Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Next/60x/20220419/v5 #7271

Merged
merged 10 commits into from
Apr 20, 2022
Merged

Next/60x/20220419/v5 #7271

merged 10 commits into from
Apr 20, 2022

Conversation

victorjulien
Copy link
Member

jasonish and others added 10 commits April 15, 2022 10:26
@jasonish @victorjulien
detect-content: error on single char hex pairs
fd57cf7 
Fix parsing of content like "|aa b cc|" which was parsed as "|aa bc|"
without error or warning. This will now fail out, requiring all hex
values to be 2 chars.

Ticket OISF#5201

(cherry picked from commit 8d1e4a1)
@catenacyber @victorjulien
tftp: StringToAppProto case
83490d4 
So, fuzz_applayerparserparse_tftp will fuzz tftp

(cherry picked from commit c9d664b)
@jasonish @victorjulien
smb: fix smb2 header flag parsing
12a8415 
The bits were being parsed in the order they're displayed in Wireshark,
rather than the order they were being seen on the wire, resulting in
direction and async being 0 more often than they should be.

Instead of bits, take the 4 bytes as an le_u32 and just use bit masks to
extract what we need into a struct, I think its easier to reason about
this way when comparing to the Microsoft documentation.

(cherry picked from commit 7b65948)
@jasonish @victorjulien
smb: expose smb1 request/reply flags with a method
e637955 
Adds `.is_request()` and `.is_reply()` to check if a SMB record flags
say the message is a request or a reply.

(cherry picked from commit 09e2d3b)
@jasonish @victorjulien
smb: handle records in the wrong direction
e55fef3 
If an SMB record is seen in the wrong direction, set an event on the PDU
frame and don't process the record in the state.

No error is returned, so the next record will be processed.

(cherry picked from commit 2341f47)
@jasonish @victorjulien
smb: rules for messages in the wrong direction
fca9c69 
(cherry picked from commit 1e65324)
@jasonish @victorjulien
github-ci: pin checkout actions plus other fixups
b589b05 
Pin checkout action plus other fixups from master to deal with changes
to the action.
@jasonish @victorjulien
mqtt: ensure we do not request extra data after buffering
4c2d543 
This is a minimal backport of 5618273
to address ticket 5018.

Uses the "complete" version of take instead of the macro which is thre
streaming variant.

Ticket OISF#5018
@satta @victorjulien
mqtt: raise event on parse error
084b16a
@catenacyber @victorjulien
mqtt: fix consumed bytes computation for truncated msg
f3a6d15 
Ticket: 5268
(cherry picked from commit 3b13008)
@victorjulien victorjulien requested review from jasonish and a team as code owners April 19, 2022 21:38
@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 6999

@victorjulien victorjulien merged commit f3a6d15 into OISF:master-6.0.x Apr 20, 2022
@victorjulien victorjulien mentioned this pull request Apr 20, 2022
Closed
@victorjulien victorjulien deleted the next/60x/20220419/v5 branch April 21, 2022 21:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
5 participants
@victorjulien @suricata-qa @jasonish @catenacyber @satta