Add (kind of) support for loading a list of JA4C malicious fingerprints (#2678)

It might be usefull to be able to match traffic against a list of suspicious JA4C fingerprints Use the same code/logic/infrastructure used for JA3C (note that we are going to remove JA3C...) See: #2551
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2025-01-14 12:05:03 +0100
committer: GitHub <noreply@github.com> 2025-01-14 12:05:03 +0100
commit: 63a3547f998bfbe52c2bc8a540e0f33d37f3ad88 (patch)
tree: 782eac7281a01087a5cf374e7d0a3a76a7ebc552 /fuzz/fuzz_config.cpp
parent: 69a4f8120a3e335074fcc33f81e1d82dc0a88791 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/fuzz/fuzz_config.cpp b/fuzz/fuzz_config.cpp
index 8ced9381b..a07ef100d 100644
--- a/fuzz/fuzz_config.cpp
+++ b/fuzz/fuzz_config.cpp
@@ -87,9 +87,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   if(fuzzed_data.ConsumeBool())
     ndpi_load_risk_domain_file(ndpi_info_mod, fuzzed_data.ConsumeBool() ? NULL : "invalid_filename"); /* Error */
   if(fuzzed_data.ConsumeBool())
-    ndpi_load_malicious_ja3_file(ndpi_info_mod, "ja3_fingerprints.csv");
+    ndpi_load_malicious_ja4_file(ndpi_info_mod, "ja4_fingerprints.csv");
   if(fuzzed_data.ConsumeBool())
-    ndpi_load_malicious_ja3_file(ndpi_info_mod, fuzzed_data.ConsumeBool() ? NULL : "invalid_filename"); /* Error */
+    ndpi_load_malicious_ja4_file(ndpi_info_mod, fuzzed_data.ConsumeBool() ? NULL : "invalid_filename"); /* Error */
   if(fuzzed_data.ConsumeBool())
     ndpi_load_malicious_sha1_file(ndpi_info_mod, "sha1_fingerprints.csv");
   if(fuzzed_data.ConsumeBool())
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2025-01-14 12:05:03 +0100
committer	GitHub <noreply@github.com>	2025-01-14 12:05:03 +0100
commit	63a3547f998bfbe52c2bc8a540e0f33d37f3ad88 (patch)
tree	782eac7281a01087a5cf374e7d0a3a76a7ebc552 /fuzz/fuzz_config.cpp
parent	69a4f8120a3e335074fcc33f81e1d82dc0a88791 (diff)