Skip to content

Backports/80x/v6#14993

Merged
victorjulien merged 4 commits intoOISF:main-8.0.xfrom
victorjulien:backports/80x/v6
Mar 10, 2026
Merged

Backports/80x/v6#14993
victorjulien merged 4 commits intoOISF:main-8.0.xfrom
victorjulien:backports/80x/v6

Conversation

@victorjulien
Copy link
Member

@victorjulien victorjulien commented Mar 9, 2026

victorjulien and others added 4 commits March 9, 2026 06:46
@victorjulien
firewall: don't overwrite with ips mode
0140496 
When a capture method set IPS mode, it could overwrite already set Firewall mode.

Ticket OISF#8311.

(cherry picked from commit cb24430)
@victorjulien
dpdk: adjust burst size to mempool size
7c24721 
When mempool size was configured really low (<32), Suricata exhausted
the mempool with the rx_burst call, which led to undefined behavior.
The current fix ensures the burst size is at most the size of the mempool,
if the mempool is smaller than BURST_SIZE macro.

(cherry picked from commit 1d06103)
@victorjulien
ndpi: minor optimization
6e6e12e 
Check protocol before doing more expensive work.

(cherry picked from commit 28ba93e)
@antoineaboufayssal @victorjulien
plugins/ndpi: guard against NULL f->storage in all callbacks
5ed352d 
(cherry picked from commit 29834e3)
@victorjulien victorjulien requested a review from a team as a code owner March 9, 2026 06:17
@codecov
Copy link

codecov bot commented Mar 9, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.62%. Comparing base (354d0b2) to head (5ed352d).
⚠️ Report is 5 commits behind head on main-8.0.x.

Additional details and impacted files 
@@              Coverage Diff               @@
##           main-8.0.x   #14993      +/-   ##
==============================================
- Coverage       83.62%   83.62%   -0.01%     
==============================================
  Files            1011     1011              
  Lines          266411   266417       +6     
==============================================
- Hits           222791   222782       -9     
- Misses          43620    43635      +15
Flag Coverage Δ
fuzzcorpus 64.00% <0.00%> (-0.01%) ⬇️
livemode 18.73% <100.00%> (+<0.01%) ⬆️
pcap 44.54% <0.00%> (-0.04%) ⬇️
suricata-verify 64.86% <100.00%> (-0.02%) ⬇️
unittests 58.86% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

lukashino
lukashino approved these changes Mar 9, 2026
View reviewed changes
Copy link
Contributor

@lukashino lukashino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All looks good, nDPI conditions seems often redundant but ok. I mean this pattern:

If null:
  Return;
Else if not null
  Do something

@suricata-qa
Copy link

suricata-qa commented Mar 9, 2026

Information: QA ran without warnings.

Pipeline = 30101

@victorjulien victorjulien added this to the 8.0 milestone Mar 9, 2026
@victorjulien victorjulien mentioned this pull request Mar 9, 2026
Merged
@victorjulien victorjulien merged commit 5ed352d into OISF:main-8.0.x Mar 10, 2026
58 of 59 checks passed
@victorjulien
Copy link
Member Author

victorjulien commented Mar 10, 2026

Merged in #15000, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lukashino lukashino lukashino approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

8.0

Development

Successfully merging this pull request may close these issues.

4 participants

@victorjulien @suricata-qa @lukashino @antoineaboufayssal