Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect/lua: don't treat a crashed script as no match - v4 #11083

Closed
wants to merge 2 commits into from
Closed

detect/lua: don't treat a crashed script as no match - v4 #11083

wants to merge 2 commits into from

Conversation

jasonish
Copy link
Member

@jasonish
detect/lua: don't treat a crashed script as no match
b4046c0 
If a rule script crashed, the return value was treated as a no
match. This would make a negation of the rule match and alert.

Instead cleanup and exit early if the rule script crashed and don't
run negation logic.

A stat, detect.lua.errors has been added to count how many times a
script crashes.

Also consolidates the running of the Lua script and return value
handling to a common function.

Bug: OISF#6940
@jasonish
detect-lua: small cleanups
d762253 
- remove unused headers
- cleanup/rename flags
@jasonish jasonish requested review from victorjulien and a team as code owners May 15, 2024 16:35
@jasonish jasonish mentioned this pull request May 15, 2024
Closed
@victorjulien victorjulien added this to the 8.0 milestone May 15, 2024
@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 20640

@victorjulien victorjulien mentioned this pull request May 16, 2024
Merged
@victorjulien
Copy link
Member

Merged in #11095, thanks!

@jasonish jasonish deleted the lua-rule-errors/v4 branch May 29, 2024 15:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
8.0
3 participants
@jasonish @suricata-qa @victorjulien