Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 23:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
11634 commits 384 branches 195 tags 258 MiB
Commit graph

11634 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tim Wojtulewicz
56c1eea5d3 Remove the entire auxil directory from the results 2020-10-23 19:44:51 +00:00
Jon Siwek
06191390c3 Merge remote-tracking branch 'origin/topic/jsiwek/gh-251-revert-absolute-value-coercion' 
* origin/topic/jsiwek/gh-251-revert-absolute-value-coercion:
  GH-251 (revert): remove coercion-to-signed-integer for |x| expressions
 2020-10-23 12:26:07 -07:00
Jon Siwek
73c1af838c GH-251 (revert): remove coercion-to-signed-integer for |x| expressions 
For `|x|`, where `x` is an expression with an integral result, an
implicit coercion of that result into signed `int` type no longer takes
place.

This was actually the behavior before Zeek 3.0 as well, but the attempt
to prevent mistakes that easily result from integer literals in Zeek
being unsigned like `|5 - 9|` causing an overflow/wraparound and
yielding a very large number is not generally consistent since overflows
are still generally able to happen in other ways and also in other
contexts besides just absolute-values.  So the preference was to revert
to a behavior that favors consistency.  For reference, see
https://github.com/zeek/zeek/pull/251#issuecomment-713956976
 2020-10-22 17:41:53 -07:00
zeek-bot
eec55a2143 Update doc submodule [nomail] [skip ci] 2020-10-23 00:37:11 +00:00
Seth Hall
22ef67888c Merge branch 'topic/seth/more-ignore-checksum-options' 
* topic/seth/more-ignore-checksum-options:
  Fixing how I define const on the Contains method.
  Screwed up a change.
  Changes in response to Johanna's code review.
  Fixed a bug with ICMP checksum validation
  Fixing a test
  Accidentally missed a change.
  Add an option to ignore packets sourced from particular subnets.
 2020-10-22 16:01:34 -04:00
Seth Hall
64fde758c1 Fixing how I define const on the Contains method. 
One day I'll actually learn c++!
 2020-10-22 13:30:30 -04:00
Seth Hall
61ede5db2f Screwed up a change. 2020-10-22 13:30:30 -04:00
Seth Hall
56e234a762 Changes in response to Johanna's code review. 2020-10-22 13:30:30 -04:00
Seth Hall
2f05318a08 Fixed a bug with ICMP checksum validation 2020-10-22 13:30:30 -04:00
Seth Hall
fe94249ad3 Fixing a test 2020-10-22 13:30:30 -04:00
Seth Hall
69bbcfedb3 Accidentally missed a change. 2020-10-22 13:23:10 -04:00
Seth Hall
552a24e07c Add an option to ignore packets sourced from particular subnets. 
It's implemented with a new set[subnet] option named ignore_checksums_nets.

If you populate this set with subnets, any packet with a src address within
that set of subnets will not have it's checksum validated.
 2020-10-22 13:23:10 -04:00
Tim Wojtulewicz
2c9c55b058 Prevent non-master builds, add cirrus information to upload 2020-10-22 00:56:20 +00:00
Jon Siwek
e4df60c51d Update submodule(s) [nomail] 2020-10-21 15:38:39 -07:00
Tim Wojtulewicz
e2053551cd Add support for sending data to coveralls with lcov_html.sh via Cirrus 2020-10-21 21:55:30 +00:00
Tim Wojtulewicz
e70f578621 Merge remote-tracking branch 'origin/topic/timw/coverity' 
* origin/topic/timw/coverity:
  Fix a couple of Coverity findings (1433618, 1433619)
 2020-10-21 11:06:39 -07:00
Tim Wojtulewicz
ce2b00fe83 Fix a couple of Coverity findings (1433618, 1433619) 2020-10-21 10:53:34 -07:00
Robin Sommer
fc427035a4 Bump BTest to 0.64. 
Previous version had a problem with canonification.
 2020-10-20 14:03:00 +00:00
Robin Sommer
df48b7ea57 Update BTest to 0.63. 
New baselines will now be store canonified.

