aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2022-12-10 19:49:11 +0100
committerGitHub <noreply@github.com>2022-12-10 19:49:11 +0100
commit48a7f6d487862a392bad65e9e2797e6c4874f8cb (patch)
tree62c6421f4286cab37d9f053f7e86cca77b3d8146 /src
parent8c7071e040865b3b70b98ff8d8ad18c41f3fb74c (diff)
fuzz: some enhancements (#1827)
Load some custom configuration (like in the unit tests) and factorize some (fuzzing) common code. There is no way to pass file paths to the fuzzers as parameters. The safe solution seems to be to load them from the process working dir. Anyway, missing file is not a blocking error. Remove some dead code (found looking at the coverage report)
Diffstat (limited to 'src')
-rw-r--r--src/lib/protocols/ajp.c4
-rw-r--r--src/lib/protocols/amqp.c2
-rw-r--r--src/lib/protocols/coap.c4
-rw-r--r--src/lib/protocols/corba.c2
-rw-r--r--src/lib/protocols/dhcp.c3
-rw-r--r--src/lib/protocols/dns.c9
-rw-r--r--src/lib/protocols/eaq.c8
-rw-r--r--src/lib/protocols/lotus_notes.c7
-rw-r--r--src/lib/protocols/memcached.c6
-rw-r--r--src/lib/protocols/mongodb.c4
-rw-r--r--src/lib/protocols/oracle.c2
-rw-r--r--src/lib/protocols/redis_net.c3
-rw-r--r--src/lib/protocols/rtcp.c11
-rw-r--r--src/lib/protocols/rtp.c1
-rw-r--r--src/lib/protocols/sip.c11
-rw-r--r--src/lib/protocols/someip.c9
-rw-r--r--src/lib/protocols/teamviewer.c2
-rw-r--r--src/lib/protocols/vhua.c3
-rw-r--r--src/lib/protocols/websocket.c5
-rw-r--r--src/lib/protocols/zeromq.c2
20 files changed, 10 insertions, 88 deletions
diff --git a/src/lib/protocols/ajp.c b/src/lib/protocols/ajp.c
index 2f58f1c70..192cc40cb 100644
--- a/src/lib/protocols/ajp.c
+++ b/src/lib/protocols/ajp.c
@@ -116,10 +116,6 @@ void ndpi_search_ajp(struct ndpi_detection_module_struct *ndpi_struct,
return;
}
- if(flow->detected_protocol_stack[0] != NDPI_PROTOCOL_UNKNOWN) {
- return;
- }
-
NDPI_LOG_DBG(ndpi_struct, "search AJP\n");
ndpi_check_ajp(ndpi_struct, flow);
diff --git a/src/lib/protocols/amqp.c b/src/lib/protocols/amqp.c
index 890c113b6..853b191d7 100644
--- a/src/lib/protocols/amqp.c
+++ b/src/lib/protocols/amqp.c
@@ -68,8 +68,6 @@ void ndpi_search_amqp(struct ndpi_detection_module_struct *ndpi_struct, struct n
}
}
}
- } else {
- NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
}
}
diff --git a/src/lib/protocols/coap.c b/src/lib/protocols/coap.c
index 1bd16a917..b7dd73caf 100644
--- a/src/lib/protocols/coap.c
+++ b/src/lib/protocols/coap.c
@@ -109,10 +109,6 @@ void ndpi_search_coap (struct ndpi_detection_module_struct *ndpi_struct,
struct ndpi_packet_struct *packet = &ndpi_struct->packet;
struct ndpi_coap_hdr * h = (struct ndpi_coap_hdr*) packet->payload;
- if(flow->detected_protocol_stack[0] != NDPI_PROTOCOL_UNKNOWN) {
- return;
- }
-
// search for udp packet
if(packet->udp != NULL) {
u_int16_t s_port = ntohs(packet->udp->source);
diff --git a/src/lib/protocols/corba.c b/src/lib/protocols/corba.c
index bcd8ab0ba..fcb7ff2e6 100644
--- a/src/lib/protocols/corba.c
