Fixed buffer overflows with safe str search

1. Detected a lot of memory errors using address sanitizer and ndpi-scapy tool. 2. Added ndpi_match_prefix function that compares strings with taking care of payload packet len. Almost drop-in replacement for match_first_bytes function. 3. Replaced unsafe match_first_bytes usage with a ndpi_match_prefix and additional length checks.
author: theirix <theirix@gmail.com> 2016-04-12 22:08:30 +0300
committer: theirix <theirix@gmail.com> 2016-04-12 22:08:30 +0300
commit: fb3fc0c6de201a2ab34b6f7ce4d5dfc2c54c3b5e (patch)
tree: 668e579f3df572a36821500bfe80a60e42a10aab /src/lib/ndpi_main.c
parent: 5a37ee99764b7d262676b0ca052075c9c559c01d (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 845c56c63..8fe3a54d7 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -4339,6 +4339,16 @@ char* ndpi_strnstr(const char *s, const char *find, size_t slen) {
 
 /* ****************************************************** */
 
+int ndpi_match_prefix(const u_int8_t *payload, size_t payload_len,
+    const char *str, size_t str_len)
+{
+  return str_len <= payload_len
+          ? memcmp(payload, str, str_len) == 0
+          : 0;
+}
+
+/* ****************************************************** */
+
 int ndpi_match_string_subprotocol(struct ndpi_detection_module_struct *ndpi_struct,
 				  char *string_to_match, u_int string_to_match_len,
 				  u_int8_t is_host_match) {
author	theirix <theirix@gmail.com>	2016-04-12 22:08:30 +0300
committer	theirix <theirix@gmail.com>	2016-04-12 22:08:30 +0300
commit	fb3fc0c6de201a2ab34b6f7ce4d5dfc2c54c3b5e (patch)
tree	668e579f3df572a36821500bfe80a60e42a10aab /src/lib/ndpi_main.c
parent	5a37ee99764b7d262676b0ca052075c9c559c01d (diff)