diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-01-24 21:16:58 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-24 21:16:58 +0100 |
| commit | d577508727226d44a713f1af38b08769546edd2a (patch) | |
| tree | b04fe77e9665778b1737099c815dd0ebba12777a /src/lib/ndpi_main.c | |
| parent | 7a83a8dc9122a730a74e5ac644413ae87f94e563 (diff) | |
fuzz: extend fuzzing coverage (#2281)
Diffstat (limited to 'src/lib/ndpi_main.c')
| -rw-r--r-- | src/lib/ndpi_main.c | 226 |
1 files changed, 52 insertions, 174 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index e9044dfd2..5fe52dd04 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -307,18 +307,14 @@ u_int16_t ndpi_get_proto_by_name(struct ndpi_detection_module_struct *ndpi_str, /* ************************************************************************************* */ /* ************************************************************************************* */ -void ndpi_add_user_proto_id_mapping(struct ndpi_detection_module_struct *ndpi_str, - u_int16_t ndpi_proto_id, u_int16_t user_proto_id) { - if(ndpi_proto_id < NDPI_MAX_SUPPORTED_PROTOCOLS) - return; /* Nothing to map */ - -#ifdef NDPI_ENABLE_DEBUG_MESSAGES +static void ndpi_add_user_proto_id_mapping(struct ndpi_detection_module_struct *ndpi_str, + u_int16_t ndpi_proto_id, u_int16_t user_proto_id) { NDPI_LOG_DBG2(ndpi_str, "[DEBUG] *** %u (>= %u)-> %u\n", ndpi_proto_id, NDPI_MAX_SUPPORTED_PROTOCOLS, user_proto_id); -#endif - ndpi_str->ndpi_to_user_proto_id[ndpi_proto_id-NDPI_MAX_SUPPORTED_PROTOCOLS] = user_proto_id; + if(ndpi_proto_id >= NDPI_MAX_SUPPORTED_PROTOCOLS) + ndpi_str->ndpi_to_user_proto_id[ndpi_proto_id-NDPI_MAX_SUPPORTED_PROTOCOLS] = user_proto_id; } /* ************************************************************************************* */ @@ -327,11 +323,9 @@ void ndpi_add_user_proto_id_mapping(struct ndpi_detection_module_struct *ndpi_st u_int16_t ndpi_map_user_proto_id_to_ndpi_id(struct ndpi_detection_module_struct *ndpi_str, u_int16_t user_proto_id) { -#ifdef NDPI_ENABLE_DEBUG_MESSAGES #if 0 /* Too much verbose... */ NDPI_LOG_DBG2(ndpi_str, "[DEBUG] ***** %s(%u)\n", __FUNCTION__, user_proto_id); #endif -#endif if(!ndpi_str) return(0); @@ -359,11 +353,9 @@ u_int16_t ndpi_map_user_proto_id_to_ndpi_id(struct ndpi_detection_module_struct /* Map an internal nDPI protocol id to a custom user protocol */ u_int16_t ndpi_map_ndpi_id_to_user_proto_id(struct ndpi_detection_module_struct *ndpi_str, u_int16_t ndpi_proto_id) { -#ifdef NDPI_ENABLE_DEBUG_MESSAGES #if 0 /* Too much verbose... */ NDPI_LOG_DBG2(ndpi_str, "[DEBUG] ***** %s(%u)\n", __FUNCTION__, ndpi_proto_id); #endif -#endif if(!ndpi_str) return(0); @@ -561,6 +553,9 @@ void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_str, char *name; int j; + if(!ndpi_str || !protoName) + return; + if(!ndpi_is_valid_protoId(protoId)) { NDPI_LOG_ERR(ndpi_str, "[NDPI] %s/protoId=%d: INTERNAL ERROR\n", protoName, protoId); return; @@ -577,9 +572,6 @@ void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_str, return; } - if(ndpi_str->proto_defaults[protoId].protoName) - ndpi_free(ndpi_str->proto_defaults[protoId].protoName); - ndpi_str->proto_defaults[protoId].isClearTextProto = is_cleartext; /* is_appprotocol=1 means that this is only an application protocol layered @@ -2387,6 +2379,8 @@ int ndpi_fill_prefix_v6(ndpi_prefix_t *prefix, const struct in6_addr *addr, int /* ******************************************* */ int ndpi_fill_prefix_mac(ndpi_prefix_t *prefix, u_int8_t *mac, int bits, int maxbits) { + memset(prefix, 0, sizeof(ndpi_prefix_t)); + if(bits < 0 || bits > maxbits) return -1; @@ -2618,9 +2612,6 @@ static ndpi_patricia_node_t* add_to_ptree(ndpi_patricia_tree_t *tree, int family ndpi_prefix_t prefix; ndpi_patricia_node_t *node; - if(!tree) - return(NULL); - if(family == AF_INET) ndpi_fill_prefix_v4(&prefix, (struct in_addr *) addr, bits, tree->maxbits); else @@ -2758,9 +2749,6 @@ static int ndpi_add_host_ip_subprotocol(struct ndpi_detection_module_struct *ndp bool value_ready = false; struct addrinfo hints, *result, *rp; - if(!ndpi_str->protocols_ptree) - return(-1); - if(value[0] == '[') { is_ipv6 = 1; bits = 128; @@ -2815,7 +2803,7 @@ static int ndpi_add_host_ip_subprotocol(struct ndpi_detection_module_struct *ndp hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_CANONNAME; - if(!is_ipv6) { + if(!is_ipv6 && ndpi_str->protocols_ptree) { /* Check if the IP address is symbolic or numeric */ unsigned int d[4]; char tail[16] = { '\0' }; @@ -2848,7 +2836,7 @@ static int ndpi_add_host_ip_subprotocol(struct ndpi_detection_module_struct *ndp } node = add_to_ptree(ndpi_str->protocols_ptree, AF_INET, &pin, bits); - } else { + } else if(is_ipv6 && ndpi_str->protocols_ptree6) { if(strchr(value, ':') == NULL) { /* This might be a symbolic IPv6 address */ @@ -2875,6 +2863,8 @@ static int ndpi_add_host_ip_subprotocol(struct ndpi_detection_module_struct *ndp } node = add_to_ptree(ndpi_str->protocols_ptree6, AF_INET6, &pin6, bits); + } else { + return(-1); } if(node != NULL) { @@ -2884,7 +2874,6 @@ static int ndpi_add_host_ip_subprotocol(struct ndpi_detection_module_struct *ndp for(i=0; i<UV16_MAX_USER_VALUES; i++) { if(node->value.u.uv16[i].user_value == 0) { node->value.u.uv16[i].user_value = protocol_id, node->value.u.uv16[i].additional_user_value = htons(port); - return(0); } } /* for */ @@ -2919,9 +2908,9 @@ void set_ndpi_flow_free(void (*__ndpi_flow_free)(void *ptr)) { _ndpi_flow_free = __ndpi_flow_free; } +#ifdef NDPI_ENABLE_DEBUG_MESSAGES void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct *ndpi_str, ndpi_log_level_t log_level, const char *file_name, const char *func_name, unsigned int line_number, const char *format, ...) { -#ifdef NDPI_ENABLE_DEBUG_MESSAGES va_list args; #define MAX_STR_LEN 250 char str[MAX_STR_LEN]; @@ -2941,8 +2930,8 @@ void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct * } #endif -#endif } +#endif /* ****************************************** */ @@ -3273,8 +3262,6 @@ static void ndpi_add_domain_risk_exceptions(struct ndpi_detection_module_struct u_int i; ndpi_risk mask = ((ndpi_risk)-1); - if(!ndpi_str) return; - for(i=0; risks_to_mask[i] != NDPI_NO_RISK; i++) mask &= ~(1ULL << risks_to_mask[i]); @@ -3611,8 +3598,6 @@ int ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str) } } - if(ndpi_str->ac_automa_finalized) return -1; - ndpi_automa * const automa[] = { &ndpi_str->host_automa, &ndpi_str->tls_cert_subject_automa, &ndpi_str->host_risk_mask_automa, @@ -3625,8 +3610,6 @@ int ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str) ac_automata_finalize((AC_AUTOMATA_t *) a->ac_automa); } - ndpi_str->ac_automa_finalized = 1; - if(ndpi_str->cfg.tls_app_blocks_tracking_enabled) { ndpi_str->num_tls_blocks_to_follow = NDPI_MAX_NUM_TLS_APPL_BLOCKS; ndpi_str->skip_tls_blocks_until_change_cipher = 1; @@ -4168,7 +4151,7 @@ static u_int16_t guess_protocol_id(struct ndpi_detection_module_struct *ndpi_str if(flow) { /* Run some basic consistency tests */ - if(packet->payload_packet_len < sizeof(struct ndpi_icmphdr)) + if(packet->payload_packet_len < sizeof(struct ndpi_icmp6hdr)) ndpi_set_risk(ndpi_str, flow, NDPI_MALFORMED_PACKET, NULL); else { u_int8_t icmp6_type = (u_int8_t)packet->payload[0]; @@ -4699,26 +4682,35 @@ int load_categories_file_fd(struct ndpi_detection_module_struct *ndpi_str, */ int ndpi_load_category_file(struct ndpi_detection_module_struct *ndpi_str, char *path, ndpi_protocol_category_t category_id) { - char buffer[256], *line; + int rc; FILE *fd; - u_int num_loaded = 0; - unsigned int failed_lines = 0; - unsigned int lines_read = 0; - if(!ndpi_str || !path || !ndpi_str->protocols_ptree) - return(0); - -#ifdef NDPI_ENABLE_DEBUG_MESSAGES - // printf("Loading %s [proto %d]\n", path, category_id); -#endif + if(!ndpi_str || !path) + return(-1); fd = fopen(path, "r"); - if(fd == NULL) { NDPI_LOG_ERR(ndpi_str, "Unable to open file %s [%s]\n", path, strerror(errno)); - return(0); + return -1; } + rc = load_category_file_fd(ndpi_str, fd, category_id); + + fclose(fd); + + return rc; +} + +int load_category_file_fd(struct ndpi_detection_module_struct *ndpi_str, + FILE *fd, ndpi_protocol_category_t category_id) { + char buffer[256], *line; + u_int num_loaded = 0; + unsigned int failed_lines = 0; + unsigned int lines_read = 0; + + if(!ndpi_str || !fd || !ndpi_str->protocols_ptree) + return(0); + while(1) { int len; @@ -4731,8 +4723,8 @@ int ndpi_load_category_file(struct ndpi_detection_module_struct *ndpi_str, len = strlen(line); if(len <= 1 || len == sizeof(buffer) - 1) { - NDPI_LOG_ERR(ndpi_str, "[NDPI] Failed to read file '%s' line #%u, line too short/long\n", - path, lines_read); + NDPI_LOG_ERR(ndpi_str, "[NDPI] Failed to read file line #%u, line too short/long\n", + lines_read); failed_lines++; continue; } else if (line[0] == '#') @@ -4752,8 +4744,8 @@ int ndpi_load_category_file(struct ndpi_detection_module_struct *ndpi_str, if (i != len - 2 && i != len - 1) { - NDPI_LOG_ERR(ndpi_str, "[NDPI] Failed to read file '%s' line #%u, invalid characters found\n", - path, lines_read); + NDPI_LOG_ERR(ndpi_str, "[NDPI] Failed to read file line #%u, invalid characters found\n", + lines_read); failed_lines++; continue; } @@ -4762,7 +4754,6 @@ int ndpi_load_category_file(struct ndpi_detection_module_struct *ndpi_str, num_loaded++; } - fclose(fd); if(failed_lines) return(-1 * failed_lines); return(num_loaded); @@ -4839,9 +4830,6 @@ static int ndpi_load_risky_domain(struct ndpi_detection_module_struct *ndpi_str, ac_automata_name(ndpi_str->risky_domain_automa.ac_automa, "risky", 0); } - if(!ndpi_str->risky_domain_automa.ac_automa) - return -1; - return ndpi_string_to_automa(ndpi_str, (AC_AUTOMATA_t *)ndpi_str->risky_domain_automa.ac_automa, domain_name, 1, 0, 0, 0, 1); /* domain, protocol, category, breed, level , at_end */ } @@ -6336,9 +6324,6 @@ static int ndpi_init_packet(struct ndpi_detection_module_struct *ndpi_str, u_int8_t l4protocol; u_int8_t l4_result; - if(!flow) - return(1); - /* need at least 20 bytes for ip header */ if(packetlen < 20) return 1; @@ -6577,11 +6562,8 @@ static int tcp_ack_padding(struct ndpi_packet_struct *packet) { return 0; } -void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_str, - struct ndpi_flow_struct *flow) { - if(!flow) { - return; - } else { +static void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_str, + struct ndpi_flow_struct *flow) { /* const for gcc code optimization and cleaner code */ struct ndpi_packet_struct *packet = &ndpi_str->packet; const struct ndpi_iphdr *iph = packet->iph; @@ -6816,7 +6798,6 @@ void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_str, ndpi_unset_risk(ndpi_str, flow, NDPI_UNIDIRECTIONAL_TRAFFIC); /* Clear bit */ } } - } } /* ************************************************ */ @@ -6969,12 +6950,10 @@ static u_int32_t check_ndpi_tcp_flow_func(struct ndpi_detection_module_struct *n /* ********************************************************************************* */ -u_int32_t ndpi_check_flow_func(struct ndpi_detection_module_struct *ndpi_str, - struct ndpi_flow_struct *flow, - NDPI_SELECTION_BITMASK_PROTOCOL_SIZE *ndpi_selection_packet) { - if(!flow) - return(0); - else if(ndpi_str->packet.tcp != NULL) +static u_int32_t ndpi_check_flow_func(struct ndpi_detection_module_struct *ndpi_str, + struct ndpi_flow_struct *flow, + NDPI_SELECTION_BITMASK_PROTOCOL_SIZE *ndpi_selection_packet) { + if(ndpi_str->packet.tcp != NULL) return(check_ndpi_tcp_flow_func(ndpi_str, flow, ndpi_selection_packet)); else if(ndpi_str->packet.udp != NULL) return(check_ndpi_udp_flow_func(ndpi_str, flow, ndpi_selection_packet)); @@ -8695,90 +8674,6 @@ void ndpi_parse_packet_line_info_any(struct ndpi_detection_module_struct *ndpi_s /* ********************************************************************************* */ -u_int16_t check_for_email_address(struct ndpi_detection_module_struct *ndpi_str, - u_int16_t counter) { - struct ndpi_packet_struct *packet; - - if(!ndpi_str) - return(0); - - packet = &ndpi_str->packet; - NDPI_LOG_DBG2(ndpi_str, "called ndpi_check_for_email_address\n"); - - if(packet->payload_packet_len > counter && ((packet->payload[counter] >= 'a' && packet->payload[counter] <= 'z') || - (packet->payload[counter] >= 'A' && packet->payload[counter] <= 'Z') || - (packet->payload[counter] >= '0' && packet->payload[counter] <= '9') || - packet->payload[counter] == '-' || packet->payload[counter] == '_')) { - NDPI_LOG_DBG2(ndpi_str, "first letter\n"); - counter++; - while(packet->payload_packet_len > counter && - ((packet->payload[counter] >= 'a' && packet->payload[counter] <= 'z') || - (packet->payload[counter] >= 'A' && packet->payload[counter] <= 'Z') || - (packet->payload[counter] >= '0' && packet->payload[counter] <= '9') || - packet->payload[counter] == '-' || packet->payload[counter] == '_' || - packet->payload[counter] == '.')) { - NDPI_LOG_DBG2(ndpi_str, "further letter\n"); - counter++; - if(packet->payload_packet_len > counter && packet->payload[counter] == '@') { - NDPI_LOG_DBG2(ndpi_str, "@\n"); - counter++; - while(packet->payload_packet_len > counter && - ((packet->payload[counter] >= 'a' && packet->payload[counter] <= 'z') || - (packet->payload[counter] >= 'A' && packet->payload[counter] <= 'Z') || - (packet->payload[counter] >= '0' && packet->payload[counter] <= '9') || - packet->payload[counter] == '-' || packet->payload[counter] == '_')) { - NDPI_LOG_DBG2(ndpi_str, "letter\n"); - counter++; - if(packet->payload_packet_len > counter && packet->payload[counter] == '.') { - NDPI_LOG_DBG2(ndpi_str, ".\n"); - counter++; - if(packet->payload_packet_len > counter + 1 && - ((packet->payload[counter] >= 'a' && packet->payload[counter] <= 'z') && - (packet->payload[counter + 1] >= 'a' && packet->payload[counter + 1] <= 'z'))) { - NDPI_LOG_DBG2(ndpi_str, "two letters\n"); - counter += 2; - if(packet->payload_packet_len > counter && - (packet->payload[counter] == ' ' || packet->payload[counter] == ';')) { - NDPI_LOG_DBG2(ndpi_str, "whitespace1\n"); - return(counter); - } else if(packet->payload_packet_len > counter && packet->payload[counter] >= 'a' && - packet->payload[counter] <= 'z') { - NDPI_LOG_DBG2(ndpi_str, "one letter\n"); - counter++; - if(packet->payload_packet_len > counter && - (packet->payload[counter] == ' ' || packet->payload[counter] == ';')) { - NDPI_LOG_DBG2(ndpi_str, "whitespace2\n"); - return(counter); - } else