
Fix potential deadlock in output
Coverity:
** CID 1296115: Program hangs (ORDER_REVERSAL)
/src/tm-threads.c: 1670 in TmThreadClearThreadsFamily()
The problem is with the by default unused '%m' output parameter.
To get the thread vars it takes the tv_root_lock. This may already
be locked by the calling thread. Also, it could lead to a case of
wrong lock order between the tv_root_lock and the thread_store_lock.
Very unlikely to happen though.
As the %m param isn't really used (by default) this patch just
disables it.
-----------------------------------------------------------------------
Summary of changes:
rules/decoder-events.rules | 7 ++-
src/Makefile.am | 1 +
src/app-layer-detect-proto.c | 21 +++++----
src/app-layer-smtp.c | 4 +-
src/decode-events.h | 4 ++
src/decode-null.c | 89 +++++++++++++++++++++++++++++++++++++++
src/{tmqh-nfq.h => decode-null.h} | 10 ++---
src/decode.c | 2 +
src/decode.h | 8 ++++
src/detect-engine-event.h | 4 ++
src/detect-flowbits.c | 4 +-
src/detect-hostbits.c | 4 +-
src/detect-xbits.c | 4 +-
src/output-json-email-common.c | 2 +
src/reputation.c | 69 +++++++++++++++++++++---------
src/source-pcap-file.c | 3 ++
src/source-pcap.c | 3 ++
src/util-classification-config.c | 2 +-
src/util-debug.c | 10 ++++-
src/util-host-os-info.c | 2 +-
src/util-profiling-rules.c | 35 ++++++++++++---
21 files changed, 229 insertions(+), 59 deletions(-)
create mode 100644 src/decode-null.c
copy src/{tmqh-nfq.h => decode-null.h} (86%)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list