Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
18321 commits 387 branches 195 tags 255 MiB
Commit graph

18321 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tim Wojtulewicz
8596671dd5 Fix invalid-read in FTP analyzer's parse_port method 2025-05-20 10:58:32 -07:00
Arne Welzel
906b91dca8 Merge remote-tracking branch 'origin/topic/vern/http-sqli-replacement' 
* origin/topic/vern/http-sqli-replacement:
  site/local: Switch to detect-sql-injection
  Add a revised script for detecting HTTP SQL injection, deprecate original
 2025-05-20 16:26:13 +02:00
Arne Welzel
c687a24503 site/local: Switch to detect-sql-injection 2025-05-20 16:24:28 +02:00
Vern Paxson
dcd14f7a16 Add a revised script for detecting HTTP SQL injection, deprecate original 2025-05-20 16:24:20 +02:00
zeek-bot
a694781bad Update doc submodule [nomail] [skip ci] 2025-05-20 00:25:51 +00:00
Tim Wojtulewicz
ddeecabc1e Merge remote-tracking branch 'origin/topic/awelzel/event-trace-fix-operator-equals' 
* origin/topic/awelzel/event-trace-fix-operator-equals:
  EventTrace: Fix operator==() UBSAN downcast error
 2025-05-19 12:33:08 -07:00
Arne Welzel
1ed38e7342 EventTrace: Fix operator==() UBSAN downcast error 
New test triggered the following error:

    runtime error: downcast of address 0x57021a323ea0 which does not point to an object of type 'const FileVal' 0x57021a323ea0: note: object is of type 'zeek::FuncVal'
 2025-05-19 20:48:18 +02:00
Christian Kreibich
fdecfba6b4 Merge branch 'smoot-improve-from_json' of github.com:/stevesmoot/zeek 
* 'smoot-improve-from_json' of github.com:/stevesmoot/zeek:
  update baseline for zam
  Update src/zeek.bif
  Change from_json to return an error rather than print it.
 2025-05-19 11:06:29 -07:00
Arne Welzel
eb15997cc3 Merge remote-tracking branch 'origin/topic/awelzel/event-trace-mgr-destructor-fclose' 
* origin/topic/awelzel/event-trace-mgr-destructor-fclose:
  btest/core: Add event-trace test
  zeek-setup: Free event_trace_mgr after generating trace
  EventTraceMgr: Rename etm to event_trace_mgr
  EventTraceMgr: Move fclose() to destructor
 2025-05-19 20:02:12 +02:00
Tim Wojtulewicz
e21fb9c9c7 Update cmake submodule 2025-05-19 10:54:10 -07:00
Tim Wojtulewicz
cc79afd24f Merge remote-tracking branch 'origin/topic/timw/include-cleanup-part-2' 
* origin/topic/timw/include-cleanup-part-2:
  Remove unnecessary #includes in script_opt
  Remove unnecessary #includes in telemetry and supervisor
  Remove unnecessary #includes in cluster/broker/iosource/probabilistic/session
  Remove unnecessary #includes in zeekygen and base plugin files
  Remove unnecessary #includes in input/logging/threading
  Remove unnecessary #includes in analyzer/packet analyzer/file analyzer source files
  Remove unnecessary #includes in analyzer/packet analyzer/file analyzer headers
  Remove unnecessary #includes in base files in repo
 2025-05-19 10:26:05 -07:00
Tim Wojtulewicz
12356a6393 Remove unnecessary #includes in script_opt 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
0e47fa10c6 Remove unnecessary #includes in telemetry and supervisor 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
8b992320cb Remove unnecessary #includes in cluster/broker/iosource/probabilistic/session 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
17101da6b3 Remove unnecessary #includes in zeekygen and base plugin files 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
e3c4b1fd58 Remove unnecessary #includes in input/logging/threading 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
79301c4691 Remove unnecessary #includes in analyzer/packet analyzer/file analyzer source files 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
456c1fa42c Remove unnecessary #includes in analyzer/packet analyzer/file analyzer headers 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
896e41c794 Remove unnecessary #includes in base files in repo 2025-05-19 09:50:23 -07:00
Tim Wojtulewicz
224be5a951 Merge remote-tracking branch 'origin/topic/timw/rename-ci-github-labels' 
* origin/topic/timw/rename-ci-github-labels:
  Rename CI-related github labels for PRs
 2025-05-19 09:44:10 -07:00
Tim Wojtulewicz
e72572bf32 Rename CI-related github labels for PRs 2025-05-19 09:41:27 -07:00
Arne Welzel
000cc50813 btest/core: Add event-trace test 2025-05-19 18:23:08 +02:00
Arne Welzel
eeb08f6ba8 zeek-setup: Free event_trace_mgr after generating trace 
While it'd be destructed due to being a global unique_ptr, force
it to happen right after generating the trace.
 2025-05-19 18:10:36 +02:00
Arne Welzel
5bcf6bec52 EventTraceMgr: Rename etm to event_trace_mgr 
Mostly to avoid having new maintainers/developers knowing about yet
another abbreviation.
