Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-04 15:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
9059 commits 385 branches 195 tags 258 MiB
Commit graph

9059 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
874ffc82b0 Merge remote-tracking branch 'origin/topic/johanna/3rdparty-licenses' 
I prefixed the software names with '%%%' to make them easier to find
in the file.

* origin/topic/johanna/3rdparty-licenses:
  Add a license file with all third party software licenses.
 2019-07-30 02:48:10 +00:00
Robin Sommer
13c373086d Merge remote-tracking branch 'origin/topic/zeke/closures' 2019-07-30 02:32:34 +00:00
Jon Siwek
01611177f7 Fix memory leaks in expire_func introduced by recent changes 2019-07-29 18:07:35 -07:00
Dev Bali
bbc3cb0d49 Commented out UTF-8 Script in Test All Policy 2019-07-29 16:47:20 -07:00
Dev Bali
3d10ba3515 Minor Style Tweak 2019-07-29 14:50:57 -07:00
Seth Hall
1a7f14dab0 Updating docs submodule pointer. 2019-07-29 16:15:54 -04:00
Seth Hall
38a7dcd701 Merge branch 'mauropalumbo75-smb2-set-info-ext' 2019-07-29 16:13:08 -04:00
Seth Hall
9931b07fae Fix some whitespace issues 2019-07-29 16:00:34 -04:00
Dev Bali
c59a7279f0 Use getNumBytesForUTF8 method to determine number of bytes 2019-07-29 12:55:24 -07:00
Seth Hall
e2596b1c64 Merge branch 'smb2-set-info-ext' of git://github.com/mauropalumbo75/zeek into mauropalumbo75-smb2-set-info-ext 2019-07-29 15:44:13 -04:00
Seth Hall
7bf856768a Bug fixes and test baseline updates 
- ConnAckMsg return_code wasn't passed as a count on accident.
 - Some renaming items were missing due to the age of this code.
 2019-07-29 15:12:11 -04:00
Seth Hall
0ed274b081 Fix an issue with bro_init -> zeek_init 2019-07-29 13:51:39 -04:00
Seth Hall
a42b3a1d63 MQTT Analyzer heavily updated and ported from the analyzer originally by Supriya Kumar 
This analyzer generates three logs to fully display what is happening over the MQTT connection.
  - mqtt_connect.log
  - mqtt_subscribe.log
  - mqtt_publish.log

At this time it only supports MQTT 3.1 and 3.1.1
 2019-07-29 13:45:10 -04:00
Johanna Amann
7f5d76b2c3 Update submodule 
[nomail]
 2019-07-29 10:22:38 -07:00
Johanna Amann
95ce177682 Merge remote-tracking branch 'origin/topic/jsiwek/gh-488-new-versioning' 
* origin/topic/jsiwek/gh-488-new-versioning:
  Add release branches to Travis CI whitelist
  GH-488: teach the Version module to parse new version scheme
 2019-07-29 10:02:00 -07:00
Johanna Amann
02f19f7420 Merge remote-tracking branch 'origin/topic/jsiwek/gh-491-vector-of-enum-ctor' 
* origin/topic/jsiwek/gh-491-vector-of-enum-ctor:
  Improve type inference for vector-of-enum constructor
 2019-07-29 09:30:04 -07:00
Johanna Amann
486bf1e713 Merge remote-tracking branch 'origin/topic/timw/cleaner-utf8' 
* origin/topic/timw/cleaner-utf8:
  GHI-486: Switch over to using LLVM utf8-checking code to better validate characters

I addressed a buffer over-read during the merge and added test-cases for
it.
 2019-07-29 09:25:25 -07:00
Johanna Amann
838e0b2848 Update submodule 
[nomail]
 2019-07-29 09:07:12 -07:00
Johanna Amann
dfc97f1572 Merge remote-tracking branch 'origin/topic/jsiwek/ub-fixes' 
* origin/topic/jsiwek/ub-fixes:
  Fix undefined behavior via casting file analyzers to protocol analyzers
  Fix undefined behavior via hrw_weight BIF signed int overflow
  Fix undefined behavior via invalid TCP analyzer cast
 2019-07-29 08:58:31 -07:00
Johanna Amann
943aeefdf2 Merge remote-tracking branch 'origin/topic/jsiwek/gh-485-missing-dhcp-mac' 
* origin/topic/jsiwek/gh-485-missing-dhcp-mac:
  GH-485: fix cases where DHCP log omits MAC field
 2019-07-29 08:57:07 -07:00
Jeff Barber
4336de6651 Duplicate TCP segment should trigger tcp_multiple_retransmissions 2019-07-28 15:15:40 -06:00
Jon Siwek
8cf9c41c12 GH-485: fix cases where DHCP log omits MAC field 
The field is populated in this order of preference:

  (1) Use a client-identifier option sent by client
  (2) Use the server's CHADDR field
  (3) Use the client's CHADDR field

