aboutsummaryrefslogtreecommitdiff
path: root/src/lib/ndpi_serializer.c
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2023-01-27 07:09:18 +0100
committerGitHub <noreply@github.com>2023-01-27 07:09:18 +0100
commit6d00a9e0bd4cdb2be26577f53b75b3078cefd4c3 (patch)
tree327e7d1bc8e89a990e99ea8cfb4a748c80d12f32 /src/lib/ndpi_serializer.c
parenteea99564308fffca675918506a6e12f7a4f71a6f (diff)
fuzz: add a new fuzzer to test serialization/deserialization code (#1876)
Autodetecting the needed buffer size is quite complex (especially with float/double values) so it is mandatory to properly check for `ndpi_snprintf` truncation. These issues have been undetected so far probably because the default buffer is big enough for all common cases. Add an example of usage of `ndpi_deserialize_clone_all()` (taken from `ntopng`)
Diffstat (limited to 'src/lib/ndpi_serializer.c')
-rw-r--r--src/lib/ndpi_serializer.c395
1 files changed, 321 insertions, 74 deletions
diff --git a/src/lib/ndpi_serializer.c b/src/lib/ndpi_serializer.c
index f8652dbc3..de7b2fd7c 100644
--- a/src/lib/ndpi_serializer.c
+++ b/src/lib/ndpi_serializer.c
@@ -217,7 +217,8 @@ int ndpi_init_serializer_ll(ndpi_serializer *_serializer,
serializer->fmt = fmt;
- if (ndpi_init_serializer_buffer(&serializer->buffer, buffer_size) != 0)
+ if (buffer_size < 3 ||
+ ndpi_init_serializer_buffer(&serializer->buffer, buffer_size) != 0)
return(-1);
if(serializer->fmt == ndpi_serialization_format_json) {
@@ -267,7 +268,7 @@ static inline int ndpi_extend_serializer_buffer(ndpi_private_serializer_buffer *
new_size = buffer->size + min_len;
new_size = ((new_size / 4) + 1) * 4; /* required by zmq encryption */
- r = realloc((void *) buffer->data, new_size);
+ r = ndpi_realloc((void *) buffer->data, buffer->size, new_size);
if(r == NULL)
return(-1);
@@ -735,18 +736,27 @@ static inline void ndpi_serialize_json_pre(ndpi_serializer *_serializer) {
/* ********************************** */
-static inline void ndpi_serialize_json_post(ndpi_serializer *_serializer) {
+static inline int ndpi_serialize_json_post(ndpi_serializer *_serializer) {
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
- if(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)
+ if(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST) {
+ if(serializer->status.buffer.size_used >= serializer->buffer.size)
+ return -1;
serializer->buffer.data[serializer->status.buffer.size_used++] = ']';
+ }
+ if(serializer->status.buffer.size_used >= serializer->buffer.size)
+ return -1;
serializer->buffer.data[serializer->status.buffer.size_used++] = '}';
- if(serializer->status.flags & NDPI_SERIALIZER_STATUS_ARRAY)
+ if(serializer->status.flags & NDPI_SERIALIZER_STATUS_ARRAY) {
+ if(serializer->status.buffer.size_used >= serializer->buffer.size)
+ return -1;
serializer->buffer.data[serializer->status.buffer.size_used++] = ']';
+ }
serializer->status.flags |= NDPI_SERIALIZER_STATUS_COMMA;
+ return 0;
}
/* ********************************** */
@@ -774,6 +784,7 @@ int ndpi_serialize_uint32_uint32(ndpi_serializer *_serializer,
u_int32_t key, u_int32_t value) {
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
+ int rc;
u_int16_t needed =
sizeof(u_int8_t) /* type */ +
sizeof(u_int32_t) /* key */ +
@@ -790,26 +801,37 @@ int ndpi_serialize_uint32_uint32(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "%u", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
"%u", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
ndpi_serialization_type kt;
u_int8_t type = 0;
@@ -846,6 +868,7 @@ int ndpi_serialize_uint32_uint64(ndpi_serializer *_serializer,
sizeof(u_int8_t) /* type */ +
sizeof(u_int32_t) /* key */ +
sizeof(u_int64_t);
+ int rc;
if(serializer->fmt == ndpi_serialization_format_json)
needed += 32;
@@ -858,26 +881,37 @@ int ndpi_serialize_uint32_uint64(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
"\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
NDPI_U64_FORMAT, (unsigned long long)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
NDPI_U64_FORMAT, (unsigned long long)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
if(value <= 0xffffffff) {
return(ndpi_serialize_uint32_uint32(_serializer, key, value));
@@ -910,6 +944,7 @@ int ndpi_serialize_uint32_int32(ndpi_serializer *_serializer,
sizeof(u_int8_t) /* type */ +
sizeof(u_int32_t) /* key */ +
sizeof(int32_t);
+ int rc;
if(serializer->fmt == ndpi_serialization_format_json)
needed += 24;
@@ -922,26 +957,37 @@ int ndpi_serialize_uint32_int32(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "%d", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
"%d", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
ndpi_serialization_type kt;
u_int8_t type = 0;
@@ -978,6 +1024,7 @@ int ndpi_serialize_uint32_int64(ndpi_serializer *_serializer,
sizeof(u_int8_t) /* type */ +
sizeof(u_int32_t) /* key */ +
sizeof(int64_t);
+ int rc;
if(serializer->fmt == ndpi_serialization_format_json)
needed += 32;
