Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

next/486/20240618/v1 #11326

Merged
merged 11 commits into from
Jun 19, 2024
Merged

next/486/20240618/v1 #11326

merged 11 commits into from
Jun 19, 2024

Conversation

victorjulien
Copy link
Member

catenacyber and others added 11 commits June 18, 2024 21:08
@catenacyber @victorjulien
tests: move detect http.uri tests to suricata-verify
e3034a6 
Ticket: 3725
@victorjulien
detect: skip pseudo packets if sig needs real pkt
d03660a 
If a signature uses a condition that requires a real packet, filter
out pseudo packets as early as possible. To do this, the SignatureMask
logic is used.

This allows for the removal of checks for pseudo packets in individual
keywords `Match` functions, which will be done in a follow up commit.

Update analyzer to output the new flag.

Ticket: OISF#7002.
@victorjulien
detect: remove pseudo checks from packet keywords
2d1ccb7 
Keep as debug validation check.
@victorjulien
detect/prefilter: minor function ptr cleanup
4c29601 
Use a typedef'd function pointer for packet Prefilter callbacks to make
the code consistent with the other callbacks.
@victorjulien
detect/prefilter: use sig mask to exclude pkt engines
956c8be 
Add an argument to the packet prefilter registration function to include
`SignatureMask` flags. This will be used at runtime to only call these
prefilter engines when the mask check passes.
@victorjulien
detect/csum: general code cleanups
64f5865
@victorjulien
detect/csum: remove pseudo packet checks
6958efa
@victorjulien
detect/stream_size: allow match on pseudo packets
44d2e1a 
Often used with stream content, which can be inspected with pseudo packets.
@victorjulien
detect/dsize: remove prefilter pseudo check
8df53d6 
This is now handled at registration with SIG_MASK_REQUIRE_REAL_PKT.
@victorjulien
detect/icmp-id: remove prefilter pseudo check
e3e917d 
This is now handled at registration with SIG_MASK_REQUIRE_REAL_PKT.
@jasonish @victorjulien
github-ci: run cargo update test on pull requests
6256391 
Previously it was run once a week, hiding some issues until
Monday's. Instead run on pull requests, but still not every push.
@victorjulien victorjulien requested a review from jasonish as a code owner June 18, 2024 21:39
@codecov Codecov
Copy link

codecov bot commented Jun 18, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 81.81818% with 30 lines in your changes missing coverage. Please review.

Project coverage is 82.41%. Comparing base (d59c604) to head (6256391).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #11326      +/-   ##
==========================================
- Coverage   82.48%   82.41%   -0.07%     
==========================================
  Files         934      934              
  Lines      252239   247239    -5000     
==========================================
- Hits       208070   203773    -4297     
+ Misses      44169    43466     -703
Flag Coverage Δ
fuzzcorpus 60.24% <66.06%> (-0.01%) ⬇️
livemode 18.75% <4.84%> (+<0.01%) ⬆️
pcap 43.79% <7.27%> (+0.04%) ⬆️
suricata-verify 61.35% <38.18%> (+0.02%) ⬆️
unittests 59.31% <38.18%> (-0.61%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 21129

@victorjulien victorjulien merged commit 6256391 into OISF:master Jun 19, 2024
55 checks passed
This was referenced Jun 19, 2024
Closed
Closed
Closed
@victorjulien victorjulien deleted the next/486/20240618/v1 branch June 19, 2024 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish jasonish approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@victorjulien @suricata-qa @jasonish @catenacyber