Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
14097 commits 387 branches 195 tags 255 MiB
Commit graph

14097 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tim Wojtulewicz
d19478f49f Use larger size variable for DictEntry key_size to avoid overflows with big keys 2022-11-08 16:44:29 -07:00
Arne Welzel
c132d140ae ftp: Limit pending commands to FTP::max_pending_commands (default 20) 2022-11-08 16:44:17 -07:00
Arne Welzel
d2689379bc Update baselines after AnalyzePacket changes 
Mainly, for bad headers we do not (can not) put addresses into
the log anymore. Some were rather obviously bogus previously
already.
 2022-11-08 16:44:15 -07:00
Arne Welzel
70c74e9d71 protocol/ip: Only attach IP_Hdr to Packet if valid 
Ensure packet->ip_hdr is not set (so no one can assume it's valid)
when AnalyzePacket() found something weird with the header.
 2022-11-08 16:44:04 -07:00
Vern Paxson
ee0a6f6835 Script optimization maintenance and updates: 
maintenance fixes for variadic run-time checks, '_' placeholder identifier
  "-O allow-cond" permits compiling scripts to C++ when influenced by @if conditionals
  more robust standalone compile-to-C++ properties
  fix for nested "when" statements
  test suite updates
 2022-11-08 11:56:32 -08:00
Josh Soref
6f30f8df7c spelling: successful 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
90f1da4fe7 spelling: deterministic 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
34966a93ef spelling: canonicalize 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
b79dfafefb spelling: algorithm 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:05:24 -05:00
Josh Soref
8995db4cd3 spelling: variation 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
711576c10f spelling: value 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
c22d4f5d8c spelling: session 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
4782193393 spelling: repetitions 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
683ef60823 spelling: params 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
e3d60ea268 spelling: further 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
015f27e345 spelling: confirm 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
075360773a spelling: channel 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
Josh Soref
38d6cdeb89 spelling: announcement 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-07 20:04:58 -05:00
zeek-bot
be5a30df7d Update doc submodule [nomail] [skip ci] 2022-11-08 00:44:27 +00:00
Robin Sommer
62a52be314
Bump documentation. 2022-11-07 11:48:35 +01:00
Robin Sommer
3a9320dab3
Merge remote-tracking branch 'origin/topic/awelzel/2528-cluster-layout-content-warning' 
* origin/topic/awelzel/2528-cluster-layout-content-warning:
  cluster: Add warning about cluster-layout.zeek content
 2022-11-07 11:28:57 +01:00
Robin Sommer
2a36441b8e
Merge remote-tracking branch 'origin/topic/awelzel/2483-builtin-plugin-includes' 
* origin/topic/awelzel/2483-builtin-plugin-includes:
  zeek-setup: Load builtin-plugins/__preload__.zeek before initializing bifs
  cmake: Introduce bro_PLUGIN_LINK_LIBS and add to link command.
  cmake: Do not use include_directories() for included plugins
  cmake: Bump submodule
 2022-11-07 11:25:03 +01:00
Dominik Charousset
c4d5e3cda7 Configure script: drop --with-caf, add -D option 2022-11-05 09:00:13 +01:00
zeek-bot
c71d2878c9 Update doc submodule [nomail] [skip ci] 2022-11-05 00:44:30 +00:00
Tim Wojtulewicz
2975468060 Merge remote-tracking branch 'origin/topic/awelzel/2540-fuzzer-zeekpath-builtin-plugins' 
* origin/topic/awelzel/2540-fuzzer-zeekpath-builtin-plugins:
  fuzzer-setup: Update ZEEKPATH to align with DEFAULT_ZEEKPATH
 2022-11-04 09:16:08 -07:00
Arne Welzel
15502f8e18 fuzzer-setup: Update ZEEKPATH to align with DEFAULT_ZEEKPATH 
The util-config.h file uses @DEFAULT_ZEEKPATH@ which includes the
builtin-plugins directory. Do the same change for the fuzzers so
that scripts from builtin plugins can be found.

