diff options
| author | Toni <matzeton@googlemail.com> | 2023-11-02 09:04:04 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-02 09:04:04 +0100 |
| commit | 6dcecd73d3413103d1f416721c2b2f46ff0968b7 (patch) | |
| tree | 955c2cc0a682b76d8381f22e5a7a2a3ba2dcaebd /src | |
| parent | d5c9a16a489081c0b5bd396241c7e08649a60a4c (diff) | |
Added malicious sites from the polish cert. (#2121)
* added handling of parsing errors
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/ndpi_main.c | 56 |
1 files changed, 42 insertions, 14 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 5447c03e0..a6eceee28 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -4557,9 +4557,11 @@ int ndpi_load_category_file(struct ndpi_detection_module_struct *ndpi_str, char buffer[256], *line; FILE *fd; u_int num_loaded = 0; + unsigned int failed_lines = 0; + unsigned int lines_read = 0; if(!ndpi_str || !path || !ndpi_str->protocols_ptree) - return(-1); + return(0); #ifdef NDPI_ENABLE_DEBUG_MESSAGES // printf("Loading %s [proto %d]\n", path, category_id); @@ -4569,7 +4571,7 @@ int ndpi_load_category_file(struct ndpi_detection_module_struct *ndpi_str, if(fd == NULL) { NDPI_LOG_ERR(ndpi_str, "Unable to open file %s [%s]\n", path, strerror(errno)); - return(-1); + return(0); } while(1) { @@ -4580,24 +4582,44 @@ int ndpi_load_category_file(struct ndpi_detection_module_struct *ndpi_str, if(line == NULL) break; + lines_read++; len = strlen(line); - if((len <= 1) || (line[0] == '#')) + if(len <= 1 || len == sizeof(buffer) - 1) { + NDPI_LOG_ERR(ndpi_str, "[NDPI] Failed to read file '%s' line #%u, line too short/long\n", + path, lines_read); + failed_lines++; + continue; + } else if (line[0] == '#') continue; - else - len--; - while((line[len] == '\n') || (line[len] == '\r')) - line[len--] = '\0'; + int i = 0; + for (i = 0; i < len; ++i) { + if (line[i] == '\r' || line[i] == '\n') { + line[i] = '\0'; + break; + } + if (line[i] != '-' && line[i] != '.' && isalnum(line[i]) == 0 + /* non standard checks for the sake of compatibility */ + && line[i] != '_') + break; + } - while((line[0] == '-') || (line[0] == '.')) - line++; + if (i != len - 2 && i != len - 1) + { + NDPI_LOG_ERR(ndpi_str, "[NDPI] Failed to read file '%s' line #%u, invalid characters found\n", + path, lines_read); + failed_lines++; + continue; + } if(ndpi_load_category(ndpi_str, line, category_id, NULL) > 0) num_loaded++; } fclose(fd); + if(failed_lines) + return(-1 * failed_lines); return(num_loaded); } @@ -4615,10 +4637,11 @@ int ndpi_load_categories_dir(struct ndpi_detection_module_struct *ndpi_str, char *dir_path) { DIR *dirp = opendir(dir_path); struct dirent *dp; - int rc = 0; + int failed_files = 0; + int num_loaded = 0; if (dirp == NULL) - return(-1); + return(0); while((dp = readdir(dirp)) != NULL) { char *underscore, *extn; @@ -4643,15 +4666,20 @@ int ndpi_load_categories_dir(struct ndpi_detection_module_struct *ndpi_str, underscore[0] = '_'; snprintf(path, sizeof(path), "%s/%s", dir_path, dp->d_name); - ndpi_load_category_file(ndpi_str, path, proto_id); - rc++; + if (ndpi_load_category_file(ndpi_str, path, proto_id) < 0) { + NDPI_LOG_ERR(ndpi_str, "Failed to load '%s'\n", path); + failed_files++; + }else + num_loaded++; } } } (void)closedir(dirp); - return(rc); + if(failed_files) + return(-1 * failed_files); + return(num_loaded); } |