diff options
| author | Luca Deri <deri@ntop.org> | 2019-09-11 17:13:49 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2019-09-11 17:13:49 +0200 |
| commit | 6966e0d19b389f78c97f55ab3b2318a5cda41e08 (patch) | |
| tree | 09993e68a08bb8cbf7e9c69899af86c9a3de4167 /src/lib/protocols/stun.c | |
| parent | 16fe2574b1d962fa8ca25b1a243f56ee489d0c33 (diff) | |
Added STUN check to avoid false positives
Added fingerprint comments in SSH/TLS
Added netflow test pcap
Diffstat (limited to 'src/lib/protocols/stun.c')
| -rw-r--r-- | src/lib/protocols/stun.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index f8e360c3f..0ab3ed805 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -140,7 +140,9 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct * *is_whatsapp = 0, *is_messenger = 0, *is_duo = 0; - if(payload_length < sizeof(struct stun_packet_header)) { + if(payload_length >= 512) { + return(NDPI_IS_NOT_STUN); + } else if(payload_length < sizeof(struct stun_packet_header)) { /* This looks like an invalid packet */ if(flow->protos.stun_ssl.stun.num_udp_pkts > 0) { |