@@ -990,26 +1037,37 @@ int ndpi_serialize_uint32_int64(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, NDPI_I64_FORMAT, (long long int)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
NDPI_I64_FORMAT, (long long int)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
}
else {
if((value & 0xFFFFFFFF) == value) {
@@ -1043,7 +1101,9 @@ int ndpi_serialize_uint32_float(ndpi_serializer *_serializer,
u_int16_t needed =
sizeof(u_int8_t) /* type */ +
sizeof(u_int32_t) /* key */ +
- sizeof(float);
+ sizeof(float) +
+ 32; /* Safety, because printing float might lead to LONG string */
+ int rc;
if(serializer->fmt == ndpi_serialization_format_json)
needed += 32;
@@ -1056,20 +1116,31 @@ int ndpi_serialize_uint32_float(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, "\"%u\":", key);
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, "\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
ndpi_serialization_type kt;
@@ -1091,8 +1162,81 @@ int ndpi_serialize_uint32_float(ndpi_serializer *_serializer,
/* ********************************** */
-static int ndpi_serialize_uint32_binary(ndpi_serializer *_serializer,
- u_int32_t key, const char *value, u_int16_t slen) {
+int ndpi_serialize_uint32_double(ndpi_serializer *_serializer,
+ u_int32_t key, double value,
+ const char *format /* e.f. "%.2f" */) {
+ ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
+ u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
+ u_int16_t needed =
+ sizeof(u_int8_t) /* type */ +
+ sizeof(u_int32_t) /* key */ +
+ sizeof(double) +
+ 32; /* Safety, because printing double might lead to LONG string */
+ int rc;
+
+ if(serializer->fmt == ndpi_serialization_format_json)
+ needed += 32;
+
+ if(buff_diff < needed) {
+ if(ndpi_extend_serializer_buffer(&serializer->buffer, needed - buff_diff) < 0)
+ return(-1);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
+ }
+
+ if(serializer->fmt == ndpi_serialization_format_json) {
+ ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
+
+ if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, "\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
+ }
+
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
+
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
+ } else if(serializer->fmt == ndpi_serialization_format_csv) {
+ if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
+ ndpi_serialize_csv_pre(serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
+
+ } else {
+#if 1
+ fprintf(stderr, "TLV serializer does not support double\n");
+#else
+ ndpi_serialization_type kt;
+ u_int8_t type = 0;
+ u_int32_t type_offset = serializer->status.buffer.size_used++;
+
+ kt = ndpi_serialize_key_uint32(serializer, key);
+ type = (kt << 4);
+
+ ndpi_serialize_single_float(serializer, value);
+ type |= ndpi_serialization_double;
+
+ serializer->buffer.data[type_offset] = type;
+#endif
+ }
+
+ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY;
+ return(0);
+}
+
+/* ********************************** */
+
+int ndpi_serialize_uint32_binary(ndpi_serializer *_serializer,
+ u_int32_t key, const char *value, u_int16_t slen) {
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed =
@@ -1100,6 +1244,7 @@ static int ndpi_serialize_uint32_binary(ndpi_serializer *_serializer,
sizeof(u_int32_t) /* key */ +
sizeof(u_int16_t) /* len */ +
slen;
+ int rc;
if(serializer->fmt == ndpi_serialization_format_json)
needed += 24 + slen;
@@ -1112,23 +1257,31 @@ static int ndpi_serialize_uint32_binary(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used],
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
serializer->status.buffer.size_used += ndpi_json_string_escape(value, slen,
(char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
- &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
- "%s", value);
+ rc = ndpi_snprintf((char *)
+ &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
+ "%.*s", slen, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
ndpi_serialization_type kt;
u_int8_t type = 0;
@@ -1162,6 +1315,7 @@ int ndpi_serialize_uint32_boolean(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed = 24;
+ int rc;
if(serializer->fmt != ndpi_serialization_format_json &&
serializer->fmt != ndpi_serialization_format_csv)
@@ -1175,26 +1329,37 @@ int ndpi_serialize_uint32_boolean(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "\"%u\":", key);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used],
buff_diff, "%s", value ? "true" : "false");
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_uint32(serializer, key) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
"%s", value ? "true" : "false");
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
}
serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY;
@@ -1209,6 +1374,7 @@ int ndpi_serialize_binary_int32(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
#ifdef OPTIMIZE_NUMERIC_KEYS
if(ndpi_is_number(key, klen))
@@ -1232,6 +1398,7 @@ int ndpi_serialize_binary_int32(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1241,17 +1408,24 @@ int ndpi_serialize_binary_int32(ndpi_serializer *_serializer,
