[Oisf-devel] [COMMIT] OISF branch, master-3.2.x, updated. suricata-3.2.1-25-g5a81240
OISF Git
noreply at openinfosecfoundation.org
Thu Mar 30 13:16:15 UTC 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master-3.2.x has been updated
via 5a812400fb7eeaf6d86f20a2d830573467a34d15 (commit)
via 4cf5a078750bf7d1dc47683a8cd35e3846bc7047 (commit)
via 976ad807be724b7a42ddd1b80255b540633a4688 (commit)
via 3d3d2928fa8f33518c71d0fbed2e99b801a0846c (commit)
via 6f8af69c88c7550ebc68173734736d52d84752ee (commit)
via 8fb72c60f44c291ea07fbda5638e089274114b76 (commit)
via 00c6b7e44d9b6ca1fab2061f8a1241247ac93028 (commit)
via 598a7187c31694ed7b93bf8c4413adcc2643aed0 (commit)
via 528721fd1290664d0075ac9468657c4298dcc386 (commit)
via 1ffefad0759ebb135765512e6a6b4c91513f9410 (commit)
via d92e3091a7a9c123350e8caaed64107c3e5aba5d (commit)
via 68652f302f7ddfac5a6ada93704d55275b09db10 (commit)
via 7bdc28cae9e31fdabf2bf7bee4f7b120d8872744 (commit)
via 5555b89b47f214a9c589460106dce46f0099cdae (commit)
via 0a3aa9983f0421ea14d9ae0fe188b906d2982d6e (commit)
via 43b1e538375f485be0010d70dd8de63a19f30b23 (commit)
via e17bc4b7846f0dac124fe5b62bc1d9e29665aa72 (commit)
via e42d355f8004ce604f1b8ade8ba31b68467f6906 (commit)
via fe780dd93ce4f76640029fb06c258309b7e2951f (commit)
via 62c9d0b1400c086e410949b340e8adb3cd62f001 (commit)
via cf36cdfd8a4aec1c0810e9b4f3ced1eb54a1b385 (commit)
via c270530706b843377794e372e210a82718177bbe (commit)
via 38addf3e2a23518cbb3e7c672bda54066b2fd640 (commit)
via d598284e20ced00ccf2b485ae3f9b87641be150b (commit)
via f0b2cb49c67806ac0923776929770ec796706b12 (commit)
from e072a10f64cd509d09e0349050b92b02fea4df9c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5a812400fb7eeaf6d86f20a2d830573467a34d15
Author: Victor Julien <victor at inliniac.net>
Date: Thu Feb 16 16:41:06 2017 +0100
flow-worker: clean up thread init
commit 4cf5a078750bf7d1dc47683a8cd35e3846bc7047
Author: Jason Ish <ish at unx.ca>
Date: Mon Jan 16 16:02:43 2017 -0600
autoconf - look for stdbool.h
commit 976ad807be724b7a42ddd1b80255b540633a4688
Author: Victor Julien <victor at inliniac.net>
Date: Wed Mar 29 11:15:51 2017 +0200
http: fix body tracking corner case
In some cases, observed with inspect limits 0, the body tracking could
get confused. When all chunks were already freed, a new chunk would
be considered to be the start of the body. This would overwrite the
bodies 'content_len_so_far' tracker, instead of adding to it. This in
turn could lead to a assertion abort in the inspection code.
This patch redoes the append code to always add the current lenght. It
cleans up the code to remove redundant logic.
Issue: https://redmine.openinfosecfoundation.org/issues/2078
Reported-By: Jørgen Bøhnsdalen
commit 3d3d2928fa8f33518c71d0fbed2e99b801a0846c
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date: Mon Feb 20 16:47:31 2017 +0300
af-packet: fix parsing packet in TPACKET_V3 mode
AFPParsePacketV3() saved tpacket_block_desc structure
instead of tpacket3_hdr. As a result, reconstructed
packets were wrong.