if(packet->payload_packet_len > counter && packet->payload[counter] >= 'a' && - packet->payload[counter] <= 'z') { - counter++; - if(packet->payload_packet_len > counter && - (packet->payload[counter] == ' ' || packet->payload[counter] == ';')) { - NDPI_LOG_DBG2(ndpi_str, "whitespace3\n"); - return(counter); - } else { - return(0); - } - } else { - return(0); - } - } else { - return(0); - } - } else { - return(0); - } - } - } - return(0); - } - } - } - return(0); -} - -/* ********************************************************************************* */ - u_int8_t ndpi_detection_get_l4(const u_int8_t *l3, u_int16_t l3_len, const u_int8_t **l4_return, u_int16_t *l4_len_return, u_int8_t *l4_protocol_return, u_int32_t flags) { return(ndpi_detection_get_l4_internal(NULL, l3, l3_len, l4_return, l4_len_return, l4_protocol_return, flags)); @@ -8854,9 +8749,6 @@ void ndpi_get_flow_ndpi_proto(struct ndpi_detection_module_struct *ndpi_str, str static void ndpi_int_change_flow_protocol(struct ndpi_detection_module_struct *ndpi_str, struct ndpi_flow_struct *flow, u_int16_t upper_detected_protocol, u_int16_t lower_detected_protocol, ndpi_confidence_t confidence) { - if(!flow) - return; - flow->detected_protocol_stack[0] = upper_detected_protocol, flow->detected_protocol_stack[1] = lower_detected_protocol; flow->confidence = confidence; @@ -8890,21 +8782,6 @@ void change_category(struct ndpi_detection_module_struct *ndpi_str, struct ndpi_ /* ********************************************************************************* */ -void NDPI_PROTOCOL_IP_clear(ndpi_ip_addr_t *ip) { - memset(ip, 0, sizeof(ndpi_ip_addr_t)); -} - -/* ********************************************************************************* */ - -#ifdef CODE_UNUSED -/* NTOP */ -int NDPI_PROTOCOL_IP_is_set(const ndpi_ip_addr_t *ip) { - return(memcmp(ip, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", sizeof(ndpi_ip_addr_t)) != 0); -} -#endif - -/* ********************************************************************************* */ - u_int8_t ndpi_is_ipv6(const ndpi_ip_addr_t *ip) { return(ip->ipv6.u6_addr.u6_addr32[1] != 0 || ip->ipv6.u6_addr.u6_addr32[2] != 0 || ip->ipv6.u6_addr.u6_addr32[3] != 0); @@ -9331,7 +9208,7 @@ char *ndpi_get_proto_breed_name(struct ndpi_detection_module_struct *ndpi_str, int ndpi_get_protocol_id(struct ndpi_detection_module_struct *ndpi_str, char *proto) { int i; - if(!ndpi_str) return(-1); + if(!ndpi_str || !proto) return(-1); for(i = 0; i < (int) ndpi_str->ndpi_num_supported_protocols; i++) if(ndpi_str->proto_defaults[i].protoName && @@ -9438,6 +9315,9 @@ void ndpi_generate_options(u_int opt, FILE *options_out) { void ndpi_dump_risks_score(FILE *risk_out) { u_int i; + if(!risk_out) + return; + fprintf(risk_out, "%3s %-48s %-8s %s %-8s %-8s\n", "Id", "Risk", "Severity", "Score", "CliScore", "SrvScore"); @@ -9566,8 +9446,6 @@ static u_int16_t ndpi_automa_match_string_subprotocol(struct ndpi_detection_modu ndpi_protocol_match_result *ret_match) { int matching_protocol_id; - if(!ndpi_str) return(NDPI_PROTOCOL_UNKNOWN); - matching_protocol_id = ndpi_match_string_subprotocol(ndpi_str, string_to_match, string_to_match_len, ret_match); @@ -10979,7 +10857,7 @@ char *ndpi_dump_config(struct ndpi_detection_module_struct *ndpi_str, /* TODO */ case CFG_PARAM_PROTOCOL_ENABLE_DISABLE: fprintf(fd, " *) %s %s: %s [all %s]", - c->proto ? c->proto : "NULL", + c->proto, c->param, /* TODO */ _get_param_protocol_enable_disable((void *)((char *)&ndpi_str->cfg + c->offset), "any", buf, sizeof(buf)), c->default_value); |