Skip to content

Commit

Permalink
Merge pull request #124 from jelu/release/1.7.2
Browse files Browse the repository at this point in the history
Release/1.7.2
  • Loading branch information
jelu authored Aug 29, 2024
2 parents b10dbef + 9861294 commit 4e04e42
Show file tree
Hide file tree
Showing 42 changed files with 204 additions and 78 deletions.
1 change: 1 addition & 0 deletions .copr/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ $(top)/rpmbuild:
mkdir -p "$(top)"/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

srpm: prereq update-dist-tools
git config --global safe.directory "*"
test -f .gitmodules && git submodule update --init || true
echo "$(spec)" | grep -q "develop.spec" && auto_build_number=`date --utc +%s` message="Auto build `date --utc --iso-8601=seconds`" "$(top)/dist-tools/spec-new-changelog-entry" || true
overwrite=yes nosign=yes "$(top)/dist-tools/create-source-packages" rpm
Expand Down
53 changes: 53 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: "CodeQL"

on:
push:
branches: [ "develop", "master" ]
pull_request:
branches: [ "develop" ]
schedule:
- cron: "29 20 * * 3"

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ cpp ]

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Install Packages (cpp)
if: ${{ matrix.language == 'cpp' }}
run: |
sudo apt-get update
sudo apt-get install --yes build-essential automake autoconf libtool pkg-config zlib1g-dev libmaxminddb-dev
- name: Configure (cpp)
if: ${{ matrix.language == 'cpp' }}
run: |
./autogen.sh
./configure
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
queries: +security-and-quality

- name: Autobuild
uses: github/codeql-action/autobuild@v3

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{ matrix.language }}"
29 changes: 29 additions & 0 deletions CHANGES
Original file line number Diff line number Diff line change
@@ -1,3 +1,32 @@
2024-08-29 Jerry Lundström

Release 1.7.2

This patch release fixes various issues reported by CI/code analysis
tools.

Fixes:
- `RefCountString`: Use anonymous array for `data`
- `sql`: Fix heap overflow [[sonarcloud](https://sonarcloud.io/project/issues?open=AZF-b0jIXv-Y5-GmvUlN&id=dns-oarc%3APacketQ)]
- Fix CodeQL issues:
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/35
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/37
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/38
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/39
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/40
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/5

68b5385 Cleanup
1dfd47b CodeQL, code format
6224234 CodeQL fixes
6771f3a Copyright
3283c43 Heap overflow
1ff69df Badges
d4e93ec Workflow
75283cc Doc
25adefa Add CodeQL workflow for GitHub code scanning
bb7be53 Fix COPR

2022-06-02 Jerry Lundström

Release 1.7.1
Expand Down
2 changes: 1 addition & 1 deletion Makefile.am
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright (c) 2017-2022, OARC, Inc.
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
Expand Down
6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# PacketQ

[![Total alerts](https://img.shields.io/lgtm/alerts/g/DNS-OARC/PacketQ.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/DNS-OARC/PacketQ/alerts/) [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ&metric=bugs)](https://sonarcloud.io/dashboard?id=dns-oarc%3APacketQ) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ&metric=security_rating)](https://sonarcloud.io/dashboard?id=dns-oarc%3APacketQ)
[![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ&metric=bugs)](https://sonarcloud.io/summary/new_code?id=dns-oarc%3APacketQ) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=dns-oarc%3APacketQ)

