aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuca Deri <lucaderi@users.noreply.github.com>2018-04-16 14:16:09 +0200
committerGitHub <noreply@github.com>2018-04-16 14:16:09 +0200
commit8a59581668047ec0a8c9d5ed778476c398ab7f89 (patch)
treeb5e1dee3ea7d0892b87108264811863a07105842
parentd8e4111a9d4158af8246d66d4ab82cbcd990ea6a (diff)
parent5950ad7ef82c329c56d17c11e9b34810180a7c16 (diff)
Merge pull request #547 from zyingp/free-after-detect
Fix several bugs found by Address Sanitizer (ASan)
-rw-r--r--example/MacOS/ndpiExample/ndpiExample.xcodeproj/project.pbxproj4
-rw-r--r--src/lib/protocols/http.c2
-rw-r--r--src/lib/protocols/msn.c7
-rw-r--r--src/lib/protocols/tor.c2
4 files changed, 10 insertions, 5 deletions
diff --git a/example/MacOS/ndpiExample/ndpiExample.xcodeproj/project.pbxproj b/example/MacOS/ndpiExample/ndpiExample.xcodeproj/project.pbxproj
index d73d10c05..2c319489d 100644
--- a/example/MacOS/ndpiExample/ndpiExample.xcodeproj/project.pbxproj
+++ b/example/MacOS/ndpiExample/ndpiExample.xcodeproj/project.pbxproj
@@ -7,6 +7,7 @@
objects = {
/* Begin PBXBuildFile section */
+ E32F1ECB20844620005739B7 /* whatsapp.c in Sources */ = {isa = PBXBuildFile; fileRef = E32F1ECA20844620005739B7 /* whatsapp.c */; };
E3953F5420254989000BBA0D /* AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = E3953F5320254989000BBA0D /* AppDelegate.m */; };
E3953F5720254989000BBA0D /* ViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = E3953F5620254989000BBA0D /* ViewController.m */; };
E3953F5920254989000BBA0D /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = E3953F5820254989000BBA0D /* Assets.xcassets */; };
@@ -187,6 +188,7 @@
/* End PBXBuildFile section */
/* Begin PBXFileReference section */
+ E32F1ECA20844620005739B7 /* whatsapp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = whatsapp.c; sourceTree = "<group>"; };
E3953F4F20254989000BBA0D /* ndpiExample.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = ndpiExample.app; sourceTree = BUILT_PRODUCTS_DIR; };
E3953F5220254989000BBA0D /* AppDelegate.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AppDelegate.h; sourceTree = "<group>"; };
E3953F5320254989000BBA0D /* AppDelegate.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = AppDelegate.m; sourceTree = "<group>"; };
@@ -644,6 +646,7 @@
E39542ED20255354000BBA0D /* yahoo.c */,
E39542EE20255354000BBA0D /* zattoo.c */,
E39542EF20255354000BBA0D /* zeromq.c */,
+ E32F1ECA20844620005739B7 /* whatsapp.c */,
);
path = protocols;
sourceTree = "<group>";
@@ -947,6 +950,7 @@
E395454420255355000BBA0D /* zattoo.c in Sources */,
E39544FD20255354000BBA0D /* noe.c in Sources */,
E395451620255354000BBA0D /* shoutcast.c in Sources */,
+ E32F1ECB20844620005739B7 /* whatsapp.c in Sources */,
E395455E202558E6000BBA0D /* ndpi_util.c in Sources */,
E3953F5420254989000BBA0D /* AppDelegate.m in Sources */,
E39543C520255354000BBA0D /* dropbox.c in Sources */,
diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c
index ed8d0cd13..7332c5e04 100644
--- a/src/lib/protocols/http.c
+++ b/src/lib/protocols/http.c
@@ -663,7 +663,7 @@ static void ndpi_check_http_tcp(struct ndpi_detection_module_struct *ndpi_struct
/* Check for additional field introduced by Steam */
int x = 1;
- if((memcmp(packet->line[x].ptr, "x-steam-sid", 11)) == 0) {
+ if(packet->line[x].len >= 11 && (memcmp(packet->line[x].ptr, "x-steam-sid", 11)) == 0) {
NDPI_LOG_INFO(ndpi_struct, "found STEAM\n");
ndpi_int_http_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_STEAM);
check_content_type_and_change_protocol(ndpi_struct, flow);
diff --git a/src/lib/protocols/msn.c b/src/lib/protocols/msn.c
index 4c5b73dcd..ec090cf00 100644
--- a/src/lib/protocols/msn.c
+++ b/src/lib/protocols/msn.c
@@ -442,15 +442,16 @@ static void ndpi_search_msn_tcp(struct ndpi_detection_module_struct *ndpi_struct
}
NDPI_LOG_DBG(ndpi_struct, "msn 7\n");
- if (flow->packet_counter <= MAX_PACKETS_FOR_MSN) {
- if (memcmp(&packet->payload[0], "MSG ", 4) == 0
+ if (flow->packet_counter <= MAX_PACKETS_FOR_MSN) {
+ if (packet->payload_packet_len >=4 && (memcmp(&packet->payload[0], "MSG ", 4) == 0
|| memcmp(&packet->payload[0], "PNG", 3) == 0
|| memcmp(&packet->payload[0], "QNG ", 4) == 0
|| memcmp(&packet->payload[0], "OUT", 3) == 0
|| memcmp(&packet->payload[0], "RNG ", 4) == 0
|| memcmp(&packet->payload[0], "NLN ", 4) == 0
|| memcmp(&packet->payload[0], "UBX ", 4) == 0
- || memcmp(&packet->payload[0], "XFR ", 4) == 0) {
+ || memcmp(&packet->payload[0], "XFR ", 4) == 0)
+ ){
ndpi_int_msn_add_connection(ndpi_struct, flow);
NDPI_LOG_INFO(ndpi_struct, "found MSN\n");
diff --git a/src/lib/protocols/tor.c b/src/lib/protocols/tor.c
index 21fc0cf52..462833db0 100644
--- a/src/lib/protocols/tor.c
+++ b/src/lib/protocols/tor.c
@@ -31,7 +31,7 @@ int ndpi_is_ssl_tor(struct ndpi_detection_module_struct *ndpi_struct,
len = strlen(certificate);
/* Check if it ends in .com or .net */
- if(strcmp(&certificate[len-4], ".com") && strcmp(&certificate[len-4], ".net"))
+ if(len>=4 && strcmp(&certificate[len-4], ".com") && strcmp(&certificate[len-4], ".net"))
return(0);
if((len < 6)