Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backports 5.0.x V1 Batched backports of 6 issues, 1 undisclosed. #4718

Closed
wants to merge 16 commits into from
Closed

Backports 5.0.x V1 Batched backports of 6 issues, 1 undisclosed. #4718

wants to merge 16 commits into from

Commits on Mar 22, 2020

  1. stream: fix direction flags in corner case 

    When a TCP DNS flow would start with a GAP on the TS side, the successful
protocol detection on the TC side would trigger 'opposing side' reassembly
and app-layer processing. In this case the stream flags would indicate the
wrong direction and the wrong parser would be called.

(cherry picked from commit efee458)
    @victorjulien @jlucovsky
    victorjulien authored and jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    306adf2 View commit details
    Browse the repository at this point in the history

  2. dag: Skip over ERF_TYPE_META records 

    Suricata generates an error on unrecognised ERF types.
Suricata should ignore ERF 'Provenance' records with ERF_TYPE_META.

(cherry picked from commit 47082dd)
    @sfd @jlucovsky
    sfd authored and jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    1661248 View commit details
    Browse the repository at this point in the history

  3. smtp/mime: Restrict file name lengths 

    This commit places restrictions on the length of the file name specified
in attachments (`name=` or `filename=`) to `NAME_MAX`. Names exceeding
these limits will be truncated and processing will continue with the
truncated name.

(cherry picked from commit d0d20bd)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    6e69781 View commit details
    Browse the repository at this point in the history

  4. smtp/mime: Set event when name exceeds limit 

    (cherry picked from commit 130b8d2)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    f02ee89 View commit details
    Browse the repository at this point in the history

  5. smtp/mime: Fix typos 

    (cherry picked from commit 9a33b5d)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    96c1a3e View commit details
    Browse the repository at this point in the history

  6. mime: Test cases for filename length limit 

    (cherry picked from commit c92975e)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    821e43c View commit details
    Browse the repository at this point in the history

  7. util-error: define SC_ERR_PCRE_COPY_SUBSTRING 

    (cherry picked from commit bcea730)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    174e3f3 View commit details
    Browse the repository at this point in the history

  8. spelling: Fix spelling error 

    (cherry picked from commit 6d94b09)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    7a6e616 View commit details
    Browse the repository at this point in the history

  9. detect/ssl_state: Fix memory leaks from pcre_get_substring 

    This commit replaces usages of pcre_get_substring with
pcre_copy_substring to avoid leaking memory on error conditions.

(cherry picked from commit 6c35039)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    6597959 View commit details
    Browse the repository at this point in the history

  10. detect/flowvar: Fix memory leaks from pcre_get_substring 

    This commit replaces usages of pcre_get_substring with
pcre_copy_substring to avoid leaking memory on error conditions.

(cherry picked from commit 9fe51a8)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    cd89363 View commit details
    Browse the repository at this point in the history

  11. detect/filestore: Fix memory leaks from pcre_get_substring 

    This commit replaces usages of pcre_get_substring with
pcre_copy_substring to avoid leaking memory on error conditions.

(cherry picked from commit c2071e1)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    e57637e View commit details
    Browse the repository at this point in the history

  12. doc: Correct RST quote usage 

    Corrects misplaced backticks preventing proper formatting of `mpm-algo`
section.

(cherry picked from commit 8c132c0)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    14a789f View commit details
    Browse the repository at this point in the history

  13. decode: Fix typos/spelling 

    (cherry picked from commit 427ec4e)
(cherry picked from commit ed6c976)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    8d946d7 View commit details
    Browse the repository at this point in the history

  14. decode: Handle ERSPAN Type I 

    (cherry picked from commit aec4e9a)
(cherry picked from commit e00de3d)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    237964a View commit details
    Browse the repository at this point in the history

  15. decode/erspan: ERSPAN TypeI configurable 

    For the backport, ERSPAN TypeI decode is

1. Disabled by default
2. Configurable: `decoder.erspan_typeI.enabled`

(cherry picked from commit ae6beed)
    @jlucovsky
    jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    33b56b3 View commit details
    Browse the repository at this point in the history

  16. detect/parse: move spaces skip up the stack 

    Switch to isspace() as well.

(cherry picked from commit 52970d8)
    @catenacyber @jlucovsky
    catenacyber authored and jlucovsky committed Mar 22, 2020
    Configuration menu
    Copy the full SHA
    a3a2ea0 View commit details
    Browse the repository at this point in the history