Bug #2047.
commit 6f8af69c88c7550ebc68173734736d52d84752ee
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date: Mon Feb 20 16:43:10 2017 +0300
af-packet: get VLAN info for packets in TPACKET_V3 mode
commit 8fb72c60f44c291ea07fbda5638e089274114b76
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date: Mon Feb 20 16:41:18 2017 +0300
af-packet: write VLAN info for both TPACKET_V2 and V3
commit 00c6b7e44d9b6ca1fab2061f8a1241247ac93028
Author: Jason Ish <ish at unx.ca>
Date: Mon Mar 20 10:54:51 2017 -0600
defrag: fix argument used in macro to match signature
"p" was being used in the macro but was not an argument to
the macro, but it worked due to the context of the macro.
Use the actual macro argument, d2, instead of p.
Results in no change to generated code.
commit 598a7187c31694ed7b93bf8c4413adcc2643aed0
Author: Jon Zeolla <zeolla at gmail.com>
Date: Mon Mar 13 12:51:44 2017 -0400
docs: fix statement about flow:to_server
commit 528721fd1290664d0075ac9468657c4298dcc386
Author: Jon Zeolla <zeolla at gmail.com>
Date: Mon Mar 13 12:49:04 2017 -0400
docs: clarify how iprep works
commit 1ffefad0759ebb135765512e6a6b4c91513f9410
Author: Victor Julien <victor at inliniac.net>
Date: Thu Mar 9 12:57:40 2017 +0100
detect: fix ssl_state test
commit d92e3091a7a9c123350e8caaed64107c3e5aba5d
Author: Victor Julien <victor at inliniac.net>
Date: Mon Mar 6 10:54:57 2017 +0100
bytejump: don't print errors when matching
When bytejump was told to convert some payload data to int from a
string it would print an error to the screen if the conversion
failed. This is unwanted as the payload is controlled by an attacker
and printing is expensive.
commit 68652f302f7ddfac5a6ada93704d55275b09db10
Author: Victor Julien <victor at inliniac.net>
Date: Sun Feb 26 19:56:38 2017 +0100
app-layer: fix gap handling in protocol detection
A GAP during protocol detection would lead to all reassembly
getting disabled, so also the raw reassembly. In addition, it
could prevent the opposing side from doing protocol detection.
This patch remove the 'disable reassembly' logic. Stream engine
will take the stream with GAP and app-layer will make the proto
detection as complete.
commit 7bdc28cae9e31fdabf2bf7bee4f7b120d8872744
Author: Victor Julien <victor at inliniac.net>
Date: Fri Mar 10 19:12:32 2017 +0100
file store: store multiple files if available
commit 5555b89b47f214a9c589460106dce46f0099cdae
Author: Victor Julien <victor at inliniac.net>
Date: Thu Feb 23 16:45:32 2017 +0100
app-layer: fix memleak on bad traffic
If state was alloc'd after protocol detection, but then the direction
turned out to be wrong, the state would not be freed.
commit 0a3aa9983f0421ea14d9ae0fe188b906d2982d6e
Author: Victor Julien <victor at inliniac.net>
Date: Mon Feb 27 20:38:41 2017 +0100
ippair: fix xbits unset memleak
commit 43b1e538375f485be0010d70dd8de63a19f30b23
Author: Victor Julien <victor at inliniac.net>
Date: Mon Feb 27 18:32:22 2017 +0100
ippair: use both addresses in hash
commit e17bc4b7846f0dac124fe5b62bc1d9e29665aa72
Author: Victor Julien <victor at inliniac.net>
Date: Mon Feb 27 12:27:11 2017 +0100
stream: validate SACK right edge to be in window
commit e42d355f8004ce604f1b8ade8ba31b68467f6906
Author: Jason Ish <ish at unx.ca>
Date: Tue Feb 21 13:42:50 2017 -0600
ipv4: update checksum function to be like tcp/udp
Update the IPv4 checksum function to be like the
changed TCP/UDP checksum functions for consistency.