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, "%d", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, klen) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
"%d", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
if(value <= 127 && value >= -128) {
serializer->buffer.data[serializer->status.buffer.size_used++] = (ndpi_serialization_string << 4) | ndpi_serialization_int8;
@@ -1304,8 +1478,9 @@ int ndpi_serialize_string_int32(ndpi_serializer *_serializer,
rc = ndpi_snprintf((char*)&serializer->buffer.data[serializer->status.buffer.size_used],
needed, "%u", value);
- if(rc > 0)
- serializer->status.buffer.size_used += rc;
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
return(0);
} else
#endif
@@ -1320,6 +1495,7 @@ int ndpi_serialize_binary_int64(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
#ifdef OPTIMIZE_NUMERIC_KEYS
if(ndpi_is_number(key, klen))
@@ -1330,7 +1506,7 @@ int ndpi_serialize_binary_int64(ndpi_serializer *_serializer,
sizeof(u_int8_t) /* type */ +
sizeof(u_int16_t) /* key len */ +
klen /* key */ +
- sizeof(u_int32_t);
+ sizeof(u_int64_t);
if(serializer->fmt == ndpi_serialization_format_json)
needed += 16 + klen;
@@ -1343,6 +1519,7 @@ int ndpi_serialize_binary_int64(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1353,17 +1530,24 @@ int ndpi_serialize_binary_int64(ndpi_serializer *_serializer,
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
NDPI_I64_FORMAT, (long long int)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, klen) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
NDPI_I64_FORMAT, (long long int)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
if ((value & 0xFFFFFFFF) == value) {
return(ndpi_serialize_string_int32(_serializer, key, value));
@@ -1392,6 +1576,7 @@ int ndpi_serialize_binary_uint32(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
#ifdef OPTIMIZE_CSV_SERIALIZATION
if(serializer->fmt == ndpi_serialization_format_csv) {
@@ -1444,6 +1629,7 @@ int ndpi_serialize_binary_uint32(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1454,18 +1640,25 @@ int ndpi_serialize_binary_uint32(ndpi_serializer *_serializer,
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
- &serializer->buffer.data[serializer->status.buffer.size_used],
- buff_diff, "%u", value);
+ rc = ndpi_snprintf((char *)
+ &serializer->buffer.data[serializer->status.buffer.size_used],
+ buff_diff, "%u", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, klen) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
- &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
- "%u", value);
+ rc = ndpi_snprintf((char *)
+ &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
+ "%u", value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
if(value <= 0xff) {
serializer->buffer.data[serializer->status.buffer.size_used++] = (ndpi_serialization_string << 4) | ndpi_serialization_uint8;
@@ -1523,6 +1716,7 @@ int ndpi_serialize_binary_uint64(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
#ifdef OPTIMIZE_NUMERIC_KEYS
if(ndpi_is_number(key, klen))
@@ -1536,7 +1730,7 @@ int ndpi_serialize_binary_uint64(ndpi_serializer *_serializer,
sizeof(u_int64_t);
if(serializer->fmt == ndpi_serialization_format_json)
- needed += 32 + klen;
+ needed += 16 + klen;
if(buff_diff < needed) {
if(ndpi_extend_serializer_buffer(&serializer->buffer, needed - buff_diff) < 0)
@@ -1546,6 +1740,7 @@ int ndpi_serialize_binary_uint64(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1556,18 +1751,25 @@ int ndpi_serialize_binary_uint64(ndpi_serializer *_serializer,
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
NDPI_U64_FORMAT, (unsigned long long)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, klen) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
NDPI_U64_FORMAT, (unsigned long long)value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
if(value <= 0xffffffff) {
return(ndpi_serialize_string_uint32(_serializer, key, value));
@@ -1599,6 +1801,7 @@ int ndpi_serialize_binary_float(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
#ifdef OPTIMIZE_NUMERIC_KEYS
if(ndpi_is_number(key, klen))
@@ -1609,7 +1812,8 @@ int ndpi_serialize_binary_float(ndpi_serializer *_serializer,
sizeof(u_int8_t) /* type */ +
sizeof(u_int16_t) /* key len */ +
klen /* key */ +
- sizeof(float);
+ sizeof(float) +
+ 32; /* Safety, because printing float might lead to LONG string */
if(serializer->fmt == ndpi_serialization_format_json)
needed += 32 + klen;
@@ -1622,6 +1826,7 @@ int ndpi_serialize_binary_float(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1631,14 +1836,21 @@ int ndpi_serialize_binary_float(ndpi_serializer *_serializer,
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, klen) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
serializer->buffer.data[serializer->status.buffer.size_used++] = (ndpi_serialization_string << 4) | ndpi_serialization_float;
