diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-06-17 13:45:47 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-17 13:45:47 +0200 |
| commit | 26cc1f131f2576a49a3b9c43cd4b787b067b3f5a (patch) | |
| tree | 90fc819791daee5fafb3372fa0e2f9b75b4368b5 /src/lib | |
| parent | a35fae6b75924394ddbf7df4fc5a6eb114cf76d6 (diff) | |
fuzz: improve fuzzing coverage (#2474)
Remove some code never triggered
AFP: the removed check is included in the following one
MQTT: fix flags extraction
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/ndpi_main.c | 2 | ||||
| -rw-r--r-- | src/lib/protocols/afp.c | 14 | ||||
| -rw-r--r-- | src/lib/protocols/mqtt.c | 9 | ||||
| -rw-r--r-- | src/lib/protocols/ssdp.c | 5 | ||||
| -rw-r--r-- | src/lib/protocols/thrift.c | 3 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 5 |
6 files changed, 4 insertions, 34 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 7e70a7a56..a08a20650 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -4980,7 +4980,7 @@ int load_category_file_fd(struct ndpi_detection_module_struct *ndpi_str, continue; } - if(ndpi_load_category(ndpi_str, line, category_id, NULL) > 0) + if(ndpi_load_category(ndpi_str, line, category_id, NULL) >= 0) num_loaded++; } diff --git a/src/lib/protocols/afp.c b/src/lib/protocols/afp.c index 5b420f422..73d623457 100644 --- a/src/lib/protocols/afp.c +++ b/src/lib/protocols/afp.c @@ -62,20 +62,6 @@ static void ndpi_search_afp(struct ndpi_detection_module_struct *ndpi_struct, st return; } - /* - * this will detect the OpenSession command of the Data Stream Interface (DSI) protocol - * which is exclusively used by the Apple Filing Protocol (AFP) on TCP/IP networks - */ - if (packet->payload_packet_len >= 22 && get_u_int16_t(packet->payload, 0) == htons(0x0004) && - get_u_int16_t(packet->payload, 2) == htons(0x0001) && get_u_int32_t(packet->payload, 4) == 0 && - get_u_int32_t(packet->payload, 8) == htonl(packet->payload_packet_len - 16) && - get_u_int32_t(packet->payload, 12) == 0 && get_u_int16_t(packet->payload, 16) == htons(0x0104)) { - - NDPI_LOG_INFO(ndpi_struct, "found AFP: DSI OpenSession\n"); - ndpi_int_afp_add_connection(ndpi_struct, flow); - return; - } - if((h->flags <= 1) && ((h->command >= 1) && (h->command <= 8)) && (h->reserved == 0) diff --git a/src/lib/protocols/mqtt.c b/src/lib/protocols/mqtt.c index c88844a09..ea2390d37 100644 --- a/src/lib/protocols/mqtt.c +++ b/src/lib/protocols/mqtt.c @@ -179,18 +179,13 @@ static void ndpi_search_mqtt(struct ndpi_detection_module_struct *ndpi_struct, } if (pt == PUBLISH) { // payload CAN be zero bytes length (section 3.3.3 of MQTT standard) - u_int8_t qos = (u_int8_t) (flags & 0x06); - u_int8_t dup = (u_int8_t) (flags & 0x04); + u_int8_t qos = (u_int8_t) (flags & 0x06) >> 1; + u_int8_t dup = (u_int8_t) (flags & 0x08) >> 3; if (qos > 2) { // qos values possible are 0,1,2 NDPI_LOG_DBG(ndpi_struct, "Excluding Mqtt invalid PUBLISH qos\n"); NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_MQTT); return; } - if (dup > 1) { // dup flag possible 0,1 - NDPI_LOG_DBG(ndpi_struct, "Excluding Mqtt invalid PUBLISH dup\n"); - NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_MQTT); - return; - } if (qos == 0) { if (dup != 0) { NDPI_LOG_DBG(ndpi_struct, "Excluding Mqtt invalid PUBLISH qos0 and dup combination\n"); diff --git a/src/lib/protocols/ssdp.c b/src/lib/protocols/ssdp.c index 3e18edf50..90ce4c04c 100644 --- a/src/lib/protocols/ssdp.c +++ b/src/lib/protocols/ssdp.c @@ -47,10 +47,7 @@ static void ssdp_parse_lines(struct ndpi_detection_module_struct /* Save host which provides a service if available */ if (packet->host_line.ptr != NULL && packet->host_line.len > 0) { - if (ndpi_hostname_sni_set(flow, packet->host_line.ptr, packet->host_line.len, NDPI_HOSTNAME_NORM_ALL) == NULL) - { - NDPI_LOG_DBG2(ndpi_struct, "Could not set SSDP host\n"); - } + ndpi_hostname_sni_set(flow, packet->host_line.ptr, packet->host_line.len, NDPI_HOSTNAME_NORM_ALL); } } diff --git a/src/lib/protocols/thrift.c b/src/lib/protocols/thrift.c index d9be27ca5..79ee6ebb5 100644 --- a/src/lib/protocols/thrift.c +++ b/src/lib/protocols/thrift.c @@ -83,9 +83,6 @@ static void ndpi_int_thrift_add_connection(struct ndpi_detection_module_struct * case NDPI_PROTOCOL_HTTP: NDPI_LOG_DBG(ndpi_struct, "found Apache Thrift HTTP\n"); break; - default: - NDPI_LOG_DBG(ndpi_struct, "found Apache Thrift\n"); - break; } ndpi_set_detected_protocol(ndpi_struct, flow, diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index ca23da4f8..2d8247d51 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -1032,10 +1032,6 @@ static int ndpi_search_tls_tcp(struct ndpi_detection_module_struct *ndpi_struct, break; } - if(len == 0) { - something_went_wrong = 1; - break; - } #ifdef DEBUG_TLS_MEMORY printf("[TLS Mem] Processing %u bytes message\n", len); @@ -1638,7 +1634,6 @@ static bool is_grease_version(u_int16_t version) { case 0xeaea: case 0xfafa: return(true); - break; default: return(false); |