commit fe780dd93ce4f76640029fb06c258309b7e2951f
Author: Jason Ish <ish at unx.ca>
Date: Tue Feb 21 13:31:41 2017 -0600
tcp/udp: rename checksum functions for better meaning
The TCP/UDP checksum functions no longer just calculate
the checksum, they can validate as well as calculate so
use a more generic name.
commit 62c9d0b1400c086e410949b340e8adb3cd62f001
Author: Jason Ish <ish at unx.ca>
Date: Fri Feb 17 16:04:23 2017 -0600
tcp/udp: fix checksum validation when 0xffff
Issue:
https://redmine.openinfosecfoundation.org/issues/2041
One approach to fixing this issue to just validate the
checksum instead of regenerating it and comparing it. This
method is used in some kernels and other network tools.
When validating, the current checksum is passed in as an
initial argument which will cause the final checksum to be 0
if OK. If generating a checksum, 0 is passed and the result
is the generated checksum.
commit cf36cdfd8a4aec1c0810e9b4f3ced1eb54a1b385
Author: Victor Julien <victor at inliniac.net>
Date: Fri Mar 24 10:15:09 2017 +0100
qa/appveyor: install libiconv-devel
commit c270530706b843377794e372e210a82718177bbe
Author: Jason Ish <ish at unx.ca>
Date: Fri Mar 24 13:59:39 2017 -0600
travis: macos: unlink all deps, then relink
Kind of ugly, but first unlink all dependencies then install.
The deps that don't get an upgrade will remain unlinked, so
relink all dependencies as relinking an already linked dep
does not error out.
commit 38addf3e2a23518cbb3e7c672bda54066b2fd640
Author: Victor Julien <victor at inliniac.net>
Date: Fri Mar 24 12:40:18 2017 +0100
travis: fix pkg-config in mac builds
Unlink pkg-config before installing.
commit d598284e20ced00ccf2b485ae3f9b87641be150b
Author: Jason Ish <ish at unx.ca>
Date: Fri Mar 17 11:11:07 2017 -0600
travis: fix libpcre in mac builds
It looks like Travis changed their Mac image and pcre is now
installed by default. In case it gets removed again, just unlink
it before re-installing so it doesn't fail on install.
commit f0b2cb49c67806ac0923776929770ec796706b12
Author: Jason Ish <ish at unx.ca>
Date: Thu Feb 16 13:02:58 2017 -0600
Makefile: fix race condition in make install-full
Use recursive make for the install process so it
is executed in a predictable order.
Addresses issue:
https://redmine.openinfosecfoundation.org/issues/1470
which triggered on OSX/macOS.
-----------------------------------------------------------------------
Summary of changes:
.travis.yml | 19 +++-
Makefile.am | 5 +-
appveyor.yml | 2 +-
configure.ac | 2 +-
.../ipreputation/ip-reputation-format.rst | 12 ++-
.../ipreputation/ip-reputation-rules.rst | 8 +-
src/alert-unified2-alert.c | 12 +--
src/app-layer-htp-body.c | 36 +++-----
src/app-layer.c | 5 +-
src/decode-ipv4.c | 6 +-
src/decode-ipv4.h | 17 ++--
src/decode-tcp.c | 20 ++--
src/decode-tcp.h | 40 ++++----
src/decode-udp.c | 22 +++--
src/decode-udp.h | 38 ++++----
src/defrag-hash.c | 2 +-
src/defrag.c | 2 +-
src/detect-bytejump.c | 12 +--
src/detect-csum.c | 59 ++++++------
src/detect-ssl-state.c | 2 -
src/detect.c | 102 +++++----------------
src/flow-timeout.c | 12 +--
src/flow-worker.c | 23 +++--
src/ippair-bit.c | 1 +
src/ippair.c | 51 ++++++++++-
src/output-filedata.c | 1 -
src/source-af-packet.c | 45 ++++++---
src/stream-tcp-reassemble.c | 2 +-
src/stream-tcp-sack.c | 9 +-
src/stream-tcp.c | 21 +++--
src/suricata-common.h | 4 +
src/util-checksum.c | 20 ++--
32 files changed, 339 insertions(+), 273 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list