General

Profile

Mats Klepsland

Issues

Projects

Activity

03/30/2018

07:25 AM Suricata Revision 21078521: app-layer-ssl: remove possibility to overflow HAS_SPACE macro

03/29/2018

03:58 PM Suricata Revision 598ef96b: app-layer-ssl: really fix CID 1433623
11:16 AM Suricata Revision 900c27e2: app-layer-ssl: fix use-after-free (CID 1433623)
Ja3BufferAddValue frees the buffer on error, so there is no point
in doing it twice (use-after-free).
11:16 AM Suricata Revision fc0e3394: app-layer-ssl: fix use-after-free (CID 14336229)
Nullify JA3 buffer on free to avoid use-after-free vulnerability.

03/28/2018

06:49 AM Suricata Revision 7f0cfc07: app-layer-ssl: use BIT_U32 for flags
06:49 AM Suricata Revision 3e597512: app-layer-tls-handshake: remove since it is no longer needed
Remove this file and all its content, since the functionality
was reimplemented in app-layer-ssl.
06:49 AM Suricata Revision e93fef5c: app-layer-ssl: reimplement function for decoding certificates
Do a complete rewrite of the function for decoding the SSL/TLS
certificate from the handshake.
06:49 AM Suricata Revision d9ddae45: tls: replace variable in header file with TAILQ_EMPTY()
Use TAILQ_EMPTY to check if a certificate exists instead of
setting two variables in the app-layer-ssl header file fo...

03/21/2018

04:43 AM Suricata Revision efdc5921: detect-tls-sni: use *_Register2 API functions
Use *_Register2 API functions when registering 'tls_sni' detection
keyword.
04:43 AM Suricata Revision b479d1d4: detect-tls-cert-serial: use *_Register2 API functions
Use *_Register2 API functions when registering 'tls_cert_serial'
detection keyword.

Also available in: Atom