Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 18:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
12374 commits 387 branches 195 tags 267 MiB
Commit graph

12374 commits

This branch
This branch
All branches
Author SHA1 Message Date
Christian Kreibich
5fc8d89897 Ensure table/set HashKey buffer reservation and writes happen in same order 
This takes the existing sorting for table index hashkeys we had in place during
hash key writes and applies it also during buffer size reservation. It changes
the approach slightly: the underlying map now points to the TableVal entry index
vals directly, rather than to the numerical index into an additional list that
gets built up to store those indexes. Doing so removes the need for that list.
 2021-09-20 17:51:43 -07:00
zeek-bot
1260f6b585 Update doc submodule [nomail] [skip ci] 2021-09-21 00:43:52 +00:00
Justin Azoff
ef5fb790ef Restore behavior of Software::register event 
Use an intermediary event to ensure that software versions are parsed
before calling Software::register.
 2021-09-20 14:38:47 -04:00
Robin Sommer
31d3fb0f6c Merge https://github.com/gpotter2/zeek. 
Changes during merge:
  - Add dedicated test (w/ trace "client_timestamp_enabled.pcapng" from Cloudshark)
  - Change types from signed to unsigned.
  - Add cast for bit-shifting operand.
  - clang-format run
 2021-09-20 11:41:29 +02:00
FOX-DS
4a19acbef2 Add IType opnum mapping 2021-09-20 03:56:20 -04:00
Tim Wojtulewicz
c28fd3b610 Merge remote-tracking branch 'origin/topic/vern/changes-news-updates' 
* origin/topic/vern/changes-news-updates:
  elevate CHANGES descriptions and add a NEWS item for -O ZAM
 2021-09-18 16:35:41 -07:00
Vern Paxson
95af08b8be elevate CHANGES descriptions and add a NEWS item for -O ZAM 2021-09-17 07:36:33 -07:00
gpotter2
d4db9bf6d0 Add TSval and TSecr to TCPSyn 2021-09-17 11:35:16 +02:00
zeek-bot
a05b14711f Update doc submodule [nomail] [skip ci] 2021-09-17 00:41:27 +00:00
Tim Wojtulewicz
9068b71750 Merge remote-tracking branch 'origin/topic/timw/386-clang-format' 
* origin/topic/timw/386-clang-format:
  Minor fixes for build problems after reformatting
  Reformat the world
  Fixes for includes ahead of reformatting
  GH-386: Add clang-format config and scripts
 2021-09-16 15:37:21 -07:00
Tim Wojtulewicz
30aa4621c5 Minor fixes for build problems after reformatting 2021-09-16 15:36:09 -07:00
Tim Wojtulewicz
b2f171ec69 Reformat the world 2021-09-16 15:35:39 -07:00
Tim Wojtulewicz
194cb24547 Fixes for includes ahead of reformatting 2021-09-16 15:35:11 -07:00
Tim Wojtulewicz
a3ba7f638b GH-386: Add clang-format config and scripts 2021-09-16 15:35:11 -07:00
Robin Sommer
6c128a21e1 Merge branch 'topic/foxds/dcerpc_ms-oaut' of ssh://github.com/fox-ds/zeek 
* 'topic/foxds/dcerpc_ms-oaut' of ssh://github.com/fox-ds/zeek:
  Added four new opnum mappings for MS-OAUT IDispatch methods
 2021-09-16 11:15:36 +02:00
zeek-bot
9c2b3e97b4 Update doc submodule [nomail] [skip ci] 2021-09-16 00:34:09 +00:00
Tim Wojtulewicz
0dca1a70a7 Reformat docs in addrs.zeek to fix doc generation 2021-09-14 19:26:28 -07:00
Tim Wojtulewicz
619af69e42 Merge remote-tracking branch 'origin/topic/vern/zam-coverity' 
* origin/topic/vern/zam-coverity:
  still more nit-squashing
  avoiding using back() for an empty std::string
  additional tweaks to address some compiler warnings
  tweaks to address some compiler warnings
  tweaks to address concerns flagged by Coverity
 2021-09-14 18:39:44 -07:00
Vern Paxson
81e8354ada still more nit-squashing 2021-09-14 16:04:04 -07:00
Vern Paxson
10d8c2fe6b avoiding using back() for an empty std::string 2021-09-14 13:51:46 -07:00
Tim Wojtulewicz
cc162e2ab0 Merge remote-tracking branch 'awelzel/table-val-contains' 
* awelzel/table-val-contains:
  ignore_checksums_nets: Add test for multiple subnets
 2021-09-14 13:01:03 -07:00
Arne Welzel
b7690bb367 ignore_checksums_nets: Add test for multiple subnets 
This test fails with Zeek 4.1 and Zeek 4.0.3.
