[Oisf-devel] [COMMIT] OISF branch, master-3.2.x, updated. suricata-3.2.3-28-g2b3d960
OISF Git
noreply at openinfosecfoundation.org
Wed Oct 18 06:24:01 UTC 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master-3.2.x has been updated
via 2b3d960401d1e86597e7e0687e9ab9cf63ff288f (commit)
via aab2548df59b0500ef4e0a792fe0aca5968fecaa (commit)
via 9fdecfffc190ca4a07588869d2a757e463f904d3 (commit)
via b9e76ed1b6a04526354a62955dae3a59a265eb44 (commit)
via f6cd2069fcc45a6c14d6c7621577d5e59f6e0d89 (commit)
via 1a39ab99f330710311216e6bee657d263da393b7 (commit)
via 7419bb2bace4f6763095773f3c5ed72aa8d852b3 (commit)
from 6133bbd195f7fb770ab92d64ece0a8953cc4e276 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2b3d960401d1e86597e7e0687e9ab9cf63ff288f
Author: Victor Julien <victor at inliniac.net>
Date: Fri Oct 13 09:22:49 2017 +0200
runmodes: fix 'threads' option parsing
Don't cast int to uint8_t for no reason. Add warning that upper
limit for theads is 1024.
Small code cleanups.
Bug: #2243
commit aab2548df59b0500ef4e0a792fe0aca5968fecaa
Author: Victor Julien <victor at inliniac.net>
Date: Sun Oct 15 21:25:07 2017 +0200
output: harden output deinit
If thread setup fails allow output deinit code to be called with
NULL data without crashing.
commit 9fdecfffc190ca4a07588869d2a757e463f904d3
Author: Victor Julien <victor at inliniac.net>
Date: Fri Oct 13 09:05:02 2017 +0200
stream: improve error handling of ssn pool
With large number of threads the default memcap leads to pool setup
failures. Make sure these are reported properly so that the user
knows what is going on.
Bug: #2242
commit b9e76ed1b6a04526354a62955dae3a59a265eb44
Author: qiangbei <1137465774 at qq.com>
Date: Tue Oct 17 09:01:37 2017 +0200
detect/state: fix offset mask logic
changed 0xef to 0x7f
commit f6cd2069fcc45a6c14d6c7621577d5e59f6e0d89
Author: Victor Julien <victor at inliniac.net>
Date: Tue Oct 17 08:55:58 2017 +0200
dcerpc: set hard limit for stub data buffer size
Avoid traffic being able to endlessly grow the stub buffer by
setting a 1MB hard limit.
Bug #2241
commit 1a39ab99f330710311216e6bee657d263da393b7
Author: Victor Julien <victor at inliniac.net>
Date: Sat Mar 4 13:40:39 2017 +0100
detect: don't rescan when just distance is used
Content inspection optimization: when just distance is used without
within we don't need to search recursively.
E.g. content:"a"; content:"b"; distance:1; will scan the buffer for
'a' and when it finds 'a' it will scan the remainder for 'b'. Until
now, the failure to find 'b' would lead to looking for the next 'a'
and then for 'b' after that. However, we already inspected the
entire buffer for 'b', so we know this will fail.
commit 7419bb2bace4f6763095773f3c5ed72aa8d852b3
Author: Victor Julien <victor at inliniac.net>
Date: Fri Mar 3 15:38:43 2017 +0100
detect: avoid needless recursive scanning
Don't recursively inspect a detect list if the recursion
doesn't increase chance of success.
-----------------------------------------------------------------------
Summary of changes:
src/app-layer-dcerpc.c | 7 ++++++-
src/detect-byte-extract.c | 4 ++--
src/detect-content.h | 10 +++++++---
src/detect-distance.c | 6 +++++-
src/detect-engine-content-inspection.c | 31 +++++++++++++++++++++----------
src/detect-engine-state.c | 2 +-
src/detect-within.c | 2 +-
src/output.c | 3 +++
src/runmode-af-packet.c | 2 +-
src/runmode-netmap.c | 2 +-
src/runmode-pcap.c | 2 +-
src/runmode-pfring.c | 4 ++--
src/stream-tcp.c | 4 +++-
src/util-runmodes.c | 28 ++++++++++++++--------------
14 files changed, 68 insertions(+), 39 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list