Also setting new MinVersion option in btest.cfg.
 2020-10-20 09:01:11 +00:00
Jon Siwek
924a24ad2b Merge remote-tracking branch 'origin/topic/timw/packet-length-checks' into master 
* origin/topic/timw/packet-length-checks:
  Add length checks for IP header values before parsing TCP/UDP
 2020-10-19 18:58:19 -07:00
Jon Siwek
487d67ac50 Improve how Zeekygen generated record/enum redefinition docs 
It now provides a summary of the new fields/enums added by any given
redefinition along with associated commentary.
 2020-10-19 18:33:22 -07:00
Tim Wojtulewicz
e7f62de51b Add length checks for IP header values before parsing TCP/UDP 2020-10-19 12:30:55 -07:00
Jon Siwek
66eaf9c7cc Merge remote-tracking branch 'origin/topic/jsiwek/pop3-fuzzer-deprecation-warning' into master 
* origin/topic/jsiwek/pop3-fuzzer-deprecation-warning:
  Fix deprecation warning in POP3 fuzzer
 2020-10-19 11:54:40 -07:00
Jon Siwek
68c13013a5 Merge remote-tracking branch 'origin/topic/timw/gre-header-length-check' into master 
* origin/topic/timw/gre-header-length-check:
  Add header length check to GRE packet analyzer
 2020-10-19 11:54:07 -07:00
Tim Wojtulewicz
a19b018dc8 Add header length check to GRE packet analyzer 2020-10-19 10:58:10 -07:00
zeek-bot
4d27793f13 Update doc submodule [nomail] [skip ci] 2020-10-17 00:33:24 +00:00
Jon Siwek
0cc1fc3d88 Merge remote-tracking branch 'origin/topic/jsiwek/avoid-memcmp-null-args' 
* origin/topic/jsiwek/avoid-memcmp-null-args:
  Avoid passing null pointers to memcmp in ZeekString comparison methods
 2020-10-16 12:42:07 -07:00
Jon Siwek
5e164469f3 Merge remote-tracking branch 'origin/topic/vlad/gh-1225' 
* origin/topic/vlad/gh-1225:
  Extract length as a uint8
  Change ICMP ND length to a uint16
 2020-10-16 10:37:08 -07:00
Jon Siwek
72b3a4244e Avoid passing null pointers to memcmp in ZeekString comparison methods 2020-10-16 10:28:11 -07:00
Vlad Grigorescu
11a311dfb9 Extract length as a uint8 2020-10-16 09:03:48 -05:00
Johanna Amann
65125121d8 Merge branch 'topic/johanna/GH-169' 
* topic/johanna/GH-169:
  Make event ordering deterministic
  dump-events: try to make baseline work on all systems
  Introduce generate_all_events bif and add option to misc/dump-events

Fixes GH-169
 2020-10-16 07:11:57 +00:00
zeek-bot
04b8dc5341 Update doc submodule [nomail] [skip ci] 2020-10-16 00:40:37 +00:00
Jon Siwek
e58104e8d8 Fix deprecation warning in POP3 fuzzer 2020-10-15 16:10:02 -07:00
Jon Siwek
2c7f68308a Update external test suite commit pointers 2020-10-15 16:06:44 -07:00
Vlad Grigorescu
b5d11d1ace Change ICMP ND length to a uint16 2020-10-15 16:56:05 -05:00
Tim Wojtulewicz
a9d86cec8b Merge remote-tracking branch 'origin/topic/timw/1131-ip-handling' 
* origin/topic/timw/1131-ip-handling:
  Rework Sessions::Weird
  Prevent String::Set from crashing if passed a nullptr
  Store packet's ip header as unique_ptr
  Remove some unused includes from Packet.h
  Use shared_ptr for encapsulation data instead of raw pointer
  Review cleanup
  Update external testing repo hashes
  Reorder Packet member variables slightly for better packing
  Store the ip header in the packet after processing, reuse other places
  Change to store data in packet directly instead of keystore
  Don't always insert data into keystore for tunnels
  Add comment about packet header size and session analysis
  Set data to ip header's payload instead of advancing the pointer
  Move packet dumping to packet_mgr
  Make Sessions::NextPacket call packet_mgr, fix fuzzer code to do the same
  Move IP and IP tunnel code from Sessions into packet analyzers
  Prep work for IP changes
 2020-10-15 13:25:51 -07:00
Tim Wojtulewicz
a99b540e46 Rework Sessions::Weird 2020-10-15 13:03:11 -07:00
Tim Wojtulewicz
b1e517e863 Prevent String::Set from crashing if passed a nullptr 2020-10-15 12:49:08 -07:00
Tim Wojtulewicz
ecd970ffde Store packet's ip header as unique_ptr 2020-10-15 12:49:08 -07:00
Tim Wojtulewicz
2000f89b12 Remove some unused includes from Packet.h 2020-10-15 12:49:07 -07:00
Tim Wojtulewicz
41dcd0cde0 Use shared_ptr for encapsulation data instead of raw pointer 2020-10-15 12:49:05 -07:00
Tim Wojtulewicz
a7d4364334 Review cleanup 2020-10-15 12:44:45 -07:00
Tim Wojtulewicz
89a9c96673 Update external testing repo hashes 2020-10-15 12:34:37 -07:00
Tim Wojtulewicz
c4a7a4eaea Reorder Packet member variables slightly for better packing 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
665d0d9814 Store the ip header in the packet after processing, reuse other places 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
7d2c35174f Change to store data in packet directly instead of keystore 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
d0ef05c748 Don't always insert data into keystore for tunnels 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
02ed03adaa Add comment about packet header size and session analysis 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
d0cc30eccd Set data to ip header's payload instead of advancing the pointer 2020-10-15 12:18:32 -07:00
Tim Wojtulewicz
afdc08085f Move packet dumping to packet_mgr 2020-10-15 12:18:32 -07:00