Case (3) did not exist before this patch.
 2019-07-26 20:05:15 -07:00
Jon Siwek
4d0e9491bc Fix undefined behavior via casting file analyzers to protocol analyzers 
When generating some events for PE and X509 file analyzers, there's
an invalid cast from file_analysis::Analyzer to analyzer::Analyzer
and subsequent invalid member access via analyzer::Analyzer::GetID()
called on what is really a pointer to a file analyzer.
 2019-07-26 18:39:36 -07:00
Jon Siwek
3de730957f Fix undefined behavior via hrw_weight BIF signed int overflow 2019-07-26 18:25:11 -07:00
Jon Siwek
2e9f6bec76 Fix undefined behavior via invalid TCP analyzer cast 
A connection's root analyzer isn't necessarily TCP and an unchecked
C-style cast is undefined behavior in those cases.
 2019-07-26 18:17:44 -07:00
Jon Siwek
0f5082585d Updating submodule(s). 
[nomail]
 2019-07-26 16:16:23 -07:00
Jon Siwek
70aa886806 Improve type inference for vector-of-enum constructor 2019-07-25 23:27:47 -07:00
Jon Siwek
a60c128d7c Add release branches to Travis CI whitelist 2019-07-25 23:18:05 -07:00
Jon Siwek
94d470c158 GH-488: teach the Version module to parse new version scheme 
Such as the new -rc format for release candidates (replacing "beta") and
-dev.X for development versions in the master branch.
 2019-07-25 23:05:06 -07:00
Zeke Medley
dc6a849cf5 add a leak test 2019-07-25 13:18:53 -07:00
Zeke Medley
e6464dae79 fix bug in serialization test 2019-07-25 11:53:16 -07:00
Zeke Medley
bdc8e0e6c4 Merge branch 'master' of https://github.com/zeek/zeek into topic/robin/closures-merge 2019-07-25 11:23:40 -07:00
Zeke Medley
cef94832f1 Frame merge and cleanup for merge. 2019-07-25 11:19:17 -07:00
Tim Wojtulewicz
ad19f1e1bb GHI-486: Switch over to using LLVM utf8-checking code to better validate characters 2019-07-24 10:58:00 -07:00
Dev Bali
6fcb23066d Added Jon's test cases as unit tests 2019-07-23 11:59:33 -07:00
Dev Bali
3efbea0b84 Prioritizes escaping predefined Escape Sequences over Unescaping UTF-8 Sequences 2019-07-23 11:59:33 -07:00
Dev Bali
d6bcdfce52 Added additional check to confirm anything unescaping is a multibyte UTF-8 sequence, addressing the test case Jon brought up 2019-07-23 11:59:33 -07:00
Dev Bali
66557d3178 Added optional script and redef bool to enable utf-8 in ASCII logs 2019-07-23 11:59:33 -07:00
System Administrator
6927dd1213 Initial Commit, removed std::isprint check to escape 2019-07-23 11:59:33 -07:00
Jon Siwek
9698d8d7cc Remove --disable-perftools from coverity builds 2019-07-23 09:38:16 -07:00
Johanna Amann
42e94d1ce2 Update submodule 
[nomail]
 2019-07-22 14:14:29 -07:00
Johanna Amann
b289a9a824 Add a license file with all third party software licenses. 
This makes it more obvious which third party software we ship together
with Zeek and what license terms one has to abide to.
 2019-07-22 14:10:57 -07:00
Johanna Amann
ff4845aa80 Merge branch 'master' of github.com:zeek/zeek 2019-07-22 12:46:21 -07:00
Johanna Amann
3159577821 Merge remote-tracking branch 'origin/topic/zeke/expire-func' 
* origin/topic/zeke/expire-func:
  Ignore abs-path in test.
  Report argument # type check failed on.
  Update test baseline.
  Improve func arg type checking.
  &expire_func(table, arg1, arg2, ...) + type checking.
 2019-07-22 12:44:55 -07:00
Jon Siwek
19dc0f8be9 Merge branch 'topic/timw/algorithms' 
* topic/timw/algorithms:
  Remove List::append deprecation
  Mark List::append/insert deprecated in favor of push_back/push_front for consistency with Queue
  Mark List::sort as deprecated, remove List::sortedinsert
  Change container iterators to just use pointers directly into the container elements
 2019-07-22 12:24:14 -07:00
Johanna Amann
354d5e8631 Merge remote-tracking branch 'origin/topic/jsiwek/max-protocol-violations' 
* origin/topic/jsiwek/max-protocol-violations:
  Add DPD::max_violations option
 2019-07-22 11:16:11 -07:00
Jon Siwek
162bc5f1e3 Remove List::append deprecation 2019-07-22 10:58:31 -07:00
Johanna Amann
fd22c4e29a Abort when --enable-jemalloc is given, but JeMalloc is not found 
At the moment this also already aborts in this case - much later, with
an ugly error message.
 2019-07-22 10:37:49 -07:00
Johanna Amann
d24fb97b53 Merge remote-tracking branch 'origin/topic/jsiwek/gh-475-no-default-tcmalloc' 
* origin/topic/jsiwek/gh-475-no-default-tcmalloc:
  GH-475: Require --enable-perftools to link in tcmalloc

I added an error message is --enable-perftools is given, but perftools
is not found - it does not seem great to not abort in these cases.
 2019-07-22 10:31:55 -07:00
Tim Wojtulewicz
6144f459e1 Mark List::append/insert deprecated in favor of push_back/push_front for consistency with Queue 2019-07-22 09:47:43 -07:00