Codeql 5307 v6 #7456
Closed
Codeql 5307 v6 #7456
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
catenacyber
requested review from
victorjulien,
jasonish and
a team
as code owners
Closed
Without dangerous snprintf pattern identified by CodeQL even if this pattern is not a problem in those precise cases, it may easily get copy pasted in a dangerous place, so better get rid of it and make CodeQL happy
To make CodeQL happy
by comparing size_t to strlen result Instead of uint16_t which would loop Ticket: OISF#5310
So as not to recompile every C file inclusing rust.h
catenacyber
force-pushed
the
codeql-5307-v6
branch
2 times, most recently
from
8224caa to
0f34da6
Compare
Codecov Report
@@ Coverage Diff @@
## master #7456 +/- ##
=======================================
Coverage 75.88% 75.88%
=======================================
Files 657 657
Lines 189473 189437 -36
=======================================
- Hits 143775 143748 -27
+ Misses 45698 45689 -9
Flags with carried forward coverage won't be shown. Click here to find out more. |
Merged
|
Merged the code commits in #7467, thanks! |
|
ERROR: ERROR: QA failed on tlpw1_files_sha256. ERROR: QA failed on tlpr1_alerts_cmp. ERROR: QA failed on ips_afp_drop_chk. Pipeline 7667 |
|
Replaced by #7471 |
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Dec 13, 2024
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow report such cases via the engine analysis. Task OISF#7456
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Dec 20, 2024
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow report such cases via the engine analysis. Task OISF#7456
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Dec 20, 2024
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow report such cases via the engine analysis. Task OISF#7456
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Dec 20, 2024
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow reporting such cases via engine analysis. Task OISF#7456
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Jan 10, 2025
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow reporting such cases via engine analysis. Task OISF#7456
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Jan 17, 2025
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow reporting such cases via engine analysis. Task OISF#7456
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Jan 17, 2025
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow reporting such cases via engine analysis. Task OISF#7456
jufajardini
added a commit
to jufajardini/suricata
that referenced
this pull request
Jan 31, 2025
Flowbits can make a rule such as a packet rule be treated as a stateful rule, without actually changing the rule type. Add a flag to allow reporting such cases via engine analysis. Task OISF#7456
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/5307
https://redmine.openinfosecfoundation.org/issues/5308
https://redmine.openinfosecfoundation.org/issues/5310
Describe changes:
Updated lgtm.yml and codeql.yml so :
-Suricata will works on LGTM
-Codeql workflow for C will successfully run
Fixes 18 warnings found by CodeQL
Replaces #7364 taking comment into account : adding
rs_to_hex_sep(and rustfmt rust/src/common.rs)