diff options
| author | Luca Deri <lucaderi@users.noreply.github.com> | 2019-12-08 23:49:23 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-08 23:49:23 +0100 |
| commit | 1a115cac5a05afb3d3aa5fc982db1dde5a72f42c (patch) | |
| tree | 4a5810f4cf3b43b58b4fdcd2652fb9b9b9f9f6f9 /src/lib/ndpi_utils.c | |
| parent | 11401edfe7c4c9f9728c64172a48c2ea4401c750 (diff) | |
| parent | 606ff10ecf9efb69dee24e0ce88ce40195bdda7d (diff) | |
Merge pull request #817 from MrTiz9/dev
Integration of the libinjection library
Diffstat (limited to 'src/lib/ndpi_utils.c')
| -rw-r--r-- | src/lib/ndpi_utils.c | 54 |
1 files changed, 11 insertions, 43 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index a988858a2..9b0339c3c 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -48,6 +48,10 @@ #include "third_party/include/ndpi_patricia.h" #include "third_party/include/ht_hash.h" +#include "third_party/include/libinjection.h" +#include "third_party/include/libinjection_sqli.h" +#include "third_party/include/libinjection_xss.h" + #define NDPI_CONST_GENERIC_PROTOCOL_NAME "GenericProtocol" // #define MATCH_DEBUG 1 @@ -1138,56 +1142,20 @@ static int ndpi_url_decode(const char *s, char *out) { /* ********************************** */ -/* #define URL_CHECK_DEBUG 1 */ - -static int find_occurrency(char *str, char *what) { - char *found = strstr(str, what); - u_int len; - -#ifdef URL_CHECK_DEBUG - printf("%s() [%s][%s]\n", __FUNCTION__, str, what); -#endif - - if(!found) return(0); - - len = strlen(what); - - if(((found[len] != '\0') || (found[len] != ' ')) - && ((found == str) || (found[-1] == ' '))) - return(1); - else - return(find_occurrency(&found[len], what)); -} - -/* ********************************** */ - -static int ndpi_check_tokens(char* query, char* keywords[]) { -#ifdef URL_CHECK_DEBUG - printf("%s() [%s]\n", __FUNCTION__, query); -#endif - - for(int i=0; keywords[i] != NULL; i++) { - if(find_occurrency(query, keywords[i]) > 0) - return(1); - } - - return(0); -} +static int ndpi_is_sql_injection(char* query) { + struct libinjection_sqli_state state; -/* ********************************** */ + size_t qlen = strlen(query); + libinjection_sqli_init(&state, query, qlen, FLAG_NONE); -static int ndpi_is_sql_injection(char* query) { - char* sql_keywords[] = { "select", "from", "where", "any", "all", "join", "inner", "left", "right", "full", - "table", "alter", "create", "delete", "union", "update", "drop", "group", "order", - "limit", "primary", "column", NULL }; - return(ndpi_check_tokens(query, sql_keywords)); + return libinjection_is_sqli(&state); } /* ********************************** */ static int ndpi_is_xss_injection(char* query) { - char* js_keywords[] = { "<script>", "console.", "log.", NULL }; - return(ndpi_check_tokens(query, js_keywords)); + size_t qlen = strlen(query); + return libinjection_xss(query, qlen); } /* ********************************** */ |