Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 10:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
16055 commits 388 branches 195 tags 265 MiB
Commit graph

16055 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vern Paxson
a725cfa9e3 C++ compilation support for 2-valued vector "for" loops 2022-09-16 16:45:09 -07:00
Vern Paxson
7b8d92b4f6 C++ compilation support for RE /s operator 2022-09-16 16:44:00 -07:00
Vern Paxson
5c6801131f run-time checking of vector operations for overflows and division-by-zero 2022-09-16 16:43:12 -07:00
Vern Paxson
abd75932a2 error propagation fix to avoid a crash 2022-09-16 16:37:56 -07:00
Vern Paxson
6e84a1da57 updates to ZAM btest baselines 2022-09-16 10:06:57 -07:00
Vern Paxson
048e524fbf specialized ZAM operators for speeding up cat() operations 2022-09-16 09:45:05 -07:00
Vern Paxson
5fe4eb27a8 ZAM support for two-valued "for" loops over vectors 2022-09-16 09:40:39 -07:00
Vern Paxson
02cd773c51 make it non-fatal for optimized scripts to encounter an empty "for" body 2022-09-16 09:38:31 -07:00
Vern Paxson
ee28609e74 script optimization fix for new-style table constructors 2022-09-16 09:37:17 -07:00
Tim Wojtulewicz
5389ad69f8 Merge remote-tracking branch 'origin/topic/timw/2397-next-not-forward' 
* origin/topic/timw/2397-next-not-forward:
  Use NextStream instead of ForwardStream in fuzzers
 2022-09-15 11:12:08 -04:00
Tim Wojtulewicz
650d5a4c5e Use NextStream instead of ForwardStream in fuzzers 2022-09-14 08:28:46 -04:00
Tim Wojtulewicz
3af272b6d3 Merge remote-tracking branch 'origin/topic/bbannier/bump-spicy-plugin' 
* origin/topic/bbannier/bump-spicy-plugin:
  Bump spicy-plugin to v1.3.18.
 2022-09-13 08:09:56 -04:00
Benjamin Bannier
3fcc4cf457 Bump spicy-plugin to v1.3.18. 2022-09-12 18:43:57 +02:00
Tim Wojtulewicz
b6512e82c5 Merge remote-tracking branch 'origin/topic/timw/update-3rdparty' 
* origin/topic/timw/update-3rdparty:
  Update 3rdparty submodule
 2022-09-09 14:14:59 -07:00
Tim Wojtulewicz
eea023e9b4 Update 3rdparty submodule 2022-09-09 20:41:44 +00:00
Tim Wojtulewicz
7c8b6a42bc Merge remote-tracking branch 'origin/topic/timw/update-freebsd-ci-tasks' 
* origin/topic/timw/update-freebsd-ci-tasks:
  CI: remove FreeBSD 13.0, update FreeBSD 12 to 12.3
 2022-09-09 09:37:59 -07:00
Tim Wojtulewicz
5b0d20b565 CI: remove FreeBSD 13.0, update FreeBSD 12 to 12.3 2022-09-08 10:13:09 -07:00
zeek-bot
015abc2f6f Update doc submodule [nomail] [skip ci] 2022-09-08 00:43:25 +00:00
Robin Sommer
627b97c8ff Merge remote-tracking branch 'origin/topic/awelzel/2289-at-if-else-if-no-way' 
* origin/topic/awelzel/2289-at-if-else-if-no-way:
  parse.y/directives: Reject directives as statements
 2022-09-07 14:33:15 +02:00
Robin Sommer
a60d569f7b Merge remote-tracking branch 'origin/topic/awelzel/dpd-analyzer-merger' 
* origin/topic/awelzel/dpd-analyzer-merger:
  analyzer/dpd: Address review comments
  Remove @load base/frameworks/dpd from tests
  frameworks/dpd: Move to frameworks/analyzer/dpd, load by default
  scripts/dce-rpc,ntlm: Do not load base/frameworks/dpd
  btest: Remove unnecessary loading of frameworks/dpd
 2022-09-07 14:30:28 +02:00
Tim Wojtulewicz
7cc876d84a Merge remote-tracking branch 'origin/topic/timw/2338-signature-eval-unused' 
* origin/topic/timw/2338-signature-eval-unused:
  Add is_used attribute to an ID if used in a signature eval statement
 2022-09-06 07:44:34 -07:00
Arne Welzel
4aaebf613e analyzer/dpd: Address review comments 
* word-smith deprecation message
* do not load scripts/base/analyzer in segment logging policy script
 2022-09-06 14:32:10 +02:00
zeek-bot
875e81883c Update doc submodule [nomail] [skip ci] 2022-09-04 00:45:50 +00:00
AmazingPP
970f45d686 Replace all the Warning() calls after IsFieldDeprecated() over to Warn() 2022-09-03 19:15:47 +08:00
AmazingPP
997d3ed126 Fix deprecation not flagged and incorrect line number in record 2022-09-03 10:36:01 +08:00
Christian Kreibich
0cce283086 Merge branch 'topic/christian/supervisor-pre-user-scripts' 
* topic/christian/supervisor-pre-user-scripts:
  Update Management framework to new Supervisor::NodeConfig script fields
  Suppress deprecation warnings for the Supervisor's own NodeConfig::script access
  Expand Supervisor to support loading additional scripts before user scripts
 2022-09-02 14:11:08 -07:00
Christian Kreibich
feefdf02b1 Updating CHANGES and VERSION. 2022-09-02 13:57:26 -07:00
Christian Kreibich
e73b561dca Update Management framework to new Supervisor::NodeConfig script fields 2022-09-02 12:12:19 -07:00
Christian Kreibich
412c150c63 Suppress deprecation warnings for the Supervisor's own NodeConfig::script access 
These spots involve our own usage of the deprecated "scripts" field, required to
keep the deprecation functional.
 2022-09-02 12:12:19 -07:00
Christian Kreibich
c7860e3238 Expand Supervisor to support loading additional scripts before user scripts 
In supervised nodes, the Supervisor's NodeConfig$scripts vector adds scripts to
the end of the user-provided scripts (options.scripts_to_load), so they load
_after_ any user-provided ones. This can cause confusing redef pitfalls when
users expect their customizations to run last, as they normally do.

