Open Information Security Foundation

12/18/2024

02:00 PM Suricata Task #7154: plugins: add template detection plugin

Would this cover custom content detection plugins?
For example, an extra callback in DetectEngineContentInspectionIn... Hans Vermeer

01:41 PM Suricata Bug #7466: Lua Flowvar memory leak

I've attached a test (including the stderr) for the given lua code... Hans Vermeer

04:21 AM Suricata Bug #7466 (Closed): Lua Flowvar memory leak

In LuaSetFlowvar -> LuaSetFlowvarByKey, the key is malloced:... Hans Vermeer

12:36 PM Suricata Bug #7467: detect: checksum detection broken by stream.checksum-validation

I've attached a test I created with stream.checksum-validation=yes then switching to stream.checksum-validation=no fa... Hans Vermeer

04:29 AM Suricata Bug #7467 (Closed): detect: checksum detection broken by stream.checksum-validation

Taken from https://forum.suricata.io/t/custom-content-detection/4784/5
As mentioned in the issue, when stream.chec... Hans Vermeer

04:38 AM Suricata Support #7463: Can I compile suricata into statically build file?

We've managed to do this successfully, however, the plugin loading has a dlopen, patching this out (Its sadly not a c... Hans Vermeer

09/26/2024

07:49 PM Suricata Feature #5499: PCAP-over-IP client

In case this will be picked up again to merge into main, I've attached a dirty patch we applied to commit 31bed10ff66... Hans Vermeer

06:57 PM Suricata Bug #7285 (In Review): Websocket compression mishandling

There are a number of problems with the decompression implementation of WebSockets. Firstly, in the example PCAP ever... Hans Vermeer