next/682/20250108/v1 #12358
Merged
next/682/20250108/v1 #12358
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Issue: 7466 This commit releases the memory for the flow variable "key" when the flow variable is of type string. The key is allocated in the Lua extension logic.
So we get: 1. request arrives - buffered due to not ackd 2. response arrives, acks request - request is now parsed, response isn't 3. ack for response, response parsed. Then detect runs for request, generates alert. We now have 2 txs. txid will be 0 from AppLayerParserGetTransactionInspectId But txid 1 is unidirectional in the other way, so we can use txid 0 metadata for logging Ticket: 7449
Even if they get defined
to make scan-build happy avoiding its warning : Excessive padding in 'struct DetectEngineThreadCtx_' (33 padding bytes, where 1 is optimal)
to avoid timeouts instead of forbidding pcre signatures on stream Ticket: 4858
instead of a global variable. For easier initialization with dynamic number of protocols
for expectation_proto Ticket: 5053
for alproto_names Ticket: 5053
Ticket: 5053
so that we can use safely EXCEPTION_POLICY_MAX*sizeof(x)
Ticket: 5053 delay after initialization so that StringToAppProto works
Ticket: 5053
Ticket: 7465 If a bug chunk of data is parsed in one go, we could create many transactions even if marking them as complete, and have quadratic complexity calling find_request. Proposed solution is to fail on creating a new transaction if too many already exist.
victorjulien
requested review from
jasonish,
jufajardini and
a team
as code owners
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #12358 +/- ##
==========================================
- Coverage 83.23% 82.54% -0.69%
==========================================
Files 912 912
Lines 257647 258028 +381
==========================================
- Hits 214450 212988 -1462
- Misses 43197 45040 +1843
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
Information: QA ran without warnings. Pipeline 24124 |
This was referenced Jan 9, 2025
This was referenced Jan 9, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Staging:
SV_BRANCH=OISF/suricata-verify#2221