[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.0-70-g7a29aa1
OISF Git
noreply at openinfosecfoundation.org
Thu Feb 25 11:35:55 UTC 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 7a29aa116ed47e869fd1f82ad2847f2abaf5ec65 (commit)
via 609cdff540c1ebd2a5a87988a4eba81f2802661a (commit)
via 3c788a8c176fd2980cdb51db7d5c23fc1749280a (commit)
via 53af48f021ac018aaa2d0d953355110cfd5cb047 (commit)
via 0dbbe016d61ed87cabb90887fdc51b340facfa25 (commit)
via c467c39b61c406ab6f61693501b8e3e107f5a4b8 (commit)
from 154891cf2619ed171388ac13747be38b72b216e1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7a29aa116ed47e869fd1f82ad2847f2abaf5ec65
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Wed Feb 24 09:28:41 2016 +0100
http: close file when http body limit is reached
In some conditions, if stream.reassembly.depth is greater than
request/response-body-limit size, the logging output is wrong
if filestore keyword is used with http.
For example, we get:
{... "app_proto":"http","fileinfo":{"filename":"\/file.pdf","state":"CLOSED","stored":false,"size":1049292,"tx_id":0}}
"state":"CLOSED","stored":false should be "state":"TRUNCATED","stored":true.
This happens because the file state and file flags,
which is the information that determine a correct output,
are not set properly since a file is logged before and then closed (HTPFileClose).
The logic of this patch is to close a file when we are above
the limits, such that the proper state and flags can be set
and the file will be logged correctly.
commit 609cdff540c1ebd2a5a87988a4eba81f2802661a
Author: Victor Julien <victor at inliniac.net>
Date: Wed Feb 24 16:19:13 2016 +0100
json-drop-log: clean up memory at shutdown
commit 3c788a8c176fd2980cdb51db7d5c23fc1749280a
Author: Victor Julien <victor at inliniac.net>
Date: Wed Feb 24 13:39:10 2016 +0100
flowbits: remove unused debugging code
commit 53af48f021ac018aaa2d0d953355110cfd5cb047
Author: Victor Julien <victor at inliniac.net>
Date: Wed Feb 24 12:45:47 2016 +0100
flowbits: fix memory leak
Flowbits removed from a flow by 'toggle' or 'unset' were not actually
freed, leading a small memory leak.
commit 0dbbe016d61ed87cabb90887fdc51b340facfa25
Author: Victor Julien <victor at inliniac.net>
Date: Wed Feb 24 10:50:06 2016 +0100
flowbits: optimize set and remove
commit c467c39b61c406ab6f61693501b8e3e107f5a4b8
Author: Andreas Herz <andi at geekosphere.org>
Date: Tue Feb 23 23:27:59 2016 +0100
build-info: workaround special _FORTIFY_SOURCE defines
On systems like Gentoo where _FORTIFY_SOURCE is already defined like
FORTIFY_SOURCE=((defined __OPTIMIZE && OPTIMIZE > 0) ? 2 : 0) the use
within the printf function (%d) won't result in the correct value and
we end up with 'defined' undeclared compile error. This workaround makes
sure that just the resolved value is checked and then printed.
-----------------------------------------------------------------------
Summary of changes:
src/app-layer-htp.c | 6 ++++++
src/flow-bit.c | 50 +++++---------------------------------------------
src/flow-private.h | 9 ---------
src/flow.c | 4 ----
src/output-json-drop.c | 24 +++++++++++++-----------
src/suricata.c | 15 +++++++++++++--
6 files changed, 37 insertions(+), 71 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list