next/1194/20260129/v1 #14712
Merged
next/1194/20260129/v1 #14712
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To explain a bit more the TOCTOU issue found, we can consider a case where Suricata starts to prune, yet externally somebody also starts erasing cache files. Right after Suricata checks the file age with the stat function, somebody may delete or update the file of our interest. Suricata aging decision doesn't reflect the actual state of the file. This commit additionally adds a check for noent failure of the unlink operation (considered as a success). The code can still delete a file that is recently updated but was considered stale. In the documentation-following deployments this should not happen anyway as one cache folder should only be used by a single Suricata instance (and within Suricata instance only one thread handles cache eviction). Additionally, the `stat` and `unlink` command are immediatelly followed, making this scenario extra unlikely. Additional comment in the code explains problems of using fstat and potential issues on Windows. Ticket: 8243
Some drivers (e.g. BNXT) fail to report stats after the device is stopped. Move stats collection (DPDKDumpCounters and PrintDPDKPortXstats) to run before rte_eth_dev_stop() in HandleShutdown. Also change PrintDPDKPortXstats error handling from FatalError to graceful return since stats collection failures during shutdown should not crash the application. The commit removes ThreadExitPrintStats callback as the function had no useful features after the stats were moved. Ticket: 8251
bindgen needed SCSigMatchSilentErrorEnabled on the way
Will allow for generic callbacks, that can be used from rust
Introduces helper SCDetectRegisterBufferLowerMd5Callbacks
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #14712 +/- ##
==========================================
+ Coverage 82.13% 82.14% +0.01%
==========================================
Files 1011 1007 -4
Lines 263295 263194 -101
==========================================
- Hits 216258 216210 -48
+ Misses 47037 46984 -53
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
catenacyber
approved these changes
Jan 29, 2026
|
Information: QA ran without warnings. Pipeline = 29331 |
This was referenced Jan 29, 2026
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Staging: