upstream/suricata
1
0
Fork 0
mirror of https://github.com/OISF/suricata.git synced 2026-05-28 04:32:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
18994 commits 8 branches 171 tags 193 MiB
Commit graph

18994 commits

This branch
This branch
All branches
Author SHA1 Message Date
Victor Julien
54322f38f8 common: fix cppcheck syntax error
Some checks failed
builds / AlmaLinux 9 (Minimal/Recommended Build) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (cocci) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (RUSTC+CARGO vars) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (unittests coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (unix socket mode coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket and dpdk coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (pcap unix socket ASAN) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket IPS tests in namespaces) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket and dpdk live tests with ASAN) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (fuzz corpus coverage) (push) Has been cancelled
Details
builds / Ubuntu 20.04 (-DNDEBUG) (push) Has been cancelled
Details
builds / Ubuntu 20.04 (unsupported rust) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Debug Validation) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Fuzz) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Netmap build) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Minimal/Recommended Build) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (DPDK Build) (push) Has been cancelled
Details
builds / Debian 12 (xdp) (push) Has been cancelled
Details
builds / Debian 13 (xdp) (push) Has been cancelled
Details
builds / Ubuntu 22.04 Dist Builder (push) Has been cancelled
Details
builds / Debian 12 MSRV (push) Has been cancelled
Details
builds / Debian 11 (push) Has been cancelled
Details
builds / MacOS Latest (push) Has been cancelled
Details
builds / FreeBSD 15.0 (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (NPcap) (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (libpcap) (push) Has been cancelled
Details
builds / Windows MSYS2 UCRT64 (libpcap) (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (WinDivert) (push) Has been cancelled
Details
builds / PF_RING (push) Has been cancelled
Details
docs / Ubuntu 22.04 Dist Builder (push) Has been cancelled
Details
2026-05-25 16:20:25 +00:00
Victor Julien
bd198231a0 util/port-interval-tree: suppress cppcheck false positives 2026-05-25 16:20:25 +00:00
Victor Julien
f138a64ad7 debug/validate: remove redundant checks 
Pointed out by cppcheck.
 2026-05-25 16:20:25 +00:00
Victor Julien
9869e9b9f5 detect/port: workaround cppcheck warning 2026-05-25 16:20:25 +00:00
Victor Julien
0af57040d9 detect/address: workaround cppcheck warning 2026-05-25 16:20:25 +00:00
Philippe Antoine
bcc1e6ae32 rust: format http2 files 
Ticket: 3836
 2026-05-25 16:20:24 +00:00
Jeff Lucovsky
cc6fbcd5dd etc/schema: add missing ftp fields 
Add ftp detect keywords to metadata

