[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.1.2-12-g471b61a

OISF Git noreply at openinfosecfoundation.org
Mon Sep 19 10:02:08 UTC 2016

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  471b61a0e1f7f27977d16cdb6081e783c3a4a50c (commit)
       via  82282a9e6840a34b4aece83456a548fadbfad7c0 (commit)
       via  71c8d1f46c6adeafa31f46f105f875a96e94b938 (commit)
       via  519b2970ec5618ef7e86748a7f762e2a9669f2ab (commit)
       via  ed90a16e8986d46686efbc608b2c9611db90034d (commit)
       via  4324805478dabb699a1650490c89023c0a695b70 (commit)
       via  17e70483c568a4b5b14d17542b9a7f4ea07e7ddf (commit)
       via  3c5d8e65d4060494a3e74702e795b0301c0024c3 (commit)
       via  c4945607e3de78a32c83b8a45cb2c10639d29754 (commit)
       via  24f2387b238e4d82ea0a9a1ec5eb12b8238b022e (commit)
       via  1cdd062dc64768c3fec04a1c14837481813fde3b (commit)
       via  65fd09a39939c303f0e6e3ae7f9f46857f555232 (commit)
      from  ae116871ad13bd132df9ff69a27a32b7484edae7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 471b61a0e1f7f27977d16cdb6081e783c3a4a50c
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Sep 19 09:12:28 2016 +0200

    magic: fix broken tests after CentOS6 update

commit 82282a9e6840a34b4aece83456a548fadbfad7c0
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Sep 12 18:10:51 2016 +0200

    mpls: add missing event type + rule

commit 71c8d1f46c6adeafa31f46f105f875a96e94b938
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Sep 8 10:39:51 2016 +0200

    bpf: fix file parsing memory handling
    Fix improper fread string handling. Improve error handling.
    Skip trailing spaces for slightly more pretty printing.
    Coverity CID 400763.
    Thanks to Steve Grubb for helping address this issue.

commit 519b2970ec5618ef7e86748a7f762e2a9669f2ab
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Sep 1 15:06:11 2016 +0200

    detect: don't print (null) in --list-keywords=all

commit ed90a16e8986d46686efbc608b2c9611db90034d
Author: Eric Leblond <eric at regit.org>
Date:   Fri Sep 16 13:34:09 2016 +0200

    detect: fix setup for some keywords
    Fix problems found by siginit.cocci.

commit 4324805478dabb699a1650490c89023c0a695b70
Author: Eric Leblond <eric at regit.org>
Date:   Fri Sep 16 11:47:20 2016 +0200

    coccinelle: add siginit test
    Add a test that check an inversion during keyword setup where
    we add a sigmatch to a signature and then do error handling on it.
    This was causing a double free of some elements and ultimately a
    Proposed-by: Victor Julien <victor at inliniac.net>

commit 17e70483c568a4b5b14d17542b9a7f4ea07e7ddf
Author: Jason Ish <ish at unx.ca>
Date:   Thu Sep 15 11:19:12 2016 -0600

    detect-flowbits: more unittest macro usage
    Also cleanup some tests by removing extra code after a test was
    determined to fail.

commit 3c5d8e65d4060494a3e74702e795b0301c0024c3
Author: Jason Ish <ish at unx.ca>
Date:   Thu Sep 15 10:40:22 2016 -0600

    hostbits: use new unittest macros

commit c4945607e3de78a32c83b8a45cb2c10639d29754
Author: Jason Ish <ish at unx.ca>
Date:   Tue Sep 13 17:09:58 2016 -0600

    hostbits: fail parse on unexpected trailing data
    Address issue https://redmine.openinfosecfoundation.org/issues/1889
    for hostbits. This involves updating the regular expresssion
    to capture any trailing data as the regex already keeps
    spaces out of the name.
    A unit test was converted to new macros to find out which
    line it was failing at after updating regex.

commit 24f2387b238e4d82ea0a9a1ec5eb12b8238b022e
Author: Jason Ish <ish at unx.ca>
Date:   Tue Sep 13 10:57:09 2016 -0600

    flowbits: validate that there are no spaces in the name
    Fixes issue: https://redmine.openinfosecfoundation.org/issues/1889
    To catch the issue where the ';' is missing we have to expand the
    regex to capture the whole name string, not just the leading
    valid stuff. Then verify that there are no spaces in the name
    (Snort has the same restriction) and fail if there is.

commit 1cdd062dc64768c3fec04a1c14837481813fde3b
Author: Eric Leblond <eric at regit.org>
Date:   Wed Sep 14 15:09:47 2016 +0200

    unix-manager: fix output of version command
    Make it consistent with the output of version command line flag.

commit 65fd09a39939c303f0e6e3ae7f9f46857f555232
Author: Andreas Herz <andi at geekosphere.org>
Date:   Wed Sep 7 22:17:01 2016 +0200

    rule-parsing: reject unescaped double quote within content section


Summary of changes:
 qa/coccinelle/siginit.cocci |  26 +++
 rules/decoder-events.rules  |   3 +-
 src/decode-events.c         |   1 +
 src/detect-content.c        |  25 +++
 src/detect-dce-iface.c      |   4 +-
 src/detect-dce-opnum.c      |   4 +-
 src/detect-fileext.c        |   4 +-
 src/detect-filemd5.c        |   4 +-
 src/detect-filename.c       |   4 +-
 src/detect-filesize.c       |   4 +-
 src/detect-flowbits.c       | 469 ++++++--------------------------------------
 src/detect-hostbits.c       | 353 ++++++++-------------------------
 src/detect-ssl-version.c    |   4 +-
 src/detect-tls-version.c    |   4 +-
 src/detect.c                |   6 +-
 src/suricata.c              |  26 ++-
 src/unix-manager.c          |   2 +-
 src/util-magic.c            |  50 ++---
 18 files changed, 247 insertions(+), 746 deletions(-)
 create mode 100644 qa/coccinelle/siginit.cocci


More information about the Oisf-devel mailing list