[Oisf-devel] [COMMIT] OISF branch, master-3.2.x, updated. suricata-3.2.1-25-g5a81240

OISF Git noreply at openinfosecfoundation.org
Thu Mar 30 13:16:15 UTC 2017

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master-3.2.x has been updated
       via  5a812400fb7eeaf6d86f20a2d830573467a34d15 (commit)
       via  4cf5a078750bf7d1dc47683a8cd35e3846bc7047 (commit)
       via  976ad807be724b7a42ddd1b80255b540633a4688 (commit)
       via  3d3d2928fa8f33518c71d0fbed2e99b801a0846c (commit)
       via  6f8af69c88c7550ebc68173734736d52d84752ee (commit)
       via  8fb72c60f44c291ea07fbda5638e089274114b76 (commit)
       via  00c6b7e44d9b6ca1fab2061f8a1241247ac93028 (commit)
       via  598a7187c31694ed7b93bf8c4413adcc2643aed0 (commit)
       via  528721fd1290664d0075ac9468657c4298dcc386 (commit)
       via  1ffefad0759ebb135765512e6a6b4c91513f9410 (commit)
       via  d92e3091a7a9c123350e8caaed64107c3e5aba5d (commit)
       via  68652f302f7ddfac5a6ada93704d55275b09db10 (commit)
       via  7bdc28cae9e31fdabf2bf7bee4f7b120d8872744 (commit)
       via  5555b89b47f214a9c589460106dce46f0099cdae (commit)
       via  0a3aa9983f0421ea14d9ae0fe188b906d2982d6e (commit)
       via  43b1e538375f485be0010d70dd8de63a19f30b23 (commit)
       via  e17bc4b7846f0dac124fe5b62bc1d9e29665aa72 (commit)
       via  e42d355f8004ce604f1b8ade8ba31b68467f6906 (commit)
       via  fe780dd93ce4f76640029fb06c258309b7e2951f (commit)
       via  62c9d0b1400c086e410949b340e8adb3cd62f001 (commit)
       via  cf36cdfd8a4aec1c0810e9b4f3ced1eb54a1b385 (commit)
       via  c270530706b843377794e372e210a82718177bbe (commit)
       via  38addf3e2a23518cbb3e7c672bda54066b2fd640 (commit)
       via  d598284e20ced00ccf2b485ae3f9b87641be150b (commit)
       via  f0b2cb49c67806ac0923776929770ec796706b12 (commit)
      from  e072a10f64cd509d09e0349050b92b02fea4df9c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 5a812400fb7eeaf6d86f20a2d830573467a34d15
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Feb 16 16:41:06 2017 +0100

    flow-worker: clean up thread init

commit 4cf5a078750bf7d1dc47683a8cd35e3846bc7047
Author: Jason Ish <ish at unx.ca>
Date:   Mon Jan 16 16:02:43 2017 -0600

    autoconf - look for stdbool.h

commit 976ad807be724b7a42ddd1b80255b540633a4688
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Mar 29 11:15:51 2017 +0200

    http: fix body tracking corner case
    In some cases, observed with inspect limits 0, the body tracking could
    get confused. When all chunks were already freed, a new chunk would
    be considered to be the start of the body. This would overwrite the
    bodies 'content_len_so_far' tracker, instead of adding to it. This in
    turn could lead to a assertion abort in the inspection code.
    This patch redoes the append code to always add the current lenght. It
    cleans up the code to remove redundant logic.
    Issue: https://redmine.openinfosecfoundation.org/issues/2078
    Reported-By: Jørgen Bøhnsdalen

commit 3d3d2928fa8f33518c71d0fbed2e99b801a0846c
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date:   Mon Feb 20 16:47:31 2017 +0300

    af-packet: fix parsing packet in TPACKET_V3 mode
    AFPParsePacketV3() saved tpacket_block_desc structure
    instead of tpacket3_hdr. As a result, reconstructed
    packets were wrong.
    Bug #2047.

