Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
8913 commits 387 branches 195 tags 255 MiB
Commit graph

8913 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Hall
22e89bdc70 Fix hello world script in the readme. 2019-07-31 14:43:18 -04:00
Seth Hall
8b6a517c00 Fixes a tiny Bro->Zeek renaming issue 2019-07-31 14:17:46 -04:00
Jon Siwek
851a11086d Merge remote-tracking branch 'origin/topic/seth/506-fix-ntp-analyzer-fields-missing' 
* origin/topic/seth/506-fix-ntp-analyzer-fields-missing:
  Tiny tweaks to try and address ticket #506
 2019-07-31 10:45:25 -07:00
Seth Hall
7626344122 Tiny tweaks to try and address ticket #506 2019-07-31 11:17:53 -04:00
Jon Siwek
d1770853b3 Merge remote-tracking branch 'origin/topic/dev/non-ascii-logging' 
* origin/topic/dev/non-ascii-logging:
  Removed Policy Script for UTF-8 Logs
  Commented out UTF-8 Script in Test All Policy
  Minor Style Tweak
  Use getNumBytesForUTF8 method to determine number of bytes
  Added Jon's test cases as unit tests
  Prioritizes escaping predefined Escape Sequences over Unescaping UTF-8 Sequences
  Added additional check to confirm anything unescaping is a multibyte UTF-8 sequence, addressing the test case Jon brought up
  Added optional script and redef bool to enable utf-8 in ASCII logs
  Initial Commit, removed std::isprint check to escape

Made minor code format and logic adjustments during merge.
 2019-07-30 19:42:34 -07:00
Dev Bali
da5a0e800e Removed Policy Script for UTF-8 Logs 2019-07-30 11:19:06 -07:00
Robin Sommer
bae60aee31 Merge remote-tracking branch 'origin/topic/jsiwek/fix-expire-func-leaks' 
* origin/topic/jsiwek/fix-expire-func-leaks:
  Fix memory leaks in expire_func introduced by recent changes
 2019-07-30 18:12:58 +00:00
Jon Siwek
db9f81a890 Merge branch 'topic/jsbarber/rexmit-patch' of https://github.com/jsbarber/zeek 
* 'topic/jsbarber/rexmit-patch' of https://github.com/jsbarber/zeek:
  Duplicate TCP segment should trigger tcp_multiple_retransmissions
 2019-07-29 20:16:48 -07:00
Jon Siwek
1b7aa2dbd3 Updating submodule(s). 
[nomail]
 2019-07-29 20:10:58 -07:00
Robin Sommer
874ffc82b0 Merge remote-tracking branch 'origin/topic/johanna/3rdparty-licenses' 
I prefixed the software names with '%%%' to make them easier to find
in the file.

* origin/topic/johanna/3rdparty-licenses:
  Add a license file with all third party software licenses.
 2019-07-30 02:48:10 +00:00
Robin Sommer
13c373086d Merge remote-tracking branch 'origin/topic/zeke/closures' 2019-07-30 02:32:34 +00:00
Jon Siwek
01611177f7 Fix memory leaks in expire_func introduced by recent changes 2019-07-29 18:07:35 -07:00
Dev Bali
bbc3cb0d49 Commented out UTF-8 Script in Test All Policy 2019-07-29 16:47:20 -07:00
Dev Bali
3d10ba3515 Minor Style Tweak 2019-07-29 14:50:57 -07:00
Seth Hall
1a7f14dab0 Updating docs submodule pointer. 2019-07-29 16:15:54 -04:00
Seth Hall
38a7dcd701 Merge branch 'mauropalumbo75-smb2-set-info-ext' 2019-07-29 16:13:08 -04:00
Seth Hall
9931b07fae Fix some whitespace issues 2019-07-29 16:00:34 -04:00
Dev Bali
c59a7279f0 Use getNumBytesForUTF8 method to determine number of bytes 2019-07-29 12:55:24 -07:00
Seth Hall
e2596b1c64 Merge branch 'smb2-set-info-ext' of git://github.com/mauropalumbo75/zeek into mauropalumbo75-smb2-set-info-ext 2019-07-29 15:44:13 -04:00
Johanna Amann
7f5d76b2c3 Update submodule 
[nomail]
 2019-07-29 10:22:38 -07:00
Johanna Amann
95ce177682 Merge remote-tracking branch 'origin/topic/jsiwek/gh-488-new-versioning' 
* origin/topic/jsiwek/gh-488-new-versioning:
  Add release branches to Travis CI whitelist
  GH-488: teach the Version module to parse new version scheme
 2019-07-29 10:02:00 -07:00
Johanna Amann
02f19f7420 Merge remote-tracking branch 'origin/topic/jsiwek/gh-491-vector-of-enum-ctor' 
* origin/topic/jsiwek/gh-491-vector-of-enum-ctor:
  Improve type inference for vector-of-enum constructor
 2019-07-29 09:30:04 -07:00
Johanna Amann
486bf1e713 Merge remote-tracking branch 'origin/topic/timw/cleaner-utf8' 
* origin/topic/timw/cleaner-utf8:
  GHI-486: Switch over to using LLVM utf8-checking code to better validate characters

