diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2021-11-15 16:20:57 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-11-15 16:20:57 +0100 |
| commit | afc2b641eb9cf5035b5147e78030bafe0b40dd87 (patch) | |
| tree | 99cf853d219ae6004819d2564f4cabd29c487cf6 /src/lib/protocols/mail_imap.c | |
| parent | da47357762746c7fc5c537b575b5b56f252320a5 (diff) | |
Fix writes to `flow->protos` union fields (#1354)
We can write to `flow->protos` only after a proper classification.
This issue has been found in Kerberos, DHCP, HTTP, STUN, IMO, FTP,
SMTP, IMAP and POP code.
There are two kinds of fixes:
* write to `flow->protos` only if a final protocol has been detected
* move protocol state out of `flow->protos`
The hard part is to find, for each protocol, the right tradeoff between
memory usage and code complexity.
Handle Kerberos like DNS: if we find a request, we set the protocol
and an extra callback to further parsing the reply.
For all the other protocols, move the state out of `flow->protos`. This
is an issue only for the FTP/MAIL stuff.
Add DHCP Class Identification value to the output of ndpiReader and to
the Jason serialization.
Extend code coverage of fuzz tests.
Close #1343
Close #1342
Diffstat (limited to 'src/lib/protocols/mail_imap.c')
| -rw-r--r-- | src/lib/protocols/mail_imap.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/protocols/mail_imap.c b/src/lib/protocols/mail_imap.c index b3c087ea2..8a4e8fa2e 100644 --- a/src/lib/protocols/mail_imap.c +++ b/src/lib/protocols/mail_imap.c @@ -177,16 +177,16 @@ void ndpi_search_mail_imap_tcp(struct ndpi_detection_module_struct *ndpi_struct, if(user) { char *pwd; - snprintf(flow->protos.ftp_imap_pop_smtp.username, - sizeof(flow->protos.ftp_imap_pop_smtp.username), + snprintf(flow->ftp_imap_pop_smtp.username, + sizeof(flow->ftp_imap_pop_smtp.username), "%s", user); ndpi_set_risk(ndpi_struct, flow, NDPI_CLEAR_TEXT_CREDENTIALS); pwd = strtok_r(NULL, " \"\r\n", &saveptr); if(pwd) { - snprintf(flow->protos.ftp_imap_pop_smtp.password, - sizeof(flow->protos.ftp_imap_pop_smtp.password), + snprintf(flow->ftp_imap_pop_smtp.password, + sizeof(flow->ftp_imap_pop_smtp.password), "%s", pwd); } } @@ -320,7 +320,7 @@ void ndpi_search_mail_imap_tcp(struct ndpi_detection_module_struct *ndpi_struct, || (flow->l4.tcp.mail_imap_stage == 5) || (flow->l4.tcp.mail_imap_stage == 7) ) { - if((flow->protos.ftp_imap_pop_smtp.username[0] != '\0') + if((flow->ftp_imap_pop_smtp.username[0] != '\0') || (flow->l4.tcp.mail_imap_stage >= 7)) { NDPI_LOG_INFO(ndpi_struct, "found MAIL_IMAP\n"); ndpi_int_mail_imap_add_connection(ndpi_struct, flow); |