[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.0-70-g7a29aa1

OISF Git noreply at openinfosecfoundation.org
Thu Feb 25 11:35:55 UTC 2016

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  7a29aa116ed47e869fd1f82ad2847f2abaf5ec65 (commit)
       via  609cdff540c1ebd2a5a87988a4eba81f2802661a (commit)
       via  3c788a8c176fd2980cdb51db7d5c23fc1749280a (commit)
       via  53af48f021ac018aaa2d0d953355110cfd5cb047 (commit)
       via  0dbbe016d61ed87cabb90887fdc51b340facfa25 (commit)
       via  c467c39b61c406ab6f61693501b8e3e107f5a4b8 (commit)
      from  154891cf2619ed171388ac13747be38b72b216e1 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7a29aa116ed47e869fd1f82ad2847f2abaf5ec65
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date:   Wed Feb 24 09:28:41 2016 +0100

    http: close file when http body limit is reached
    In some conditions, if stream.reassembly.depth is greater than
    request/response-body-limit size, the logging output is wrong
    if filestore keyword is used with http.
    For example, we get:
    {... "app_proto":"http","fileinfo":{"filename":"\/file.pdf","state":"CLOSED","stored":false,"size":1049292,"tx_id":0}}
    "state":"CLOSED","stored":false should be "state":"TRUNCATED","stored":true.
    This happens because the file state and file flags,
    which is the information that determine a correct output,
    are not set properly since a file is logged before and then closed (HTPFileClose).
    The logic of this patch is to close a file when we are above
    the limits, such that the proper state and flags can be set
    and the file will be logged correctly.

commit 609cdff540c1ebd2a5a87988a4eba81f2802661a
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Feb 24 16:19:13 2016 +0100

    json-drop-log: clean up memory at shutdown

commit 3c788a8c176fd2980cdb51db7d5c23fc1749280a
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Feb 24 13:39:10 2016 +0100

    flowbits: remove unused debugging code

commit 53af48f021ac018aaa2d0d953355110cfd5cb047
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Feb 24 12:45:47 2016 +0100

    flowbits: fix memory leak
    Flowbits removed from a flow by 'toggle' or 'unset' were not actually
    freed, leading a small memory leak.

commit 0dbbe016d61ed87cabb90887fdc51b340facfa25
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Feb 24 10:50:06 2016 +0100

    flowbits: optimize set and remove

commit c467c39b61c406ab6f61693501b8e3e107f5a4b8
Author: Andreas Herz <andi at geekosphere.org>
Date:   Tue Feb 23 23:27:59 2016 +0100

    build-info: workaround special _FORTIFY_SOURCE defines
    On systems like Gentoo where _FORTIFY_SOURCE is already defined like
    FORTIFY_SOURCE=((defined __OPTIMIZE && OPTIMIZE > 0) ? 2 : 0) the use
    within the printf function (%d) won't result in the correct value and
    we end up with 'defined' undeclared compile error. This workaround makes
    sure that just the resolved value is checked and then printed.


Summary of changes:
 src/app-layer-htp.c    |  6 ++++++
 src/flow-bit.c         | 50 +++++---------------------------------------------
 src/flow-private.h     |  9 ---------
 src/flow.c             |  4 ----
 src/output-json-drop.c | 24 +++++++++++++-----------
 src/suricata.c         | 15 +++++++++++++--
 6 files changed, 37 insertions(+), 71 deletions(-)


More information about the Oisf-devel mailing list