I addressed a buffer over-read during the merge and added test-cases for
it.
 2019-07-29 09:25:25 -07:00
Johanna Amann
838e0b2848 Update submodule 
[nomail]
 2019-07-29 09:07:12 -07:00
Johanna Amann
dfc97f1572 Merge remote-tracking branch 'origin/topic/jsiwek/ub-fixes' 
* origin/topic/jsiwek/ub-fixes:
  Fix undefined behavior via casting file analyzers to protocol analyzers
  Fix undefined behavior via hrw_weight BIF signed int overflow
  Fix undefined behavior via invalid TCP analyzer cast
 2019-07-29 08:58:31 -07:00
Johanna Amann
943aeefdf2 Merge remote-tracking branch 'origin/topic/jsiwek/gh-485-missing-dhcp-mac' 
* origin/topic/jsiwek/gh-485-missing-dhcp-mac:
  GH-485: fix cases where DHCP log omits MAC field
 2019-07-29 08:57:07 -07:00
Jeff Barber
4336de6651 Duplicate TCP segment should trigger tcp_multiple_retransmissions 2019-07-28 15:15:40 -06:00
Jon Siwek
8cf9c41c12 GH-485: fix cases where DHCP log omits MAC field 
The field is populated in this order of preference:

  (1) Use a client-identifier option sent by client
  (2) Use the server's CHADDR field
  (3) Use the client's CHADDR field

Case (3) did not exist before this patch.
 2019-07-26 20:05:15 -07:00
Jon Siwek
4d0e9491bc Fix undefined behavior via casting file analyzers to protocol analyzers 
When generating some events for PE and X509 file analyzers, there's
an invalid cast from file_analysis::Analyzer to analyzer::Analyzer
and subsequent invalid member access via analyzer::Analyzer::GetID()
called on what is really a pointer to a file analyzer.
 2019-07-26 18:39:36 -07:00
Jon Siwek
3de730957f Fix undefined behavior via hrw_weight BIF signed int overflow 2019-07-26 18:25:11 -07:00
Jon Siwek
2e9f6bec76 Fix undefined behavior via invalid TCP analyzer cast 
A connection's root analyzer isn't necessarily TCP and an unchecked
C-style cast is undefined behavior in those cases.
 2019-07-26 18:17:44 -07:00
Jon Siwek
0f5082585d Updating submodule(s). 
[nomail]
 2019-07-26 16:16:23 -07:00
Jon Siwek
70aa886806 Improve type inference for vector-of-enum constructor 2019-07-25 23:27:47 -07:00
Jon Siwek
a60c128d7c Add release branches to Travis CI whitelist 2019-07-25 23:18:05 -07:00
Jon Siwek
94d470c158 GH-488: teach the Version module to parse new version scheme 
Such as the new -rc format for release candidates (replacing "beta") and
-dev.X for development versions in the master branch.
 2019-07-25 23:05:06 -07:00
Zeke Medley
dc6a849cf5 add a leak test 2019-07-25 13:18:53 -07:00
Zeke Medley
e6464dae79 fix bug in serialization test 2019-07-25 11:53:16 -07:00
Zeke Medley
bdc8e0e6c4 Merge branch 'master' of https://github.com/zeek/zeek into topic/robin/closures-merge 2019-07-25 11:23:40 -07:00
Zeke Medley
cef94832f1 Frame merge and cleanup for merge. 2019-07-25 11:19:17 -07:00
Tim Wojtulewicz
ad19f1e1bb GHI-486: Switch over to using LLVM utf8-checking code to better validate characters 2019-07-24 10:58:00 -07:00
Dev Bali
6fcb23066d Added Jon's test cases as unit tests 2019-07-23 11:59:33 -07:00
Dev Bali
3efbea0b84 Prioritizes escaping predefined Escape Sequences over Unescaping UTF-8 Sequences 2019-07-23 11:59:33 -07:00
Dev Bali
d6bcdfce52 Added additional check to confirm anything unescaping is a multibyte UTF-8 sequence, addressing the test case Jon brought up 2019-07-23 11:59:33 -07:00
Dev Bali
66557d3178 Added optional script and redef bool to enable utf-8 in ASCII logs 2019-07-23 11:59:33 -07:00
System Administrator
6927dd1213 Initial Commit, removed std::isprint check to escape 2019-07-23 11:59:33 -07:00
Jon Siwek
9698d8d7cc Remove --disable-perftools from coverity builds 2019-07-23 09:38:16 -07:00
Johanna Amann
42e94d1ce2 Update submodule 
[nomail]
 2019-07-22 14:14:29 -07:00
Johanna Amann
b289a9a824 Add a license file with all third party software licenses. 
This makes it more obvious which third party software we ship together
with Zeek and what license terms one has to abide to.
 2019-07-22 14:10:57 -07:00
Johanna Amann
ff4845aa80 Merge branch 'master' of github.com:zeek/zeek 2019-07-22 12:46:21 -07:00
Johanna Amann
3159577821 Merge remote-tracking branch 'origin/topic/zeke/expire-func' 
* origin/topic/zeke/expire-func:
  Ignore abs-path in test.
  Report argument # type check failed on.
  Update test baseline.
  Improve func arg type checking.
  &expire_func(table, arg1, arg2, ...) + type checking.
 2019-07-22 12:44:55 -07:00