Issue: 7502, 7503, 7507, 7505, 7508, 7506
 2026-05-25 16:20:24 +00:00
Philippe Antoine
a35760db9b rust: enforce already formatted directories in CI
Some checks failed
builds / AlmaLinux 9 (no jansson) (push) Has been cancelled
Details
builds / AlmaLinux 9 (Minimal/Recommended Build) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (cocci) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (RUSTC+CARGO vars) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (unittests coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (unix socket mode coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket and dpdk coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (pcap unix socket ASAN) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket IPS tests in namespaces) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket and dpdk live tests with ASAN) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (fuzz corpus coverage) (push) Has been cancelled
Details
builds / Ubuntu 20.04 (-DNDEBUG) (push) Has been cancelled
Details
builds / Ubuntu 20.04 (unsupported rust) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Debug Validation) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Fuzz) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Netmap build) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Minimal/Recommended Build) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (DPDK Build) (push) Has been cancelled
Details
builds / Debian 12 (xdp) (push) Has been cancelled
Details
builds / Debian 13 (xdp) (push) Has been cancelled
Details
builds / Ubuntu 22.04 Dist Builder (push) Has been cancelled
Details
builds / Debian 12 MSRV (push) Has been cancelled
Details
builds / Debian 11 (push) Has been cancelled
Details
builds / MacOS Latest (push) Has been cancelled
Details
builds / FreeBSD 15.0 (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (NPcap) (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (libpcap) (push) Has been cancelled
Details
builds / Windows MSYS2 UCRT64 (libpcap) (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (WinDivert) (push) Has been cancelled
Details
builds / PF_RING (push) Has been cancelled
Details
2026-05-23 18:01:39 +00:00
Philippe Antoine
1070e733d8 rust: format websocket files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
89e5332d88 rust: format utils files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
edf29b0000 rust: format ssh files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
fe27a2159c rust: format rfb files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
5cca346f16 rust: format quic files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
415360d9e8 rust: format ntp files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
fa864f9c2f rust: format mime files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
2cfcaec1b0 rust: format ldap files 
Ticket: 3836
 2026-05-23 18:01:39 +00:00
Philippe Antoine
64e7c671cc rust: format ftp files 
Ticket: 3836
 2026-05-23 18:01:38 +00:00
Philippe Antoine
f217e249cb rust: format ffi files 
Ticket: 3836
 2026-05-23 18:01:38 +00:00
Philippe Antoine
f7c14809f4 rust: format enip files 
Ticket: 3836
 2026-05-23 18:01:38 +00:00
Philippe Antoine
e526eb8e2b rust: format bittorrent_dht files 
Ticket: 3836
 2026-05-23 18:01:38 +00:00
Philippe Antoine
f5ac0e201c rust: format asn1 files 
Ticket: 3836
 2026-05-23 18:01:38 +00:00
Philippe Antoine
1ced97bdbb rust: format applayertemplate files 
Ticket: 3836
 2026-05-23 18:01:38 +00:00
Sergey Pinaev
d55114e6d7 detect-engine-analyzer: remove unnecessary check 
Always make sure, that smd is not NULL, as we dereference it a few
lines below and base64_data for instance is forbidden as a fast_pattern

Ticket: 8504
 2026-05-23 18:01:38 +00:00
Promise Charles
5c9602bcf2 suricata: add error about missing runmode 
If a runmode is missing but other params are passed on the commandline,
issue an error.

