[Oisf-devel] [COMMIT] OISF branch, master-3.2.x, updated. suricata-3.2.4-13-g7608206

OISF Git noreply at openinfosecfoundation.org
Mon Dec 4 15:59:38 UTC 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master-3.2.x has been updated
       via  7608206ccedd0f2a878b7e30f59cb0eb3c77a42a (commit)
       via  dd015669c7e553491110e5698555116ea3028d00 (commit)
       via  2a1a664f3c8f6587a80109f41b6a8d28a4423f7c (commit)
       via  34e6ad02f231207de438c37c0ba5161c77967842 (commit)
       via  14bf32c031febef495f7caa7ea1d1079bf20880a (commit)
       via  12c880a7783831fde3fbfdc1a3954e2b801bdb23 (commit)
       via  6aafca25ff3396885a572f2c3a7b8ea02a06df20 (commit)
       via  9d77ad50cbd86469f41e7f686675685c6c4555de (commit)
       via  393db61706236364c7b323b5f9fed07225ddfd4c (commit)
       via  723e23dd6781356d20e3f6e4c0b7ed593c126afd (commit)
       via  b6617ede047d4ccd495db6346aa252a615d764ee (commit)
       via  148d6e9fb7845669ecf748a063d5b9a2a34aa6c7 (commit)
       via  f8a4848e986edaa722d38bd3bb87ca4a4d0a59e2 (commit)
      from  055c054b8e71c660dc7f13a446931ad3ca70ba9d (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7608206ccedd0f2a878b7e30f59cb0eb3c77a42a
Author: Victor Julien <victor at inliniac.net>
Date:   Sun Dec 3 22:10:37 2017 +0100

    hosts: release packet references to hosts

commit dd015669c7e553491110e5698555116ea3028d00
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Nov 30 08:04:48 2017 +0100

    detect/flowint: harden code
    
    Make sure packet has a flow.
    
    Related to bug #2288.

commit 2a1a664f3c8f6587a80109f41b6a8d28a4423f7c
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Nov 30 09:07:40 2017 +0100

    detect/flowint: improve unittests
    
    In preparation of fixing bug #2288, make sure the unittests setup
    the flow in the packet properly.

commit 34e6ad02f231207de438c37c0ba5161c77967842
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Nov 30 09:07:20 2017 +0100

    unittest/helpers: add helper to assign flow to packet

commit 14bf32c031febef495f7caa7ea1d1079bf20880a
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Nov 28 10:28:07 2017 +0100

    detect/depth: reject rules with depth smaller than content

commit 12c880a7783831fde3fbfdc1a3954e2b801bdb23
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Nov 27 10:03:46 2017 +0100

    http: allow shinking in HTPRealloc

commit 6aafca25ff3396885a572f2c3a7b8ea02a06df20
Author: Wolfgang Hotwagner <code at feedyourhead.at>
Date:   Sun Nov 19 14:05:04 2017 +0000

    conf: fix NULL-pointer dereference in CoredumpLoadConfig
    
    An empty value for coredump.max-dump in the config-file leads to a segfault because of a NULL-pointer dereference in CoredumpLoadConfig().
    
    Here is a configuration example:
    
    coredump.max-dump: []
    
    This lets suricata crash with a segfault:
    
    ASAN-output:
    ==9412==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f22e851aa28 bp 0x7ffd90006fc0 sp 0x7ffd90006740 T0)
        0 0x7f22e851aa27 in strcasecmp (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x51a27)
        1 0x5608a7ec0108 in CoredumpLoadConfig /root/suricata-1/src/util-coredump-config.c:52
        2 0x5608a7e8bb22 in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2752
        3 0x5608a7e8c577 in main /root/suricata-1/src/suricata.c:2892
        4 0x7f22e4c622b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
        5 0x5608a7a30c59 in _start (/usr/local/bin/suricata+0xc4c59)
    
    Bug #2276

commit 9d77ad50cbd86469f41e7f686675685c6c4555de
Author: Wolfgang Hotwagner <code at feedyourhead.at>
Date:   Fri Nov 17 23:25:08 2017 +0000

    conf: fix NULL-pointer dereference in ConfGetInt
    
    If there are empty values in the config-file where integer values are expected, strtoimax in the ConfGetInt-function will segfault because of NULL-pointer dereference.
    
