Project

General

Profile

Actions
Copy link

Bug #6618

closed

Endace: timestamp fixes

Added by Stephen Donnelly 5 months ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Stephen Donnelly
Target version:
8.0.0-beta1
Affected Versions:
git master
Effort:
low
Difficulty:
low
Label:
C

Description

ERF to SCTime_t conversion code is incorrect and may produce incorrect timestamps. This code should be refactored using the updated SCTIME_* macros in util-time.h.

source-erf-dag.c does not compile with --enable-dag due to a typo in PR9858 (SCMClloc for SCCalloc).

Subtasks 2 (0 open2 closed)

Bug #6620: Endace: timestamp fixes (7.0.x backport)ClosedCommunity TicketActions
Bug #6638: Endace: timestamp fixes (7.0.x backport)RejectedOISF DevActions
Actions
Copy link
 #1

Updated by Victor Julien 5 months ago

  • Label Needs backport to 7.0 added
Actions
Copy link
 #2

Updated by OISF Ticketbot 5 months ago

  • Subtask #6620 added
Actions
Copy link
 #3

Updated by OISF Ticketbot 5 months ago

  • Label deleted (Needs backport to 7.0)
Actions
Copy link
 #4

Updated by Victor Julien 5 months ago

Added the needs backport to 7 as I assume the time fixes are needed in 7 as well.

Actions
Copy link
 #5

Updated by Jeff Lucovsky 5 months ago

@Stephen Donnelly I can fix this but I will need the endace libraries so i can compile etc. Are the header/libraries available publicly?

Actions
Copy link
 #6

Updated by Victor Julien 5 months ago

  • Status changed from New to Resolved

I believe this was addressed in https://github.com/OISF/suricata/pull/10030

Do we need a backport to 7 @Stephen Donnelly ?

Actions
Copy link
 #7

Updated by Stephen Donnelly 5 months ago

  • Label Needs backport to 7.0 added

Victor Julien wrote in #note-6:

I believe this was addressed in https://github.com/OISF/suricata/pull/10030

Do we need a backport to 7 @Stephen Donnelly ?

Yes I believe that would be helpful since the prerequisite SCTime_t fixes have been backported to 7.0.x-master already, thanks.

Actions
Copy link
 #8

Updated by OISF Ticketbot 5 months ago

  • Subtask #6638 added
Actions
Copy link
 #9

Updated by OISF Ticketbot 5 months ago

  • Label deleted (Needs backport to 7.0)
Actions
Copy link
 #10

Updated by Stephen Donnelly 5 months ago

Jeff Lucovsky wrote in #note-5:

@Stephen Donnelly I can fix this but I will need the endace libraries so i can compile etc. Are the header/libraries available publicly?

I don't believe they are publicly available. I can look into providing them to you to use manually, or for a regression build-bot if that would help?

Actions
Copy link
 #11

Updated by Victor Julien 5 months ago

Stephen Donnelly wrote in #note-10:

Jeff Lucovsky wrote in #note-5:

@Stephen Donnelly I can fix this but I will need the endace libraries so i can compile etc. Are the header/libraries available publicly?

I don't believe they are publicly available. I can look into providing them to you to use manually, or for a regression build-bot if that would help?

No need to do that, I think it's up to vendors like yourself to keep an eye on this.

Actions
Copy link
 #12

Updated by Stephen Donnelly 5 months ago

Victor Julien wrote in #note-11:

No need to do that, I think it's up to vendors like yourself to keep an eye on this.

Sure, will be happy to test build 7.0.x-master for the backport and raise a ticket if there are any issues.

Actions
Copy link
 #13

Updated by Philippe Antoine 3 months ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF