Skip to content

next/1187/20260122/v1 #14673

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
victorjulien merged 8 commits into from
Jan 22, 2026
Merged

next/1187/20260122/v1 #14673

victorjulien merged 8 commits into from
Jan 22, 2026

Conversation

@victorjulien
Copy link
Member

@victorjulien victorjulien commented Jan 22, 2026

jufajardini and others added 8 commits January 19, 2026 09:30
@jufajardini
devguide/exceptions: minor fixes
2c216e2 
- cleaner YouTube link
- fix weird sentence

Follow-up of
Task OISF#5612
@jlucovsky @victorjulien
decode/ipv4: Create event on unknown protos
54bd8ed 
Issue: 7146

Create an event when the IPv4 header contains an unknown IP protocol.
@catenacyber @victorjulien
dcerpc: consume bytes after gap resync
cafc398 
Ticket: 7567

Re-applies commit 8c3bd3e
which was reverted in f64aec9
@victorjulien
stream: guard auxiliary packet counter to debug
c7058c1 
Use of t_pcapcnt is only relevant when compiled in debug mode only.
This patch adds additional debug guard to also shield the declaration
and assignment.
@victorjulien
stream: remove dead commented out code
f33f6e7
@victorjulien
pcap-file: prep codebase for pcap_cnt move refactor
400328c 
For an easier review process, this is a two-step change process,
in which pcap_cnt is first accessed by functions-to-be, implemented
as simple macros.

In the follow-up commit, the actual refactor is implemented with the new
function. The old macros are deleted.

Ticket: 7835
@victorjulien
pcap-file: move packet counter to PCAP packet structure
b575ae3 
Code refactor to gather all PCAP-related structure members
under one structure.

New pcap_v structure guards protect the union variables from
other capture modes trying to access the packet number incorrectly.

Ticket: 7835
@inashivb @victorjulien
flowbits: add a validation callback during setup
9df5fd1 
This should make it possible to catch invalid combinations in the same
signature early. This patch covers checking and erroring on the following
invalid cmd combinations:
- set + isset
- unset + isnotset
- set + toggle
- set + unset
- isset + isnotset
- unset + toggle

the same flowbit in the same signature which is basically an unnecessary
operation at runtime.

This also helps bring down the difficulty of handling of actual complex
flowbit chains.

Bug 7772
Bug 7773
Bug 7774
Bug 7817
Bug 7818
Bug 8166
@victorjulien victorjulien requested review from a team, jasonish and jufajardini as code owners January 22, 2026 11:51
@codecov
Copy link

codecov bot commented Jan 22, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 93.08176% with 22 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.11%. Comparing base (c333b28) to head (9df5fd1).
⚠️ Report is 8 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #14673      +/-   ##
==========================================
- Coverage   82.11%   82.11%   -0.01%     
==========================================
  Files        1011     1011              
  Lines      262812   262924     +112     
==========================================
+ Hits       215812   215896      +84     
- Misses      47000    47028      +28
Flag Coverage Δ
fuzzcorpus 60.23% <82.63%> (+0.05%) ⬆️
livemode 18.70% <6.94%> (-0.01%) ⬇️
pcap 44.57% <61.45%> (-0.02%) ⬇️
suricata-verify 65.31% <82.98%> (+0.02%) ⬆️
unittests 59.27% <37.42%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

catenacyber
catenacyber approved these changes Jan 22, 2026
View reviewed changes
Copy link
Contributor

@catenacyber catenacyber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good staging
Good SV
Good CI

QA ?

@ct0br0
Copy link

ct0br0 commented Jan 22, 2026

reran trex_generic and ips in dev after a reboot and everything was fine. so i guess run again and if it goes off ill have to reboot prod and try yet again?

@suricata-qa
Copy link

suricata-qa commented Jan 22, 2026

Information: QA ran without warnings.

Pipeline = 29250

@OISF OISF deleted a comment from suricata-qa Jan 22, 2026
@victorjulien victorjulien merged commit 9df5fd1 into OISF:main Jan 22, 2026
61 checks passed
This was referenced Jan 22, 2026
Merged
Closed
Closed
Closed
Closed
@victorjulien victorjulien deleted the next/1187/20260122/v1 branch January 22, 2026 20:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@catenacyber catenacyber catenacyber approved these changes

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

@jufajardini jufajardini Awaiting requested review from jufajardini jufajardini is a code owner

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@victorjulien @ct0br0 @suricata-qa @catenacyber @jufajardini @jlucovsky @inashivb