Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Next/20200928/v3 #5452

Merged
merged 5 commits into from
Sep 29, 2020
Merged

Next/20200928/v3 #5452

merged 5 commits into from
Sep 29, 2020

Conversation

victorjulien
Copy link
Member

#5449 #5437 #5426 #5423 #5422

PRScript output (if applicable): Passed

jasonish and others added 5 commits September 28, 2020 11:32
@jasonish @victorjulien
doc/userguide: add info about --set and lists
f70e1f5
@jlucovsky @victorjulien
log/anomaly: Move metadata out of anomaly section
bb71eac 
This commit moves the metadata from the anomaly object where it was
incorrectly located.
@catenacyber @victorjulien
fuzz: better configure checks for MSAN building
4f96371 
More compatible check for rust nightly
Checks for CARGO_BUILD_TARGET
Builds release or debug mode independently
@inashivb @victorjulien
dcerpc: fix gap handling
97c67cd 
This patch addresses issues discovered by redmine ticket 3896. With the
approach of finding latest record, there was a chance that no record was
found at all and consumed + needed became input length.

e.g.
input_len = 1000
input = 01 05 00 02 00 03 a5 56 00 00 .....

There exists no |05 00| identifier in the rest of the record. After
having parsed |05 00|, there was a search for another record with the
leftover data. Current data length at this point would be 997. Since the
identifier was not found in the data, we calculate the consumed bytes at
this point i.e. consumed = current_data.len() - 1 which would be 996.
Needed bytes still stay at a constant of 2. So, consumed + needed = 996
+ 2 = 998 which is lesser than initial input length of 1000 and hence
the assertion fails.

There could be two fixes to this problem.
1. Finding the latest record but making use of the last found record in
   case no new record was found.
2. Always use the earliest record.

This patch takes the approach (2). It also makes sure that the gap and
current direction are the same.
@catenacyber @victorjulien
applayer: fix a leak in protocol change
518e0e6 
TCPProtoDetect can either set f->alproto, change f->alstate
and return error.

When the original alstate gets freed, we shall set the pointer
to NULL, as it can get reused.
@victorjulien victorjulien requested review from jasonish, norg and a team as code owners September 29, 2020 12:20
@victorjulien victorjulien merged commit 518e0e6 into OISF:master Sep 29, 2020
This was referenced Sep 29, 2020
Closed
Closed
Closed
Closed
Closed
Closed
@victorjulien victorjulien deleted the next/20200928/v3 branch October 9, 2020 08:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

@norg norg Awaiting requested review from norg

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@victorjulien @jasonish @jlucovsky @catenacyber @inashivb