Ticket: #5711

Signed-off-by: Promise Charles <descencybobby@gmail.com>
 2026-05-23 18:01:37 +00:00
Jason Ish
57f76a2462 github-ci: update Fedora builds to Fedora 44
Some checks failed
builds / AlmaLinux 9 (no jansson) (push) Has been cancelled
Details
builds / AlmaLinux 9 (Minimal/Recommended Build) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (cocci) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (RUSTC+CARGO vars) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (unittests coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (unix socket mode coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket and dpdk coverage) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (pcap unix socket ASAN) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket IPS tests in namespaces) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (afpacket and dpdk live tests with ASAN) (push) Has been cancelled
Details
builds / Ubuntu 24.04 (fuzz corpus coverage) (push) Has been cancelled
Details
builds / Ubuntu 20.04 (-DNDEBUG) (push) Has been cancelled
Details
builds / Ubuntu 20.04 (unsupported rust) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Debug Validation) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Fuzz) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Netmap build) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (Minimal/Recommended Build) (push) Has been cancelled
Details
builds / Ubuntu 22.04 (DPDK Build) (push) Has been cancelled
Details
builds / Debian 12 (xdp) (push) Has been cancelled
Details
builds / Debian 13 (xdp) (push) Has been cancelled
Details
builds / Ubuntu 22.04 Dist Builder (push) Has been cancelled
Details
builds / Debian 12 MSRV (push) Has been cancelled
Details
builds / Debian 11 (push) Has been cancelled
Details
builds / MacOS Latest (push) Has been cancelled
Details
builds / FreeBSD 15.0 (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (NPcap) (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (libpcap) (push) Has been cancelled
Details
builds / Windows MSYS2 UCRT64 (libpcap) (push) Has been cancelled
Details
builds / Windows MSYS2 MINGW64 (WinDivert) (push) Has been cancelled
Details
builds / PF_RING (push) Has been cancelled
Details
2026-05-20 17:57:53 +00:00
Philippe Antoine
87db89ea4e fuzz: extend fuzz_siginit to do engine-rule-analysis 2026-05-20 17:57:52 +00:00
Philippe Antoine
efe3b16aac rust: feature debug in main crate enables feature debug in ffi 2026-05-20 17:57:52 +00:00
Philippe Antoine
5db471500c rust/ffi: remove altemplate plugin last dependency on suricata crate 
Ticket: 7666
 2026-05-20 17:57:52 +00:00
Philippe Antoine
b90adcc2bb rust/ffi: move AppLayerTxData to ffi 
Ticket: 7666
 2026-05-20 17:57:52 +00:00
Philippe Antoine
bce88dd83f rust: build depends on ffi/Cargo.toml.in 2026-05-20 17:57:52 +00:00
Philippe Antoine
0773fba5fd rust/ffi: move txdata flags to ffi 
Ticket: 7666
 2026-05-20 17:57:52 +00:00
Philippe Antoine
2525ea2e37 rust/ffi: move direction to ffi 
Ticket: 7666
 2026-05-20 17:57:52 +00:00
Philippe Antoine
5440e41314 rust/ffi: move debug validations macros to ffi 
Ticket: 7666
 2026-05-20 17:57:52 +00:00
Philippe Antoine
6dff07b631 detect/lua: remove unused macros
Some checks failed
builds / Ubuntu 24.04 (pcap unix socket ASAN) (push) Blocked by required conditions
Details
builds / Ubuntu 24.04 (afpacket IPS tests in namespaces) (push) Blocked by required conditions
Details
builds / Ubuntu 24.04 (afpacket and dpdk live tests with ASAN) (push) Blocked by required conditions
Details
builds / Ubuntu 24.04 (fuzz corpus coverage) (push) Blocked by required conditions
Details
builds / Ubuntu 20.04 (-DNDEBUG) (push) Blocked by required conditions
Details
builds / Ubuntu 20.04 (unsupported rust) (push) Blocked by required conditions
Details
builds / Ubuntu 22.04 (Debug Validation) (push) Blocked by required conditions
Details
builds / Ubuntu 22.04 (Fuzz) (push) Blocked by required conditions
Details
builds / Ubuntu 22.04 (Netmap build) (push) Blocked by required conditions
Details
builds / Ubuntu 22.04 (Minimal/Recommended Build) (push) Blocked by required conditions
Details
builds / Ubuntu 22.04 (DPDK Build) (push) Blocked by required conditions
Details
builds / Debian 12 (xdp) (push) Blocked by required conditions
Details
builds / Debian 13 (xdp) (push) Blocked by required conditions
Details
builds / Ubuntu 22.04 Dist Builder (push) Blocked by required conditions
Details
builds / Debian 12 MSRV (push) Blocked by required conditions
Details
builds / Debian 11 (push) Blocked by required conditions
Details
builds / MacOS Latest (push) Blocked by required conditions
Details
builds / FreeBSD 15.0 (push) Blocked by required conditions
Details
builds / Windows MSYS2 MINGW64 (NPcap) (push) Blocked by required conditions
Details
builds / Windows MSYS2 MINGW64 (libpcap) (push) Blocked by required conditions
Details
builds / Windows MSYS2 UCRT64 (libpcap) (push) Blocked by required conditions
Details
builds / Windows MSYS2 MINGW64 (WinDivert) (push) Blocked by required conditions
Details
builds / PF_RING (push) Blocked by required conditions
Details
CodeQL (Rust/C) / Analyze (push) Waiting to run
Details
Nix Env Build / tests (push) Waiting to run
Details
Scan-build / Scan-build (push) Waiting to run
Details
Scorecards supply-chain security / Scorecards analysis (push) Waiting to run
Details
docs / Prepare dependencies (push) Has been cancelled
Details
docs / Prepare cbindgen (push) Has been cancelled
Details
docs / Ubuntu 22.04 Dist Builder (push) Has been cancelled
Details
2026-05-19 19:37:20 +00:00
Andreas Dolp
2f972b6759 doc: improve manpage of suricatasc 
- describe all options
- describe optional socket path

