[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.1-16-g4111331

OISF Git noreply at openinfosecfoundation.org
Tue Jun 21 21:58:23 UTC 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  4111331ab067c8e6038cf131eb31b2c8350b3ead (commit)
       via  402bdf9b2b76ac56f33d87e6f6a4d51a30ec57c7 (commit)
       via  ab65b6f83b55e12fb05aafcaf51ad9b369b82de5 (commit)
      from  e9a2a341ceda1f1c23918949f483508144a22aea (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 4111331ab067c8e6038cf131eb31b2c8350b3ead
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Jun 21 17:07:15 2016 +0200

    af-packet: minor cleanups

commit 402bdf9b2b76ac56f33d87e6f6a4d51a30ec57c7
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Jun 21 16:43:53 2016 +0200

    af-packet: test if fanout is supported before use
    
    Older system may pretend they can support FANOUT but then fail to
    work at runtime. CentOS6 is an example of this. It would fail to
    start up with the default configuration with errors like:
    
    [15770] 21/6/2016 -- 16:00:13 - (tm-threads.c:2168) <Notice> (TmThreadWaitOnThreadInit) -- all 4 packet processing threads, 4 management threads initialized, engine started.
    [15785] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
    [15785] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
    [15770] 21/6/2016 -- 16:00:13 - (suricata.c:2664) <Notice> (main) -- Signal Received.  Stopping engine.
    [15787] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
    [15788] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
    [15786] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
    [15789] 21/6/2016 -- 16:00:13 - (flow-manager.c:693) <Perf> (FlowManager) -- 0 new flows, 0 established flows were timed out, 0 flows in closed state
    [15787] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
    [15788] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
    [15786] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
    
    This patch adds a test that if run before the number of threads
    is determined. If the test fails, only 1 thread is created.

commit ab65b6f83b55e12fb05aafcaf51ad9b369b82de5
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Jun 21 13:21:54 2016 +0200

    netmap: fix coverity warning 1362789
    
    ** CID 1362789:  Null pointer dereferences  (FORWARD_NULL)
    /src/runmode-netmap.c: 247 in ParseNetmapConfig()
    
    ________________________________________________________________________________________________________
    *** CID 1362789:  Null pointer dereferences  (FORWARD_NULL)
    /src/runmode-netmap.c: 247 in ParseNetmapConfig()
    241         strlcpy(aconf->iface_name, iface_name, sizeof(aconf->iface_name));
    242         SC_ATOMIC_INIT(aconf->ref);
    243         (void) SC_ATOMIC_ADD(aconf->ref, 1);
    244
    245         /* Find initial node */
    246         netmap_node = ConfGetNode("netmap");
    >>>     CID 1362789:  Null pointer dereferences  (FORWARD_NULL)
    >>>     Comparing "netmap_node" to null implies that "netmap_node" might be null.
    247         if (netmap_node == NULL) {
    248             SCLogInfo("Unable to find netmap config using default value");
    249         } else {
    250             if_root = ConfFindDeviceConfig(netmap_node, aconf->iface_name);
    251             if_default = ConfFindDeviceConfig(netmap_node, "default");
    252         }

-----------------------------------------------------------------------

Summary of changes:
 src/runmode-af-packet.c | 23 +++++++++++++++++++----
 src/runmode-netmap.c    | 10 ++++++----
 src/source-af-packet.c  | 33 ++++++++++++++++++++++++++++-----
 src/source-af-packet.h  |  2 ++
 4 files changed, 55 insertions(+), 13 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list