Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

next/417/70x/20240420/v1 #10927

Merged
merged 4 commits into from
Apr 20, 2024
Merged

next/417/70x/20240420/v1 #10927

merged 4 commits into from
Apr 20, 2024

Conversation

victorjulien
Copy link
Member

catenacyber and others added 4 commits April 20, 2024 08:50
@catenacyber @victorjulien
detect/http-server-body: avoid FP on toserver direction
93ac371 
Ticket: 6948

http.response_body keyword did not enforce a direction, and thus
could match on files sent with POST requests

(cherry picked from commit e6895b8)
@victorjulien
streaming/buffer: improve integer handling safety
8b1dcbd 
Unsafe handling of buffer offset and to be inserted data's length
could lead to a integer overflow. This in turn would skip growing
the target buffer, which then would be memcpy'd into, leading to
an out of bounds write.

This issue shouldn't be reachable through any of the consumers of
the API, but to be sure some debug validation checks have been
added.

Bug: OISF#6903.
(cherry picked from commit cf6278f)
@victorjulien
capture: improve IDS + IPS check
b8739ea 
Improve it for af-packet, dpdk, netmap. Check would not consider
an interface IDS if the `default` section contained a copy-mode
field.

(cherry picked from commit 58bff9b)
@victorjulien
ips: check for livedev.use-for-tracking
04b8a7a 
For the capture methods that support livedev and IPS,
livedev.use-for-tracking is not supported.

This setting causes major flow tracking issues, as both sides of
a flow would be tracked in different flows.

This patch disables the livedev.use-for-tracking setting if it
is set to true. A warning will be issued.

Ticket: OISF#6726.
(cherry picked from commit 08841f2)
@suricata-qa
Copy link

ERROR:

ERROR: QA failed on SURI_TLPW1_files_sha256.

Pipeline 20214

@victorjulien victorjulien merged commit 04b8a7a into OISF:main-7.0.x Apr 20, 2024
84 checks passed
This was referenced Apr 20, 2024
Merged
Closed
@victorjulien victorjulien deleted the next/417/70x/20240420/v1 branch April 20, 2024 17:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish jasonish approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
4 participants
@victorjulien @suricata-qa @jasonish @catenacyber