Redmine ticket: #8563
 2026-05-19 19:37:20 +00:00
Victor Julien
95b7f2b998 scan-build: support taint filtering 
Support scan-build's taint filtering logic. Adds a yaml config to mark
a dedicated debug validation function as filtering a taint.

Use to suppress warnings in reference, threshold and classification file
handling.

Ticket: #3153.
 2026-05-19 17:57:46 +02:00
Victor Julien
fbaaa9dcae github-actions: update scan-build to clang-22 
Run it on Ubuntu 26.04.

Update enabled checkers.

Ticket: #3153.
 2026-05-19 17:57:46 +02:00
Victor Julien
524503b572 detect/prefilter: rewrite loop to assist scan-build 
Also address a theoretical edge case where memory allocation failure
could lead to overrunning the sids array.
 2026-05-19 17:57:46 +02:00
Victor Julien
e5650ebcbd scan-build: suppress more warnings 2026-05-19 17:57:46 +02:00
Victor Julien
02f6a4fd87 detect: work around scan-build warning 
detect-engine.c:2350:69: warning: Out of bound access to memory after the end of 'new_det_ctx' [security.ArrayBound]
 2350 |             FlowWorkerReplaceDetectCtx(SC_ATOMIC_GET(s->slot_data), new_det_ctx[i]);
      |                                                                     ^~~~~~~~~~~~~~
1 warning generated.
 2026-05-19 17:57:46 +02:00
Victor Julien
dc6696ac04 bpf: work around scan-build warning 
suricata.c:574:5: warning: Potential out of bound access to the heap area with tainted index [security.ArrayBound]
  574 |     bpf_filter[nm] = '\0';
      |     ^~~~~~~~~~~~~~
1 warning generated.
 2026-05-19 17:57:46 +02:00
Victor Julien
06dcb5aeb0 detect/flowbits: fix scan-build 0-size alloc warning 
detect-flowbits.c:761:29: warning: Call to 'calloc' has an allocation size of 0 bytes [optin.portability.UnixAPI]
  761 |                             SCCalloc(sids_array_size, sizeof(uint32_t));
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./util-mem.h:36:18: note: expanded from macro 'SCCalloc'
   36 | #define SCCalloc calloc
      |                  ^
1 warning generated.
 2026-05-19 17:57:46 +02:00
Victor Julien
0c9e17b454 detect/file.data: suppress scan-build false positive 2026-05-19 17:57:46 +02:00
Victor Julien
af937f61dc defrag: rearrange Frag struct to save 8 bytes 
Avoid large gaps in the layout.
 2026-05-19 17:57:46 +02:00
Victor Julien
9d693a72b6 stream: minor code cleanups 2026-05-19 17:57:46 +02:00
Victor Julien
24e7f3439e stream: don't double check pointer 
Checked right above it as well.
 2026-05-19 17:57:46 +02:00
Victor Julien
d17c0bf096 stream: remove error messages in the packet path 
Would only happen during allocation failure.
 2026-05-19 17:57:46 +02:00
Victor Julien
2bcebe5285 stream: avoid double memset 
Already done by StreamTcpThreadCacheGetSegment().
 2026-05-19 17:57:46 +02:00
Victor Julien
474788fd49 pool: remove InitData argument 
Only used in unittests.

Update Init callback and update callers.
 2026-05-19 17:57:46 +02:00
Victor Julien
dc05422769 defrag: remove pool Init callback 
Built-in callback does the same thing (memset).
 2026-05-19 17:57:46 +02:00