+++ b/src/lib/protocols/corba.c
@@ -42,8 +42,6 @@ void ndpi_search_corba(struct ndpi_detection_module_struct *ndpi_struct, struct
NDPI_LOG_INFO(ndpi_struct, "found corba\n");
ndpi_int_corba_add_connection(ndpi_struct, flow);
}
- } else {
- NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
}
}
diff --git a/src/lib/protocols/dhcp.c b/src/lib/protocols/dhcp.c
index 5c59f6999..a212844a4 100644
--- a/src/lib/protocols/dhcp.c
+++ b/src/lib/protocols/dhcp.c
@@ -186,8 +186,7 @@ void ndpi_search_dhcp_udp(struct ndpi_detection_module_struct *ndpi_struct,
}
}
}
- } else
- NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
+ }
}
diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c
index ff0ac846a..1de7d28f9 100644
--- a/src/lib/protocols/dns.c
+++ b/src/lib/protocols/dns.c
@@ -238,12 +238,8 @@ static int search_valid_dns(struct ndpi_detection_module_struct *ndpi_struct,
if((dns_header->flags & FLAGS_MASK) == 0x0000)
*is_query = 1;
/* 0x8000 RESPONSE */
- else if((dns_header->flags & FLAGS_MASK) == 0x8000)
+ else
*is_query = 0;
- else {
- ndpi_set_risk(ndpi_struct, flow, NDPI_MALFORMED_PACKET, "Invalid DNS Flags");
- return(1 /* invalid */);
- }
if(*is_query) {
/* DNS Request */
@@ -448,9 +444,6 @@ static void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, st
s_port = ntohs(packet->tcp->source);
d_port = ntohs(packet->tcp->dest);
payload_offset = 2;
- } else {
- NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
- return;
}
if(((s_port == DNS_PORT) || (d_port == DNS_PORT)
diff --git a/src/lib/protocols/eaq.c b/src/lib/protocols/eaq.c
index 73fc9f5f7..dfff42924 100644
--- a/src/lib/protocols/eaq.c
+++ b/src/lib/protocols/eaq.c
@@ -41,15 +41,7 @@ static void ndpi_int_eaq_add_connection(struct ndpi_detection_module_struct *ndp
void ndpi_search_eaq(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
- if (!flow) {
- return;
- }
-
struct ndpi_packet_struct *packet = &ndpi_struct->packet;
- if (!packet) {
- return;
- }
-
u_int16_t sport = ntohs(packet->udp->source), dport = ntohs(packet->udp->dest);
NDPI_LOG_DBG(ndpi_struct, "search eaq\n");
diff --git a/src/lib/protocols/lotus_notes.c b/src/lib/protocols/lotus_notes.c
index 376507f23..4c9124388 100644
--- a/src/lib/protocols/lotus_notes.c
+++ b/src/lib/protocols/lotus_notes.c
@@ -30,11 +30,8 @@ static void ndpi_check_lotus_notes(struct ndpi_detection_module_struct *ndpi_str
struct ndpi_flow_struct *flow)
{
struct ndpi_packet_struct *packet = &ndpi_struct->packet;
- // const u_int8_t *packet_payload = packet->payload;
u_int32_t payload_len = packet->payload_packet_len;
- if(packet->tcp == NULL) return;
-
flow->l4.tcp.lotus_notes_packet_id++;
if((flow->l4.tcp.lotus_notes_packet_id == 1) &&
@@ -58,9 +55,7 @@ void ndpi_search_lotus_notes(struct ndpi_detection_module_struct *ndpi_struct, s
{
NDPI_LOG_DBG(ndpi_struct, "search lotus_notes\n");
- /* skip marked packets */
- if(flow->detected_protocol_stack[0] != NDPI_PROTOCOL_LOTUS_NOTES)