Fixes #2540
 2022-11-04 15:22:50 +01:00
Tim Wojtulewicz
254877879c Update cmake submodule to remove STATIC_KQUEUE variable 2022-11-03 13:50:44 -07:00
Tim Wojtulewicz
c853555bf4 Update docs submodule [nomail] [skip ci] 2022-11-03 10:42:43 -07:00
Tim Wojtulewicz
1a81e0d3a3 Merge branch 'topic/timw/lgtm-fixes' 
* topic/timw/lgtm-fixes:
  Add a missing deletion in ZAM code
  Add a couple of mising assignment operators to match copy constructors
  Fix a bunch of variable shadowing issues from LGTM
 2022-11-03 09:22:21 -07:00
Tim Wojtulewicz
c3ed97c04c Add a missing deletion in ZAM code 2022-11-03 09:21:18 -07:00
Tim Wojtulewicz
859588d710 Add a couple of mising assignment operators to match copy constructors 2022-11-03 09:21:18 -07:00
Tim Wojtulewicz
a61352c5dd Merge remote-tracking branch 'origin/topic/timw/display-cmake' 
* origin/topic/timw/display-cmake:
  Add configure --display-cmake argument
 2022-11-03 08:58:09 -07:00
Tim Wojtulewicz
68450eac47 Merge remote-tracking branch 'origin/topic/timw/update-dns-types' 
* origin/topic/timw/update-dns-types:
  Update external test hashes
  Update DNS type strings to match correct mappings
 2022-11-03 08:57:19 -07:00
Tim Wojtulewicz
3fafe5c19f Merge remote-tracking branch 'origin/topic/johanna/ubuntu2210ci' 
* origin/topic/johanna/ubuntu2210ci:
  Add Ubuntu 22.10 to ci
 2022-11-03 08:56:43 -07:00
Arne Welzel
28336709b8 cluster: Add warning about cluster-layout.zeek content 
Relates to #2528, #991.
 2022-11-03 14:02:43 +01:00
Johanna Amann
36484eaf34 Add Ubuntu 22.10 to ci 2022-11-03 10:08:12 +00:00
Tim Wojtulewicz
d65c75e2ad Merge remote-tracking branch 'jsoref/spelling-scripts' 
* jsoref/spelling-scripts:
  Spelling fixes: scripts
 2022-11-02 16:56:27 -07:00
Tim Wojtulewicz
66e818e69b Update external test hashes 2022-11-02 16:38:24 -07:00
Tim Wojtulewicz
e8dbfc1cb0 Fix a bunch of variable shadowing issues from LGTM 2022-11-02 15:54:51 -07:00
Josh Soref
21e0d777b3 Spelling fixes: scripts 
* accessing
* across
* adding
* additional
* addresses
* afterwards
* analyzer
* ancillary
* answer
* associated
* attempts
* because
* belonging
* buffer
* cleanup
* committed
* connects
* database
* destination
* destroy
* distinguished
* encoded
* entries
* entry
* hopefully
* image
* include
* incorrect
* information
* initial
* initiate
* interval
* into
* java
* negotiation
* nodes
* nonexistent
* ntlm
* occasional
* omitted
* otherwise
* ourselves
* paragraphs
* particular
* perform
* received
* receiver
* referring
* release
* repetitions
* request
* responded
* retrieval
* running
* search
* separate
* separator
* should
* synchronization
* target
* that
* the
* threshold
* timeout
* transaction
* transferred
* transmission
* triggered
* vetoes
* virtual

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-11-02 17:36:39 -04:00
Tim Wojtulewicz
c9610ec45b Update DNS type strings to match correct mappings 2022-11-02 14:22:46 -07:00
Tim Wojtulewicz
04ba6033c6 Add configure --display-cmake argument 2022-11-02 12:29:47 -07:00
Arne Welzel
d34167b2c4 zeek-setup: Load builtin-plugins/__preload__.zeek before initializing bifs 
Prevent errors as follows with the bro-http2 plugin.

    error in /mitrecnd_HTTP2.events.bif.zeek, line 95: identifier not defined: http2_stream_stat
    error in /mitrecnd_HTTP2.events.bif.zeek, line 363: identifier not defined: http2_settings
    internal error in /mitrecnd_HTTP2.events.bif.zeek, line 460: Failed to find type named: http2_settings_unrecognized_table
 2022-11-02 12:21:44 +01:00
Arne Welzel
1fecdfd815 cmake: Introduce bro_PLUGIN_LINK_LIBS and add to link command. 
When using --include-plugins with plugins that depend other libraries
using zeek_plugin_link_library(), these libraries were stashed into
bro_SUBDIR_LIBS that is used in add_executable(). However, that does not
work for shared libraries.

Explicitly track library dependencies in bro_PLUGIN_LINK_LIBS now and
use target_link_libraries() with Zeek (there's a change in cmake to
make zeek_plugin_link_library() populate bro_PLUGIN_LINK_LIBS instead).

Currently, zeekdeps needs to come after bro_PLUGIN_LINK_LIBS due to how
spicy-plugin (and other external plugins) fiddle with zeekdeps in order
to stash dependencies into the PARENT_SCOPE.

bro_PLUGIN_LINK_LIBS will continue to work with static libraries.

The failure occurred when attempting to include bro-http2 [1].

Fixes #2483

[1] https://github.com/MITRECND/bro-http2
 2022-11-02 12:21:44 +01:00
Arne Welzel
4414c9a49f cmake: Do not use include_directories() for included plugins 
There's a cmake repo change that does the include_directories() in
zeek_plugin_begin() unconditionally instead.
 2022-11-02 12:21:44 +01:00
Arne Welzel
79e9384218 cmake: Bump submodule 2022-11-02 12:21:44 +01:00
Robin Sommer
f8eb2d9241
Merge remote-tracking branch 'origin/topic/awelzel/2440-break-next-usage-validation' 
* origin/topic/awelzel/2440-break-next-usage-validation:
  parse.y: Traverse AST post parsing to detect break/next usage issues
 2022-11-02 10:59:29 +01:00
Tim Wojtulewicz
bc0284aefa Merge remote-tracking branch 'origin/topic/awelzel/2446-runtime-error-for-variadic-functions' 
* origin/topic/awelzel/2446-runtime-error-for-variadic-functions:
  Func: Do not crash on va_args confusion for script funcs
 2022-11-01 07:47:50 -07:00
Arne Welzel
4314467e44 Func: Do not crash on va_args confusion for script funcs 
Script and BIF functions with a single any parameter are excluded from
type checking regarding arguments. This makes it possible to call a
ScriptFunc with more arguments than it actually has parameters and frame
space for, causing heap-buffer-overflows.

This change runtime checks expected parameters and provided arguments
and short-circuits execution as well as logging runtime expression errors.

Fixes #2446
 2022-11-01 08:55:14 +01:00
Tim Wojtulewicz
6dec7d6027 Merge remote-tracking branch 'origin/topic/awelzel/record-fields-not-just-enum' 
* origin/topic/awelzel/record-fields-not-just-enum:
  bifs/record_fields: Include actual enum name in type_name
 2022-10-31 15:18:11 -07:00