TM Todd Mortimer
- Login: mordak
- Registered on: 11/03/2019
- Last sign in: 06/09/2023
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 1 | 4 | 5 |
| Reported issues | 0 | 3 | 3 |
Projects
| Project | Roles | Registered on |
|---|---|---|
| Suricata | Developer | 11/03/2019 |
| Suricata-Update | Developer | 11/03/2019 |
Activity
06/09/2023
- TM 02:45 PM Suricata Bug #6066: Memory Corruption in util-streaming-buffer
- Victor Julien wrote in #note-9:
> Does this still happen with the current git master? I've addressed 2 possible related issues in #5834 and #6041
Okay, we have had this in prod for a couple of days and haven't had any issues with Gro...
05/31/2023
- TM 05:00 PM Suricata Bug #6066: Memory Corruption in util-streaming-buffer
- Victor Julien wrote in #note-9:
> Does this still happen with the current git master? I've addressed 2 possible related issues in #5834 and #6041
Checking now - will update in a few days after letting it run for awhile and see if it ...
05/19/2023
- TM 05:56 PM Suricata Bug #6066: Memory Corruption in util-streaming-buffer
- Philippe Antoine wrote in #note-4:
> Could you print out more information ? About the flow ? (specific ports, flags like gap)
No problem. I captured some info about the buffer state, session, stream and packet at the time this happens.
...
05/16/2023
- TM 01:22 PM Suricata Bug #6066: Memory Corruption in util-streaming-buffer
- Victor Julien wrote in #note-2:
> @mordak do you have a pcap to reproduce the issue?
I don't have a pcap to reproduce, sorry. I have core dumps but can't share them.
At the time of failure, we see values for region->buf_size = 743...
05/15/2023
- TM 04:57 PM Suricata Bug #6066 (Closed): Memory Corruption in util-streaming-buffer
- While running a recent version of suricata (commit 2ddd26446e3, 12 Apr 2023) we have been getting crashes related to memory corruption in the streaming buffer.
Our suricata.yaml has:
04/13/2023
- TM 03:30 PM Suricata Bug #5979 (In Review): rust: update sawp dependencies to avoid future compile issues
- Yup, no problem.
https://github.com/OISF/suricata/pull/8722
12/28/2022
- TM 07:37 PM Suricata Task #5632 (Closed): Disable swf decompression by default
11/04/2022
- TM 04:30 PM Suricata Task #5638 (Closed): SWF decompression: Do not depend on libhtp
- SWF decompression uses the lzma decompression interface exposed by libhtp. While working on libhtp-rs it was identified that this is not right, and suricata could just use lzma-rs for lzma decompression directly instead of having libhtp ...
11/02/2022
- TM 03:09 PM Suricata Task #5632 (Closed): Disable swf decompression by default
- SWF decompression currently relies on libhtp's LZMA decompressor. While discussing migration to libhtp-rs it was suggested that LZMA decompression in suricata could just depend on lzma-rs directly instead of having libhtp-rs expose a LZM...
05/05/2020
- TM 06:54 PM Suricata Feature #2553: support 'by_both' in threshold rule keyword
- David Lam wrote in #note-9:
> Hi Todd - I just got an email saying it was resolved. Which version was this implemented in? Thanks.
It was merged in this PR: https://github.com/OISF/suricata/pull/4760 and tagged with 6.0.