 2021-09-14 21:17:01 +02:00
Vern Paxson
57fdef573c additional tweaks to address some compiler warnings 2021-09-14 11:45:50 -07:00
FOX-DS
d3ca226e96 Added four new opnum mappings for MS-OAUT IDispatch methods 2021-09-14 15:31:08 +02:00
FOX-DS
13960a98ad Fix protocol forwarding in dce_rpc-auth 2021-09-14 03:09:16 -04:00
Vern Paxson
693fc14eb2 tweaks to address some compiler warnings 2021-09-13 19:55:26 -07:00
Vern Paxson
7f3993ca0e tweaks to address concerns flagged by Coverity 2021-09-13 12:57:15 -07:00
Tim Wojtulewicz
8414d13030 Merge remote-tracking branch 'origin/topic/vern/vector-hole-loops' 
* origin/topic/vern/vector-hole-loops:
  fix for looping over vectors with holes per https://github.com/zeek/zeek/issues/1763
  btest for https://github.com/zeek/zeek/issues/1763
 2021-09-08 12:04:56 -07:00
Tim Wojtulewicz
b7e264f8ef Merge remote-tracking branch 'origin/topic/seth/tsv-logs-utf8-by-default' 
* origin/topic/seth/tsv-logs-utf8-by-default:
  Fix mis-usage of string::append that leads to an overflow
  Use json_escape_utf8 for all utf8 data in ODesc
  Switch the TSV Zeek logs to be UTF8 by default.
 2021-09-08 12:04:13 -07:00
Tim Wojtulewicz
a251aa07f7 Merge remote-tracking branch 'origin/topic/vern/ZAM-remainder' 
* origin/topic/vern/ZAM-remainder: (37 commits)
  fix race condition in btest output ordering
  whoops, forgot to canonicalize filenames in new btest
  extend btest to include a coercion overflow
  fixed a typo in a comment
  fixes for vector coercion overflows, typing, and holes
  factoring out logic to check for overflows during coercions
  test case for vector coercions, including holes
  low-level cleanups found by code review
  additional conversions of size() to empty() checks that were missed previously
  indentation nit
  flag loop that has slightly subtle logic
  use ## to start major sections
  a number of low-level tweaks from code review
  use std::find_if rather than explicit loop
  switch simple loops that don't need indices to being iterator-based
  use container empty() rather than size() where appropriate
  Baseline variants for "-a zam"
  new "-a ZAM" testing baseline alternative
  updates for usage issues: support for -uu, maybe/definitely distinctions
  enable reducer to track folding to enable constant propagation
  ...
 2021-09-08 11:44:35 -07:00
Vern Paxson
acaaa0d36a fix race condition in btest output ordering 2021-09-08 10:23:39 -07:00
Vern Paxson
74fbfa3aae whoops, forgot to canonicalize filenames in new btest 2021-09-08 10:23:39 -07:00
Vern Paxson
9d896d114b extend btest to include a coercion overflow 2021-09-08 10:23:39 -07:00
Vern Paxson
7f3ab84e5c fixed a typo in a comment 2021-09-08 10:23:39 -07:00
Vern Paxson
196b8767e8 fixes for vector coercion overflows, typing, and holes 2021-09-08 10:23:39 -07:00
Vern Paxson
a67897135e factoring out logic to check for overflows during coercions 2021-09-08 10:23:39 -07:00
Vern Paxson
9757d37332 test case for vector coercions, including holes 2021-09-08 10:23:39 -07:00
Vern Paxson
38578a2ea3 low-level cleanups found by code review 2021-09-08 10:23:39 -07:00
Vern Paxson
8bc04d3593 additional conversions of size() to empty() checks that were missed previously 2021-09-08 10:23:39 -07:00
Vern Paxson
9d38946a95 indentation nit 2021-09-08 10:23:39 -07:00
Vern Paxson
bd7edd27fd flag loop that has slightly subtle logic 2021-09-08 10:23:38 -07:00
Vern Paxson
d58573adb1 use ## to start major sections 2021-09-08 10:23:38 -07:00
Vern Paxson
b6daf14868 a number of low-level tweaks from code review 2021-09-08 10:23:38 -07:00
Vern Paxson
c10737d168 use std::find_if rather than explicit loop 2021-09-08 10:23:38 -07:00
Vern Paxson
d609a11312 switch simple loops that don't need indices to being iterator-based 2021-09-08 10:23:38 -07:00
Vern Paxson
ffd1905f90 use container empty() rather than size() where appropriate 2021-09-08 10:23:38 -07:00
Vern Paxson
9b2eb2c373 Baseline variants for "-a zam" 2021-09-08 10:23:38 -07:00
Vern Paxson
9722b4216f new "-a ZAM" testing baseline alternative 2021-09-08 10:23:38 -07:00
Vern Paxson
f89ed411cf updates for usage issues: support for -uu, maybe/definitely distinctions 2021-09-08 10:23:38 -07:00
Vern Paxson
6726eaa0a9 enable reducer to track folding to enable constant propagation 2021-09-08 10:23:38 -07:00