commit 6f8af69c88c7550ebc68173734736d52d84752ee
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date:   Mon Feb 20 16:43:10 2017 +0300

    af-packet: get VLAN info for packets in TPACKET_V3 mode

commit 8fb72c60f44c291ea07fbda5638e089274114b76
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date:   Mon Feb 20 16:41:18 2017 +0300

    af-packet: write VLAN info for both TPACKET_V2 and V3

commit 00c6b7e44d9b6ca1fab2061f8a1241247ac93028
Author: Jason Ish <ish at unx.ca>
Date:   Mon Mar 20 10:54:51 2017 -0600

    defrag: fix argument used in macro to match signature
    "p" was being used in the macro but was not an argument to
    the macro, but it worked due to the context of the macro.
    Use the actual macro argument, d2, instead of p.
    Results in no change to generated code.

commit 598a7187c31694ed7b93bf8c4413adcc2643aed0
Author: Jon Zeolla <zeolla at gmail.com>
Date:   Mon Mar 13 12:51:44 2017 -0400

    docs: fix statement about flow:to_server

commit 528721fd1290664d0075ac9468657c4298dcc386
Author: Jon Zeolla <zeolla at gmail.com>
Date:   Mon Mar 13 12:49:04 2017 -0400

    docs: clarify how iprep works

commit 1ffefad0759ebb135765512e6a6b4c91513f9410
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Mar 9 12:57:40 2017 +0100

    detect: fix ssl_state test

commit d92e3091a7a9c123350e8caaed64107c3e5aba5d
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Mar 6 10:54:57 2017 +0100

    bytejump: don't print errors when matching
    When bytejump was told to convert some payload data to int from a
    string it would print an error to the screen if the conversion
    failed. This is unwanted as the payload is controlled by an attacker
    and printing is expensive.

commit 68652f302f7ddfac5a6ada93704d55275b09db10
Author: Victor Julien <victor at inliniac.net>
Date:   Sun Feb 26 19:56:38 2017 +0100

    app-layer: fix gap handling in protocol detection
    A GAP during protocol detection would lead to all reassembly
    getting disabled, so also the raw reassembly. In addition, it
    could prevent the opposing side from doing protocol detection.
    This patch remove the 'disable reassembly' logic. Stream engine
    will take the stream with GAP and app-layer will make the proto
    detection as complete.

commit 7bdc28cae9e31fdabf2bf7bee4f7b120d8872744
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Mar 10 19:12:32 2017 +0100

    file store: store multiple files if available

commit 5555b89b47f214a9c589460106dce46f0099cdae
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Feb 23 16:45:32 2017 +0100

    app-layer: fix memleak on bad traffic
    If state was alloc'd after protocol detection, but then the direction
    turned out to be wrong, the state would not be freed.

commit 0a3aa9983f0421ea14d9ae0fe188b906d2982d6e
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Feb 27 20:38:41 2017 +0100

    ippair: fix xbits unset memleak

commit 43b1e538375f485be0010d70dd8de63a19f30b23
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Feb 27 18:32:22 2017 +0100

    ippair: use both addresses in hash

commit e17bc4b7846f0dac124fe5b62bc1d9e29665aa72
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Feb 27 12:27:11 2017 +0100

    stream: validate SACK right edge to be in window

commit e42d355f8004ce604f1b8ade8ba31b68467f6906
Author: Jason Ish <ish at unx.ca>
Date:   Tue Feb 21 13:42:50 2017 -0600

    ipv4: update checksum function to be like tcp/udp
    Update the IPv4 checksum function to be like the
    changed TCP/UDP checksum functions for consistency.

commit fe780dd93ce4f76640029fb06c258309b7e2951f
Author: Jason Ish <ish at unx.ca>
Date:   Tue Feb 21 13:31:41 2017 -0600

    tcp/udp: rename checksum functions for better meaning
    The TCP/UDP checksum functions no longer just calculate
    the checksum, they can validate as well as calculate so
    use a more generic name.