@@ -1661,12 +1873,14 @@ int ndpi_serialize_binary_double(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
needed =
sizeof(u_int8_t) /* type */ +
sizeof(u_int16_t) /* key len */ +
klen /* key */ +
- sizeof(double);
+ sizeof(double) +
+ 32; /* Safety, because printing double might lead to LONG string */
if(serializer->fmt == ndpi_serialization_format_json)
needed += 32 + klen;
@@ -1679,6 +1893,7 @@ int ndpi_serialize_binary_double(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1688,14 +1903,21 @@ int ndpi_serialize_binary_double(ndpi_serializer *_serializer,
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, klen) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, format, value);
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
} else {
#if 1
fprintf(stderr, "TLV serializer does not support double\n");
@@ -1761,6 +1983,7 @@ static int ndpi_serialize_binary_raw(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1778,7 +2001,8 @@ static int ndpi_serialize_binary_raw(ndpi_serializer *_serializer,
serializer->status.buffer.size_used += vlen;
}
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, klen) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
@@ -1886,6 +2110,7 @@ int ndpi_serialize_binary_boolean(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
if(serializer->fmt != ndpi_serialization_format_json &&
serializer->fmt != ndpi_serialization_format_csv)
@@ -1906,6 +2131,7 @@ int ndpi_serialize_binary_boolean(ndpi_serializer *_serializer,
if(serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
if (!(serializer->status.flags & NDPI_SERIALIZER_STATUS_LIST)) {
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
@@ -1915,17 +2141,24 @@ int ndpi_serialize_binary_boolean(ndpi_serializer *_serializer,
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
}
- serializer->status.buffer.size_used += ndpi_snprintf((char *)
+ rc = ndpi_snprintf((char *)
&serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, "%s",
value ? "true" : "false");
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else if(serializer->fmt == ndpi_serialization_format_csv) {
if (ndpi_serializer_header_string(serializer, key, strlen(key)) < 0) return(-1);
ndpi_serialize_csv_pre(serializer);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff,
"%s", value ? "true" : "false");
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
}
serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY;
@@ -1946,6 +2179,7 @@ int ndpi_serialize_start_of_list_binary(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
if(serializer->fmt != ndpi_serialization_format_json &&
serializer->fmt != ndpi_serialization_format_tlv)
@@ -1961,17 +2195,22 @@ int ndpi_serialize_start_of_list_binary(ndpi_serializer *_serializer,
if (serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
(char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, ": [");
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, ": [");
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
serializer->status.flags |= NDPI_SERIALIZER_STATUS_LIST | NDPI_SERIALIZER_STATUS_SOL;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else {
serializer->buffer.data[serializer->status.buffer.size_used++] = ndpi_serialization_start_of_list;
ndpi_serialize_single_string(serializer, key, klen);
@@ -2021,6 +2260,7 @@ int ndpi_serialize_start_of_block_binary(ndpi_serializer *_serializer,
ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer;
u_int32_t buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
u_int32_t needed;
+ int rc;
if(serializer->fmt != ndpi_serialization_format_json &&
serializer->fmt != ndpi_serialization_format_tlv)
@@ -2036,12 +2276,18 @@ int ndpi_serialize_start_of_block_binary(ndpi_serializer *_serializer,
if (serializer->fmt == ndpi_serialization_format_json) {
ndpi_serialize_json_pre(_serializer);
+ buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
+
serializer->status.buffer.size_used += ndpi_json_string_escape(key, klen,
(char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff);
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- serializer->status.buffer.size_used += ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, ": {");
+ rc = ndpi_snprintf((char *) &serializer->buffer.data[serializer->status.buffer.size_used], buff_diff, ": {");
+ if(rc < 0 || (u_int)rc >= buff_diff)
+ return(-1);
+ serializer->status.buffer.size_used += rc;
buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
serializer->status.flags |= NDPI_SERIALIZER_STATUS_SOB;
} else /* ndpi_serialization_format_tlv */ {
@@ -2104,7 +2350,8 @@ int ndpi_serialize_end_of_block(ndpi_serializer *_serializer) {
serializer->status.flags &= ~NDPI_SERIALIZER_STATUS_SOB;
// buff_diff = serializer->buffer.size - serializer->status.buffer.size_used;
- ndpi_serialize_json_post(_serializer);
+ if(ndpi_serialize_json_post(_serializer) != 0)
+ return(-1);
} else {
serializer->buffer.data[serializer->status.buffer.size_used++] = ndpi_serialization_end_of_block;
}
Powered by cgit, Themed by Ted Yin.