    Here is a configuration example:
    
    pcre.match-limit: []
    
    This will let suricata crash with a segfault.
    ASAN-output:
    
    ASAN:DEADLYSIGNAL =================================================================
    16951ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fa690e3ccc5 bp 0x000000000000 sp 0x7ffd0d770ad0 T0)
    0 0x7fa690e3ccc4 (/lib/x86_64-linux-gnu/libc.so.6+0x36cc4)
    1 0x7fa6946a6534 in strtoimax (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x44534)
    2 0x55e0aeba6499 in ConfGetInt /root/suricata-1/src/conf.c:390
    3 0x55e0aed2545d in DetectPcreRegister /root/suricata-1/src/detect-pcre.c:99
    4 0x55e0aec1b4ce in SigTableSetup /root/suricata-1/src/detect.c:3783
    5 0x55e0aeeed58d in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2690
    6 0x55e0aeeee4f2 in main /root/suricata-1/src/suricata.c:2892
    7 0x7fa690e262b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
    8 0x55e0aea92d39 in _start (/usr/local/bin/suricata+0xc7d39)
    
    AddressSanitizer can not provide additional info.
    SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x36cc4)
    
    This commit fixes Ticket #2275

commit 393db61706236364c7b323b5f9fed07225ddfd4c
Author: Wolfgang Hotwagner <code at feedyourhead.at>
Date:   Fri Nov 17 17:47:41 2017 +0000

    conf: fix NULL-pointer dereference in ParseSizeString
    
    If someone accidently writes invalid characters in some parts of the suricata.yaml-configfile, the size-parameter of the ParseSizeString-function becomes NULL and gets dereferenced. Suricata crashes with SEGV. This commit fixes Ticket #2274
    
    The following config value leads to a Segfault:
    app-layer.protocols.smtp.inspected-tracker.content-inspect-window: *4096

commit 723e23dd6781356d20e3f6e4c0b7ed593c126afd
Author: Peter Manev <pmanev at stamus-networks.com>
Date:   Wed Nov 1 13:19:21 2017 +0100

    valgrind: suppressions for NIC offloading calls

commit b6617ede047d4ccd495db6346aa252a615d764ee
Author: Victor Julien <victor at inliniac.net>
Date:   Sat Oct 21 10:16:30 2017 +0200

    detect: handle very large byte_extract'ed values in isdataat

commit 148d6e9fb7845669ecf748a063d5b9a2a34aa6c7
Author: Victor Julien <victor at inliniac.net>
Date:   Sat Oct 21 10:00:47 2017 +0200

    detect: implement byte_extract support for isdataat

commit f8a4848e986edaa722d38bd3bb87ca4a4d0a59e2
Author: Victor Julien <victor at inliniac.net>
Date:   Sat Oct 21 10:00:08 2017 +0200

    detect: add debug statements for byte_extract/isdataat

-----------------------------------------------------------------------

Summary of changes:
 qa/valgrind.suppress                   | 15 ++++++++++++++-
 src/app-layer-htp-mem.c                | 16 ++++++++++------
 src/conf.c                             |  6 ++++++
 src/detect-byte-extract.c              |  2 +-
 src/detect-depth.c                     |  6 ++++++
 src/detect-engine-content-inspection.c | 25 ++++++++++++++++++++-----
 src/detect-flowint.c                   | 25 ++++++++++++++-----------
 src/detect-isdataat.c                  |  1 +
 src/flow-var.c                         |  3 +++
 src/tmqh-packetpool.c                  |  6 ++----
 src/util-coredump-config.c             |  4 ++++
 src/util-misc.c                        | 12 ++++++++++++
 src/util-unittest-helper.c             |  8 ++++++++
 src/util-unittest-helper.h             |  1 +
 14 files changed, 102 insertions(+), 28 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list