commit 62c9d0b1400c086e410949b340e8adb3cd62f001
Author: Jason Ish <ish at unx.ca>
Date:   Fri Feb 17 16:04:23 2017 -0600

    tcp/udp: fix checksum validation when 0xffff
    One approach to fixing this issue to just validate the
    checksum instead of regenerating it and comparing it. This
    method is used in some kernels and other network tools.
    When validating, the current checksum is passed in as an
    initial argument which will cause the final checksum to be 0
    if OK. If generating a checksum, 0 is passed and the result
    is the generated checksum.

commit cf36cdfd8a4aec1c0810e9b4f3ced1eb54a1b385
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Mar 24 10:15:09 2017 +0100

    qa/appveyor: install libiconv-devel

commit c270530706b843377794e372e210a82718177bbe
Author: Jason Ish <ish at unx.ca>
Date:   Fri Mar 24 13:59:39 2017 -0600

    travis: macos: unlink all deps, then relink
    Kind of ugly, but first unlink all dependencies then install.
    The deps that don't get an upgrade will remain unlinked, so
    relink all dependencies as relinking an already linked dep
    does not error out.

commit 38addf3e2a23518cbb3e7c672bda54066b2fd640
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Mar 24 12:40:18 2017 +0100

    travis: fix pkg-config in mac builds
    Unlink pkg-config before installing.

commit d598284e20ced00ccf2b485ae3f9b87641be150b
Author: Jason Ish <ish at unx.ca>
Date:   Fri Mar 17 11:11:07 2017 -0600

    travis: fix libpcre in mac builds
    It looks like Travis changed their Mac image and pcre is now
    installed by default. In case it gets removed again, just unlink
    it before re-installing so it doesn't fail on install.

commit f0b2cb49c67806ac0923776929770ec796706b12
Author: Jason Ish <ish at unx.ca>
Date:   Thu Feb 16 13:02:58 2017 -0600

    Makefile: fix race condition in make install-full
    Use recursive make for the install process so it
    is executed in a predictable order.
    Addresses issue:
    which triggered on OSX/macOS.


Summary of changes:
 .travis.yml                                        |  19 +++-
 Makefile.am                                        |   5 +-
 appveyor.yml                                       |   2 +-
 configure.ac                                       |   2 +-
 .../ipreputation/ip-reputation-format.rst          |  12 ++-
 .../ipreputation/ip-reputation-rules.rst           |   8 +-
 src/alert-unified2-alert.c                         |  12 +--
 src/app-layer-htp-body.c                           |  36 +++-----
 src/app-layer.c                                    |   5 +-
 src/decode-ipv4.c                                  |   6 +-
 src/decode-ipv4.h                                  |  17 ++--
 src/decode-tcp.c                                   |  20 ++--
 src/decode-tcp.h                                   |  40 ++++----
 src/decode-udp.c                                   |  22 +++--
 src/decode-udp.h                                   |  38 ++++----
 src/defrag-hash.c                                  |   2 +-
 src/defrag.c                                       |   2 +-
 src/detect-bytejump.c                              |  12 +--
 src/detect-csum.c                                  |  59 ++++++------
 src/detect-ssl-state.c                             |   2 -
 src/detect.c                                       | 102 +++++----------------
 src/flow-timeout.c                                 |  12 +--
 src/flow-worker.c                                  |  23 +++--
 src/ippair-bit.c                                   |   1 +
 src/ippair.c                                       |  51 ++++++++++-
 src/output-filedata.c                              |   1 -
 src/source-af-packet.c                             |  45 ++++++---
 src/stream-tcp-reassemble.c                        |   2 +-
 src/stream-tcp-sack.c                              |   9 +-
 src/stream-tcp.c                                   |  21 +++--
 src/suricata-common.h                              |   4 +
 src/util-checksum.c                                |  20 ++--
 32 files changed, 339 insertions(+), 273 deletions(-)


More information about the Oisf-devel mailing list