Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pgsql: fix probing issues (7.0.x backports) - v1 #9982

Closed
wants to merge 5 commits into from
Closed

pgsql: fix probing issues (7.0.x backports) - v1 #9982

wants to merge 5 commits into from

Conversation

jufajardini
Copy link
Contributor

@jufajardini
pgsql: add unknonwn frontend message type
b74ab7f 
We had unkonwn message type for the backend, but not the frontend
messages. It's important to better identify those to improve pgsql
probing functions.

Related to
Bug OISF#6080

(cherry picked from commit 1ac5d97)
@jufajardini
pgsql: fix probing functions
db33eba 
Some non-pgsql traffic seen by Suricata is mistankenly identified as
pgsql, as the probing function is too generic. Now, if the parser sees
an unknown message type, even if it looks like pgsql, it will fail.

Bug OISF#6080

(cherry picked from commit 4f85d06)
@jufajardini
pgsql: don't log unknown message type
f948556 
(cherry picked from commit afd6e4d)
@jufajardini
pgsql: remove unused error handling call
9121f9a 
(cherry picked from commit 53d29f6)
@jufajardini
pgsql: remove probe_ts function
ff69e8a 
With the changes in the probing_ts function, this other one could become
obsolete. Remove it, and directly call `parser::parse_request` when
checking for gaps, instead.

(cherry picked from commit 9aeeac5)
@codecov Codecov
Copy link

codecov bot commented Dec 6, 2023

Codecov Report

Merging #9982 (ff69e8a) into main-7.0.x (aae6bea) will decrease coverage by 0.07%.
The diff coverage is 77.77%.

Additional details and impacted files 
@@              Coverage Diff               @@
##           main-7.0.x    #9982      +/-   ##
==============================================
- Coverage       82.50%   82.43%   -0.07%     
==============================================
  Files             968      968              
  Lines          273870   273863       -7     
==============================================
- Hits           225957   225770     -187     
- Misses          47913    48093     +180
Flag Coverage Δ
fuzzcorpus 64.41% <77.77%> (-0.11%) ⬇️
suricata-verify 61.03% <29.62%> (-0.04%) ⬇️
unittests 62.93% <0.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@victorjulien victorjulien mentioned this pull request Dec 7, 2023
Closed
@suricata-qa
Copy link

WARNING:

field baseline test %
SURI_TLPW2_autofp_stats_chk
.uptime 181 194 107.18%

Pipeline 16912

@victorjulien victorjulien mentioned this pull request Dec 9, 2023
Merged
@victorjulien
Copy link
Member

Merged in #10020, thanks!

@jufajardini jufajardini deleted the pgsql-probe-backport-7/v1 branch December 11, 2023 16:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jufajardini @suricata-qa @victorjulien