[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.2beta1-90-gdb1c47c

OISF Git noreply at openinfosecfoundation.org
Wed Oct 26 10:46:55 UTC 2016

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  db1c47cb6e5cea4db5828fac9fa5396d85df6e8a (commit)
       via  51bb1f0d7774351d00c6c1257cc20603ae18391c (commit)
       via  059b25b56474ffe3cc0f1811056a99ef321c75cb (commit)
       via  321fb6463e0e8e6cf20c53dfdc28f83fc1b7e7de (commit)
       via  e4b2729399d2fbd1499983006f75017e74dfc131 (commit)
       via  629fa3034587ef8010e4f559ffa03dcfaa4b626d (commit)
       via  d8acf3542dec7265f4da7d33e22f3de2c3a39596 (commit)
       via  e0000eb58da21eb04c9e85a3f942c642e579b9da (commit)
      from  0d4b93cafde51332bf2b36fb9ab98e9bf181a954 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit db1c47cb6e5cea4db5828fac9fa5396d85df6e8a
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Oct 26 10:33:55 2016 +0200

    multi-tenant: make less verbose

commit 51bb1f0d7774351d00c6c1257cc20603ae18391c
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Oct 25 20:58:53 2016 +0200

    multi-tenants: fix minor memleak

commit 059b25b56474ffe3cc0f1811056a99ef321c75cb
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Oct 26 10:34:28 2016 +0200

    detect: suppress debug message for reloads

commit 321fb6463e0e8e6cf20c53dfdc28f83fc1b7e7de
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 20 14:21:53 2016 +0200

    vars: small cleanups

commit e4b2729399d2fbd1499983006f75017e74dfc131
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Oct 25 14:31:41 2016 +0200

    nfq: support bypass for rebuilt fragment packets

commit 629fa3034587ef8010e4f559ffa03dcfaa4b626d
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Oct 25 14:25:55 2016 +0200

    nfq_set_mask: set mark on root pkt for tunnels

commit d8acf3542dec7265f4da7d33e22f3de2c3a39596
Author: Eric Leblond <eric at regit.org>
Date:   Wed Oct 19 22:05:25 2016 +0200

    source-nfq: document bypass function

commit e0000eb58da21eb04c9e85a3f942c642e579b9da
Author: Eric Leblond <eric at regit.org>
Date:   Wed Oct 12 22:18:12 2016 +0200

    source-nfq: fix tunnel mark callback algorithm
    In case of a tunnel packet, adding a mark to the root packet will have
    for consequence to bypass all the flows that are hosted in this tunnel.
    This is not the attended behavior and as initial fix let's simply warn
    suricata that bypass for NFQ is not possible for this kind of packets.
    This patch also fixes a segfault. The root packet was accessed even if it is
    NULL causing a NULL dereference:
    ==24408==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000060 (pc 0x00000076f948 bp 0x7f435c000240 sp 0x7f435c000220 T5)
    ==24408==AddressSanitizer: while reporting a bug found another one. Ignoring.
        #0 0x76f947 in NFQBypassCallback /home/victor/dev/suricata/src/source-nfq.c:510
        #1 0x4d0f02 in PacketBypassCallback /home/victor/dev/suricata/src/decode.c:395
        #2 0x7b8a95 in StreamTcpPacket /home/victor/dev/suricata/src/stream-tcp.c:4661
        #3 0x7b9ddd in StreamTcp /home/victor/dev/suricata/src/stream-tcp.c:4913
        #4 0x68fa50 in FlowWorker /home/victor/dev/suricata/src/flow-worker.c:194
        #5 0x7f0abd in TmThreadsSlotVarRun /home/victor/dev/suricata/src/tm-threads.c:128
        #6 0x7f2958 in TmThreadsSlotVar /home/victor/dev/suricata/src/tm-threads.c:585
        #7 0x7f436368e6f9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76f9)
        #8 0x7f4362802b5c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x106b5c)
    AddressSanitizer can not provide additional info.
    SUMMARY: AddressSanitizer: SEGV /home/victor/dev/suricata/src/source-nfq.c:510 NFQBypassCallback
    Thread T5 (W#04) created by T0 (Suricata-Main) here:
        #0 0x7f4364ff2253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
        #1 0x7f9c48 in TmThreadSpawn /home/victor/dev/suricata/src/tm-threads.c:1843
        #2 0x8da7c0 in RunModeSetIPSAutoFp /home/victor/dev/suricata/src/util-runmodes.c:519
        #3 0x73e3ff in RunModeIpsNFQAutoFp /home/victor/dev/suricata/src/runmode-nfq.c:74
        #4 0x7503fa in RunModeDispatch /home/victor/dev/suricata/src/runmodes.c:382
        #5 0x7e5cb3 in main /home/victor/dev/suricata/src/suricata.c:2547
        #6 0x7f436271c82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)


Summary of changes:
 src/detect-engine-loader.c |  1 +
 src/detect-engine.c        | 16 ++++++++--------
 src/detect-mark.c          | 20 +++++++++++++++++---
 src/detect.c               |  2 +-
 src/source-nfq.c           | 26 ++++++++++++++++++--------
 src/util-var-name.c        |  7 +++----
 src/util-var-name.h        |  6 ++++--
 7 files changed, 52 insertions(+), 26 deletions(-)


More information about the Oisf-devel mailing list