This adds two members in Supervisor::NodeConfig, `addl_base_scripts` and
`addl_user_scripts`, to store scripts to load before and after the user scripts,
respectively. The latter serves the same purpose as the old `scripts` member,
which is still there but deprecated (in scriptland only). It functions as
before, after any scripts added via `addl_user_scripts`.
 2022-09-02 10:23:35 -07:00
zeek-bot
61c001a57e Update doc submodule [nomail] [skip ci] 2022-09-01 00:52:02 +00:00
Tim Wojtulewicz
4ed0acb006 Fix warning in modbus analyzer 
This was introduced in 8d7a156109
 2022-08-31 23:46:35 +00:00
Tim Wojtulewicz
0a0dd7143b Add is_used attribute to an ID if used in a signature eval statement 2022-08-31 14:58:23 -07:00
Christian Kreibich
a726418d38 Merge branch 'topic/awelzel/cluster-telemetry-defaults' 
* topic/awelzel/cluster-telemetry-defaults:
  telemetry: Use dynamic metrics port, remove broker topic mentioning from NEWS entry
  telemetry: In a cluster, open port 9911 for Prometheus by default
 2022-08-31 10:53:47 -07:00
Tim Wojtulewicz
9ccbf9063a Merge remote-tracking branch 'origin/topic/awelzel/topic/to-port-empty-string' 
* origin/topic/awelzel/topic/to-port-empty-string:
  bifs/to_port: Avoid ASAN errors when calling to_port("")
 2022-08-31 08:17:04 -07:00
Arne Welzel
c89be2a13b bifs/to_port: Avoid ASAN errors when calling to_port("") 
Ran into this when using to_port(getenv(...)) for an undefined/empty
environment variable. ASAN doesn't like that the slash variable ends
up being access behind the string.
 2022-08-31 17:15:50 +02:00
Arne Welzel
654fd9c7da Remove @load base/frameworks/dpd from tests 
Now that it's loaded in bare mode, no need to load it explicitly.

The main thing that tests were relying on seems to be tracking of
c$service for conn.log baselines. Very few were actually checking
for dpd.log
 2022-08-31 17:00:55 +02:00
Arne Welzel
9e7f2a04c1 frameworks/dpd: Move to frameworks/analyzer/dpd, load by default 
* Because frameworks/analyzer is loaded via init-frameworks-and-bifs the
  dpd functionality (really just dpd.log and disabling of analyzers) is
  now enabled even in bare mode.
* Not sure we need to keep frameworks/base/dpd/__load__.zeek around
  or can just remove it right away.
 2022-08-31 16:50:47 +02:00
Arne Welzel
b60a4e3a1f scripts/dce-rpc,ntlm: Do not load base/frameworks/dpd 
DPD will work without loading this explicitly and these are the only
scripts that do load it explicitly.
 2022-08-31 16:50:37 +02:00
Arne Welzel
b2d33db3d9 btest: Remove unnecessary loading of frameworks/dpd 
These tests do not test conn.log or dpd.log, so they don't actually
need to @load dpd - dynamic-protocol-detection is enabled anyway.
 2022-08-31 16:50:37 +02:00
zeek-bot
e580a8b356 Update doc submodule [nomail] [skip ci] 2022-08-31 00:44:58 +00:00
Arne Welzel
65b31c525d telemetry: Use dynamic metrics port, remove broker topic mentioning from NEWS entry 2022-08-30 11:20:14 +02:00
Tim Wojtulewicz
28f6705e06 Merge remote-tracking branch 'origin/topic/timw/2382-string-cat-type-check' 
* origin/topic/timw/2382-string-cat-type-check:
  Add type checking to string_cat arguments
 2022-08-29 09:27:05 -07:00
Tim Wojtulewicz
ed4521af60 Add type checking to string_cat arguments 2022-08-29 08:45:59 -07:00
Tim Wojtulewicz
686eb54f95 Merge remote-tracking branch 'origin/topic/awelzel/gtpv1-no-protocol-detection' 
* origin/topic/awelzel/gtpv1-no-protocol-detection:
  gtpv1: Do not register for protocol detection
 2022-08-26 14:49:54 -07:00
Tim Wojtulewicz
d3e95c938f Merge remote-tracking branch 'origin/topic/timw/generic-fuzzer' 
* origin/topic/timw/generic-fuzzer:
  Move fuzzer corpus files to another directory
  Add a way to create generic fuzzers without creating new files
 2022-08-26 14:36:13 -07:00
Tim Wojtulewicz
d8b31de1a2 Move fuzzer corpus files to another directory 2022-08-26 13:51:30 -07:00
Tim Wojtulewicz
52431bc55c Add a way to create generic fuzzers without creating new files 2022-08-26 13:51:30 -07:00
Tim Wojtulewicz
b9f63173bc Check for valid ip_hdr length before trying to make a Val out of it 2022-08-26 13:39:29 -07:00
Tim Wojtulewicz
8d7a156109 Fix potential overflow in modbus analyzer's bytestring_to_coils 2022-08-26 10:59:59 -07:00