Integral/floating-point division/modulo by zero in C++ is undefined
behavior, so to prevent such cases in a script from crashing Bro,
they're now reported as an error (with script location information) and
the event handler in which it occurred returns immediately.
I added a better more concise and accurate description of what is going
on behind the scenes of detect-MHR.bro to not only bring it into line
with the Files framework but to help make it a bit more clear as to
where the various responsibilities lie.
Now that the MHR script uses the file analysis framework, the
description needed to be rewritten to reflect the changes. Robin
commented that he didn't feel the MHR script was a good introductory
script and he might be right, however, I couldn't find one that was
easier to explain.
But not really since the global dns_mgr should be equal to "this" while
in all the member funcs. Still, better that they always refer to their
own instance instead of the global one.
This should help on systems where the default shell (e.g. dash on
Ubuntu) fork-execs in order to run commands. In that case, we were
just killing the shell and the shell would exit without killing
the actual process corresponding to command that was requested.
Setting a process group for the shell exec'd from Bro and killing
by process group should help clean everything up since process group
will be inherited by any procs that shell fork-execs.
* origin/fastpath:
Add links to Intelligence Framework documentation
update mozilla root ca list
Update Mozilla root CA certs.
Update documentation of required packages
openssl-parsed string-value), one event for basicconstraints (is a certificate
a CA or not) and one event for subject-alternative-names (only DNS parts).
The EndData() doesn't make sense as part of the condition that implies
the state is such that it's not inside data. It might make sense as
part of an else block, but it also seems fine to unconditionally
EndData() like it currently does. That way unexpected states (mail !=
0) are dealt with sooner rather than later.
* origin/topic/bernhard/ticket1072:
and const 2 more functions
update hll documentation, make a few functions private and create a new copy constructor.
fix case where hll_error_margin could be undefined (thanks John)
BIT-1072 #merged
* origin/topic/dnthayer/compilerwarn:
Fix compiler warning (time_t is not a pointer type)
Fix cmake warning about ENABLE_PERFTOOLS not being used
Fix another compiler warning
Fix compiler warnings
BIT-1079 #merged
Make feedback available regarding whether adding a child analyzer fails
because one of the same type already exists (so one can avoid invalid
pointer access of a delete'd analyzer).
An unsized array already parses indefinitely. &until($element <= 0)
just causes nonsense code to be generated. I.e. checking a pointer that
can never even be null against <= 0. And the compare would happen after
delete'ing the pointer, making it even odder (though still benign).
the ssl-analyzer and the topic/bernhard/x509 branch.
Simply prints information about the encountered certificates (I have
not yet my mind up, what I will log...).
Next step: extensions...
Coverity claimed a mismatched iterator here. Don't think it was, but
this might make it either go away or make its insane template output
understandable. Else at least it makes the code more readable.
Now that functions get unref'd in the val dtor in order to free mem of
unserialized functions, it's important to ref a function when creating a
val from a pre-existing function so it's not prematurely free'd.
