[Oisf-devel] [COMMIT] OISF branch, master-2.0.x, updated. suricata-2.0.10-17-g1875434

OISF Git noreply at openinfosecfoundation.org
Mon Dec 21 11:22:41 UTC 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master-2.0.x has been updated
       via  18754346b08b554d761bfa19e71a64e06a6f6a2b (commit)
       via  564cf7e5b043911f3ff05a49721a92f11496d3c4 (commit)
       via  3688255d928a3870fff0e108a4350e5992fbb9ca (commit)
       via  02736c226afecdda86db224b75729c98d652ccf9 (commit)
       via  0dfef336988c6eb84a8869707d8d53ef530a7a23 (commit)
       via  3548fa4e660333e27ae18edc4fc0fff4343ade3b (commit)
       via  08e9c223219857565d57b937b7ca7e44271ccc89 (commit)
       via  b017af3b7b60fda373b92186e1f9ed8764b270cd (commit)
       via  d830e772f225dba317229fd28449f571846d3397 (commit)
       via  c4c0153d0f7c08f708236e3e7ec98086ae02acda (commit)
       via  84d37f91f6859b746f2bfa15fbb1bcd3c66746ec (commit)
       via  1a50dd50fd22c856e0c96aacbd708559014e9c97 (commit)
       via  7e32046635a29f80fc8e059de31745b56f187a4a (commit)
       via  32c9224466f562991ad2f10223d68f81c3f43af8 (commit)
       via  91668fe721d51066a0538bc54640b53c98a303ed (commit)
       via  cbcf1e18f244bb6046a6d02ac9bf365be481966a (commit)
       via  3854326271d235756101b35a3270b4949af088d4 (commit)
      from  1431ff6fc344c7e9ec842ec74fc02559fd2d5003 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 18754346b08b554d761bfa19e71a64e06a6f6a2b
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Dec 18 14:34:24 2015 +0100

    pfring: fix leaking memory on init failures

commit 564cf7e5b043911f3ff05a49721a92f11496d3c4
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Dec 18 11:03:40 2015 +0100

    pcap: fix setup failure memleak on libpcap < 1.0

commit 3688255d928a3870fff0e108a4350e5992fbb9ca
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Dec 18 11:07:36 2015 +0100

    prelude: clean up memory on setup failure

commit 02736c226afecdda86db224b75729c98d652ccf9
Author: Eric Leblond <eric at regit.org>
Date:   Mon Dec 7 12:08:16 2015 +0100

    prelude: fix thread safeness
    
    Prelude analyzer is not thread safe so we need to have one
    analyzer per thread.

commit 0dfef336988c6eb84a8869707d8d53ef530a7a23
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Dec 16 11:02:15 2015 +0100

    icmpv4: remove unused header fields

commit 3548fa4e660333e27ae18edc4fc0fff4343ade3b
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Dec 16 10:49:50 2015 +0100

    icmpv4: remove unused declarations

commit 08e9c223219857565d57b937b7ca7e44271ccc89
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Dec 16 10:50:50 2015 +0100

    icmpv4: harden embedded packet handling

commit b017af3b7b60fda373b92186e1f9ed8764b270cd
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Dec 16 10:45:05 2015 +0100

    icmpv4: improve dest unreachable logic
    
    When a ICMPv4 destination unreachable packet contains an embedded packet
    this packet is parsed. When it's found to be invalid, the whole ICMP
    packet is tagged as invalid.
    
    In some cases the unreachable packet would still be used.
    
    This patch fixes this by checking the packet is invalid flag as well
    in the ICMPV4_DEST_UNREACH_IS_VALID macro.

commit d830e772f225dba317229fd28449f571846d3397
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Dec 17 13:25:02 2015 +0100

    DER decoder: don't use strlcpy on non-strings

commit c4c0153d0f7c08f708236e3e7ec98086ae02acda
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Aug 27 18:57:48 2015 +0200

    detect: fix issue with smsg and seq wraps
    
    Due to a broken sequence number check, detect could fail to process
    smsgs in case of a sequence wrap. This could lead to excessive use
    of smsg's but also of segments, since these aren't cleared until the
    smsg containing them is.

commit 84d37f91f6859b746f2bfa15fbb1bcd3c66746ec
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Dec 11 16:05:42 2015 +0100

    http: more sane body inspection/tracking defaults

commit 1a50dd50fd22c856e0c96aacbd708559014e9c97
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Dec 10 16:12:05 2015 +0100

    http: improve body pruning
    
    In case the body wasn't inspected the body_inspected variable wouldn't
    get updated leading to the body not getting pruned at all.
    
    This patch adds support for this case.

commit 7e32046635a29f80fc8e059de31745b56f187a4a
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Dec 10 09:58:52 2015 +0100

    ips/drop-log: fix crash on logging drops
    
    When logging drops for fragmented UDP packets, triggered by detection
    in the reassembled packet, a missing check could lead to access of the
    packets UDP header pointer when it was NULL.

commit 32c9224466f562991ad2f10223d68f81c3f43af8
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Dec 16 15:22:45 2015 +0100

    drop log: cleanups and add icmpv6 type

commit 91668fe721d51066a0538bc54640b53c98a303ed
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Dec 2 11:37:57 2015 +0100

    dns: reject bad response data

commit cbcf1e18f244bb6046a6d02ac9bf365be481966a
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Nov 30 15:46:15 2015 +0100

    smtp: improve handling of bad traffic
    
    No longer fail tracking the SMTP stream when a unexpected reply is
    encountered.
    
    Do not store the unexpected reply.

commit 3854326271d235756101b35a3270b4949af088d4
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Dec 3 17:29:49 2015 +0100

    stream-tcp: bail early on segments before base_seq
    
    In cases where base_seq has moved beyond last_ack, bail early.
    
    Improve bounds checking.

-----------------------------------------------------------------------

Summary of changes:
 src/alert-prelude.c         | 102 +++++++++++++++++++++++++++++++++++++-------
 src/app-layer-dns-tcp.c     |   4 +-
 src/app-layer-htp-body.c    |  36 +++++++++++++---
 src/app-layer-htp-body.h    |   2 +-
 src/app-layer-htp.c         |  12 +++---
 src/app-layer-smtp.c        |   6 ++-
 src/decode-icmpv4.c         |  33 +++++++-------
 src/decode-icmpv4.h         |  18 ++------
 src/detect-engine-hcbd.c    |   9 ++++
 src/detect-engine-hsbd.c    |  13 +++++-
 src/detect.c                |   4 +-
 src/log-droplog.c           |  41 ++++++++++--------
 src/output-json-drop.c      |  28 ++++++------
 src/source-pcap.c           |   1 +
 src/source-pfring.c         |   5 +++
 src/stream-tcp-reassemble.c |  19 +++++++--
 src/util-decode-der.c       |   7 +--
 suricata.yaml.in            |   9 ++--
 18 files changed, 245 insertions(+), 104 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list