 2025-05-19 18:10:36 +02:00
Arne Welzel
1465e390a2 EventTraceMgr: Move fclose() to destructor 
Coverity complains about a missing fclose() in a non-existing
destructor. Also sprinkle in a strerror() call for fopen() to
provide a bit of a hint what might have gone wrong.
 2025-05-19 18:10:32 +02:00
zeek-bot
bf30cf7997 Update doc submodule [nomail] [skip ci] 2025-05-17 00:27:23 +00:00
Tim Wojtulewicz
9683e88795 Merge remote-tracking branch 'origin/topic/timw/include-cleanup-part-1' 
* origin/topic/timw/include-cleanup-part-1:
  Remove including <cinttypes> from util.h
  Remove telemetry #includes from OpaqueVal.h
  Reduce includes in plugin/Component.h
  Remove zeek/Stats.h include from NetVar.h
  Include StmtBase/StmtEnums in Func.h instead of Stmt.h
  Use modern names for standard headers
  Remove fix for CentOS 7 from TCP_Flags.h
  Fix usage of std::string in http analyzer
  Reorder top section of net_util.h to batch includes together
  Use quotes instead of <> for zeek includes
  Fix Obj.h include in IntrusivePtr.h to have full path
 2025-05-16 10:27:46 -07:00
Tim Wojtulewicz
e618d00326 Remove including <cinttypes> from util.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
174bf09d77 Remove telemetry #includes from OpaqueVal.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
c659592773 Reduce includes in plugin/Component.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
ff9f0f7a5c Remove zeek/Stats.h include from NetVar.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
ca3002d745 Include StmtBase/StmtEnums in Func.h instead of Stmt.h 
This requires changes in lots of other files that were depending on Func.h
to provide that include for them.
 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
ad50443590 Use modern names for standard headers 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
4b2ed67eaf Remove fix for CentOS 7 from TCP_Flags.h 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
3197bb7f59 Fix usage of std::string in http analyzer 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
661b230f23 Reorder top section of net_util.h to batch includes together 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
648f0f0623 Use quotes instead of <> for zeek includes 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
499db5dd70 Fix Obj.h include in IntrusivePtr.h to have full path 2025-05-16 10:14:36 -07:00
Arne Welzel
4691e2c51b Merge remote-tracking branch 'origin/topic/vern/event-trace-on-exit' 
* origin/topic/vern/event-trace-on-exit:
  Generate --event-trace output explicitly rather than in EventTraceMgr destructor
 2025-05-16 13:40:04 +02:00
Vern Paxson
f5c1a32d8d Generate --event-trace output explicitly rather than in EventTraceMgr destructor 2025-05-15 13:00:17 -07:00
Tim Wojtulewicz
6833088cde Merge remote-tracking branch 'origin/topic/timw/disallow-blind-searching-for-krb5-on-macos' 
* origin/topic/timw/disallow-blind-searching-for-krb5-on-macos:
  Require non-system version of libkrb5 on macOS
 2025-05-15 12:15:57 -07:00
Tim Wojtulewicz
663281e05f Require non-system version of libkrb5 on macOS 2025-05-15 11:24:51 -07:00
Arne Welzel
e40aac30f4 Merge remote-tracking branch 'origin/topic/awelzel/bump-ixwebsocket-11.4.6' 
* origin/topic/awelzel/bump-ixwebsocket-11.4.6:
  IXWebSocket: Point at upstream, bump to v11.4.6
 2025-05-15 16:44:30 +02:00
Arne Welzel
4911d34a1d IXWebSocket: Point at upstream, bump to v11.4.6 2025-05-15 16:37:09 +02:00
Johanna Amann
9d3e39581e Merge branch 'topic/jgras/pop3-stls-dpd' of https://github.com/J-Gras/zeek 
* 'topic/jgras/pop3-stls-dpd' of https://github.com/J-Gras/zeek:
  Add STLS command to POP3 DPD signature
 2025-05-15 10:23:43 +01:00
zeek-bot
adc0937bf5 Update doc submodule [nomail] [skip ci] 2025-05-15 00:14:11 +00:00
Jan Grashoefer
84cc4b890d Add STLS command to POP3 DPD signature 2025-05-14 16:37:25 +02:00
zeek-bot
734fd62325 Update doc submodule [nomail] [skip ci] 2025-05-14 00:15:11 +00:00
Arne Welzel
2255fa23b8 Merge remote-tracking branch 'origin/topic/vern/zam-aggr-change-in-loop' 
* origin/topic/vern/zam-aggr-change-in-loop:
  fix for ZAM optimization when an aggregate is modified inside of a loop
 2025-05-13 19:50:56 +02:00
Tim Wojtulewicz
5aa6734042 Merge remote-tracking branch 'origin/topic/timw/allow-macos-libkrb5' 
* origin/topic/timw/allow-macos-libkrb5:
  Allow macOS to search for libkrb5, but disallow system version of library
 2025-05-13 10:03:55 -07:00