[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.0-132-gc0b16fa

OISF Git noreply at openinfosecfoundation.org
Wed Mar 9 12:42:47 UTC 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  c0b16fa2bb624291274a8f05cc2b56cc2d44df9e (commit)
       via  8f4eff5f5030ae921d3e68cd6b6a40ee7bd52215 (commit)
       via  4e90b54666956785fdb05fe3fd43138f63d50cfa (commit)
       via  3ac1468c1bf8d9c062e63fcc5e71d15f6ed8e5eb (commit)
      from  c8399e8c51916d307dd7815999672617f2e4d7be (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c0b16fa2bb624291274a8f05cc2b56cc2d44df9e
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 8 20:29:09 2016 +0100

    detect: allow for more than 64k mpm rules

commit 8f4eff5f5030ae921d3e68cd6b6a40ee7bd52215
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 8 16:15:45 2016 +0100

    defrag: fix bad packet error handling
    
    When defrag creates a new reassembled IP packet, it then passes this
    packet to the IP decoder. If this decoder returns an error the packet
    is returned back to the packet pool with a call to TmqhOutputPacketpool
    
    This lead to the first problem. The returned packet had it's p->root
    pointer set, and it's PKT_TUNNEL flag set. This could cause problems
    in TmqhOutputPacketpool, as this may reference the packet referenced
    in p->root.
    
    The second and more glaring problem is that the packet that was
    returned to the packetpool, was still returned by the Defrag function
    and processed further. It would then at the end of it's processing
    be returned to the packet pool, which at this point already had a
    reference to this packet.
    
    This patch fixes both issues by unsetting the tunnel references and
    returning NULL from Defrag in this case.

commit 4e90b54666956785fdb05fe3fd43138f63d50cfa
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 8 15:21:03 2016 +0100

    packet pool: make sure packet next ptr is always set

commit 3ac1468c1bf8d9c062e63fcc5e71d15f6ed8e5eb
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 8 15:13:03 2016 +0100

    packet pool: turn bad check into BUG_ON

-----------------------------------------------------------------------

Summary of changes:
 src/defrag.c            |  8 ++++++++
 src/detect-content.h    |  4 ++--
 src/detect-engine-mpm.c | 12 ++++++------
 src/detect.h            |  2 +-
 src/packet-queue.c      |  7 ++++---
 src/suricata-common.h   |  2 +-
 src/tmqh-packetpool.c   |  1 +
 src/util-mpm-ac-bs.c    |  2 +-
 src/util-mpm-ac-bs.h    |  2 +-
 src/util-mpm-ac-gfbs.c  |  2 +-
 src/util-mpm-ac-gfbs.h  |  2 +-
 src/util-mpm-ac.c       |  2 +-
 src/util-mpm-ac.h       |  4 ++--
 13 files changed, 30 insertions(+), 20 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list