`packetq` is a command line tool to run SQL queries directly on PCAP files,
the results can be outputted as JSON (default), formatted/compact CSV and XML.
Expand Down Expand Up @@ -48,7 +48,7 @@ To install the dependencies under Debian/Ubuntu:
apt-get install -y zlib1g-dev libmaxminddb-dev
```

To install the dependencies under CentOS (with EPEL enabled):
To install the dependencies under CentOS (with EPEL/PowerTools enabled):
```
yum install -y zlib-devel libmaxminddb-devel
```
Expand Down Expand Up @@ -113,7 +113,7 @@ See also the [full list of contributors](https://github.com/DNS-OARC/PacketQ/gra

## Copyright

Copyright (c) 2017-2022, OARC, Inc.
Copyright (c) 2017-2024 OARC, Inc.

Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden

Expand Down
2 changes: 1 addition & 1 deletion autogen.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/sh -e
#
# Copyright (c) 2017-2022, OARC, Inc.
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
Expand Down
9 changes: 6 additions & 3 deletions configure.ac
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright (c) 2017-2022, OARC, Inc.
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
Expand All @@ -18,7 +18,7 @@
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.

AC_PREREQ(2.61)
AC_INIT([packetq], [1.7.1], [admin@dns-oarc.net], [packetq], [https://github.com/DNS-OARC/packetq/issues])
AC_INIT([packetq], [1.7.2], [admin@dns-oarc.net], [packetq], [https://github.com/DNS-OARC/packetq/issues])
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
AC_CONFIG_SRCDIR([src/packetq.cpp])
AC_CONFIG_HEADER([src/config.h])
Expand All @@ -27,7 +27,10 @@ AC_CONFIG_HEADER([src/config.h])
AC_PROG_CXX

# Check --enable-warn-all
AC_ARG_ENABLE([warn-all], [AS_HELP_STRING([--enable-warn-all], [Enable all compiler warnings])], [AX_CXXFLAGS_WARN_ALL()])
AC_ARG_ENABLE([warn-all], [AS_HELP_STRING([--enable-warn-all], [Enable all compiler warnings])], [
AX_CXXFLAGS_WARN_ALL()
AS_VAR_APPEND(CXXFLAGS, [" -Wno-vla"])
])

# Check --with-extra-cxxflags
AC_ARG_WITH([extra-cxxflags], [AS_HELP_STRING([--with-extra-cxxflags=CXXFLAGS], [Add extra CXXFLAGS])], [
Expand Down
31 changes: 31 additions & 0 deletions debian/changelog
Original file line number Diff line number Diff line change
@@ -1,3 +1,34 @@
packetq (1.7.2-1~unstable+1) unstable; urgency=low

* Release 1.7.2

This patch release fixes various issues reported by CI/code analysis
tools.

Fixes:
- `RefCountString`: Use anonymous array for `data`
- `sql`: Fix heap overflow [[sonarcloud](https://sonarcloud.io/project/issues?open=AZF-b0jIXv-Y5-GmvUlN&id=dns-oarc%3APacketQ)]
- Fix CodeQL issues:
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/35
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/37
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/38
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/39
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/40
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/5

68b5385 Cleanup
1dfd47b CodeQL, code format
6224234 CodeQL fixes
6771f3a Copyright
3283c43 Heap overflow
1ff69df Badges
d4e93ec Workflow
75283cc Doc
25adefa Add CodeQL workflow for GitHub code scanning
bb7be53 Fix COPR

-- Jerry Lundström <lundstrom.jerry@gmail.com> Thu, 29 Aug 2024 13:50:01 +0200

packetq (1.7.1-1~unstable+1) unstable; urgency=low

* Release 1.7.1
Expand Down
10 changes: 3 additions & 7 deletions debian/copyright
Original file line number Diff line number Diff line change
@@ -1,16 +1,12 @@
Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: drool
Source: https://github.com/DNS-OARC/drool
Upstream-Name: PacketQ
Source: https://github.com/DNS-OARC/PacketQ

Files: *
Copyright: 2017-2022, OARC, Inc.
Copyright: 2017-2024 OARC, Inc.
2011-2017, IIS - The Internet Foundation in Sweden
License: GPLv3

Files: debian/*
Copyright: 2022 Jerry Lundström <lundstrom.jerry@gmail.com>
License: GPLv3

Files: src/Murmur/MurmurHash3.*
Copyright: Austin Appleby
License: Public Domain
Expand Down
27 changes: 26 additions & 1 deletion rpm/packetq.spec
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
Name: packetq
Version: 1.7.1
Version: 1.7.2
Release: 1%{?dist}
Summary: A tool that provides a basic SQL-frontend to PCAP-files
Group: Productivity/Networking/DNS/Utilities
Expand Down Expand Up @@ -56,6 +56,31 @@ rm -rf $RPM_BUILD_ROOT


%changelog
* Thu Aug 29 2024 Jerry Lundström <lundstrom.jerry@gmail.com> 1.7.2-1
- Release 1.7.2
* This patch release fixes various issues reported by CI/code analysis
tools.
* Fixes:
- `RefCountString`: Use anonymous array for `data`
- `sql`: Fix heap overflow [[sonarcloud](https://sonarcloud.io/project/issues?open=AZF-b0jIXv-Y5-GmvUlN&id=dns-oarc%3APacketQ)]
- Fix CodeQL issues:
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/35
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/37
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/38
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/39
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/40
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/5
* Commits:
68b5385 Cleanup
1dfd47b CodeQL, code format
6224234 CodeQL fixes
6771f3a Copyright
3283c43 Heap overflow
1ff69df Badges
d4e93ec Workflow
75283cc Doc
25adefa Add CodeQL workflow for GitHub code scanning
bb7be53 Fix COPR
* Thu Jun 02 2022 Jerry Lundström <lundstrom.jerry@gmail.com> 1.7.1-1
- Release 1.7.1
* This patch release fixes a bug in the domain name parsing that cuts
Expand Down
2 changes: 1 addition & 1 deletion src/Makefile.am
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright (c) 2017-2022, OARC, Inc.
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
Expand Down
2 changes: 1 addition & 1 deletion src/dns.cpp
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/dns.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/icmp.cpp
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/icmp.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/output.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/packet_handler.cpp
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/packet_handler.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
4 changes: 2 additions & 2 deletions src/packetq.cpp
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down Expand Up @@ -139,7 +139,7 @@ int getopt_long(int argc, char* argv[], const char* str, option* opt, int* optio

void sigproc(int sig)
{
//ignore sig pipe
// ignore sig pipe
signal(SIGPIPE, sigproc);
}

Expand Down
2 changes: 1 addition & 1 deletion src/packetq.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/pcap.cpp
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
4 changes: 2 additions & 2 deletions src/pcap.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down Expand Up @@ -178,7 +178,7 @@ class Pcap_file {
m_packetbuffer = 0;
}
m_packetbuffer_len = len + 4096;
m_packetbuffer = new unsigned char[m_packetbuffer_len];
m_packetbuffer = new (std::nothrow) unsigned char[m_packetbuffer_len];
if (!m_packetbuffer)
m_packetbuffer_len = 0;
}
Expand Down
2 changes: 1 addition & 1 deletion src/reader.cpp
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
2 changes: 1 addition & 1 deletion src/reader.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down
8 changes: 3 additions & 5 deletions src/refcountstring.h
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017-2022, OARC, Inc.
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
Expand Down Expand Up @@ -33,7 +33,7 @@
struct RefCountString {
// data
int count;
char data[sizeof(int)]; // this is a dummy, actual array will be larger
char data[];

// implementation
void inc_refcount()
Expand All @@ -50,9 +50,7 @@ struct RefCountString {

static RefCountString* allocate(int data_length)
{
std::size_t size = sizeof(RefCountString) - sizeof(char[sizeof(int)]) + data_length * sizeof(char);

void* chunk = std::calloc(1, size);
void* chunk = std::calloc(1, sizeof(RefCountString) + data_length);
if (!chunk)
throw std::bad_alloc();

Expand Down
Loading

0 comments on commit 4e04e42

Please sign in to comment.