- ndpi_check_lotus_notes(ndpi_struct, flow);
+ ndpi_check_lotus_notes(ndpi_struct, flow);
}
diff --git a/src/lib/protocols/memcached.c b/src/lib/protocols/memcached.c
index fa988bf3e..ca25e3252 100644
--- a/src/lib/protocols/memcached.c
+++ b/src/lib/protocols/memcached.c
@@ -106,7 +106,7 @@ void ndpi_search_memcached(
struct ndpi_packet_struct *packet = &ndpi_struct->packet;
const u_int8_t *offset = packet->payload;
u_int16_t length = packet->payload_packet_len;
- u_int8_t *matches;
+ u_int8_t *matches = NULL;
NDPI_LOG_DBG(ndpi_struct, "search memcached\n");
@@ -134,10 +134,6 @@ void ndpi_search_memcached(
length -= MEMCACHED_UDP_HDR_LEN;
matches = &flow->l4.udp.memcached_matches;
}
- else {
- NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
- return;
- }
/* grep MCD memcached.c |\
* egrep -v '(LEN|MATCH)' |\
diff --git a/src/lib/protocols/mongodb.c b/src/lib/protocols/mongodb.c
index 83235be1a..dd7ecba70 100644
--- a/src/lib/protocols/mongodb.c
+++ b/src/lib/protocols/mongodb.c
@@ -128,10 +128,6 @@ void ndpi_search_mongodb(struct ndpi_detection_module_struct *ndpi_struct,
return;
}
- if(flow->detected_protocol_stack[0] != NDPI_PROTOCOL_UNKNOWN) {
- return;
- }
-
NDPI_LOG_DBG(ndpi_struct, "search MongoDB\n");
ndpi_check_mongodb(ndpi_struct, flow);
diff --git a/src/lib/protocols/oracle.c b/src/lib/protocols/oracle.c
index 2b8307676..341a801f2 100644
--- a/src/lib/protocols/oracle.c
+++ b/src/lib/protocols/oracle.c
@@ -56,8 +56,6 @@ void ndpi_search_oracle(struct ndpi_detection_module_struct *ndpi_struct, struct
NDPI_LOG_INFO(ndpi_struct, "found oracle\n");
ndpi_int_oracle_add_connection(ndpi_struct, flow);
}
- } else {
- NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
}
}
diff --git a/src/lib/protocols/redis_net.c b/src/lib/protocols/redis_net.c
index 609ab70e9..4ddcf13ef 100644
--- a/src/lib/protocols/redis_net.c
+++ b/src/lib/protocols/redis_net.c
@@ -32,10 +32,7 @@ static void ndpi_int_redis_add_connection(struct ndpi_detection_module_struct *n
static void ndpi_check_redis(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
struct ndpi_packet_struct *packet = &ndpi_struct->packet;
- u_int32_t payload_len = packet->payload_packet_len;
- if(payload_len == 0) return; /* Shouldn't happen */
-
/* Break after 20 packets. */
if(flow->packet_counter > 20) {
NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
diff --git a/src/lib/protocols/rtcp.c b/src/lib/protocols/rtcp.c
index be0fb48ce..0c0205ba6 100644
--- a/src/lib/protocols/rtcp.c
+++ b/src/lib/protocols/rtcp.c
@@ -45,9 +45,10 @@ void ndpi_search_rtcp(struct ndpi_detection_module_struct *ndpi_struct,
len = packet->payload[2+offset] * 256 + packet->payload[2+offset+1];
rtcp_section_len = (len + 1) * 4;
- if(((offset+rtcp_section_len) > packet->payload_packet_len) || (rtcp_section_len == 0) || (len == 0))
- goto exclude_rtcp;
- else
+ if(((offset+rtcp_section_len) > packet->payload_packet_len) || (rtcp_section_len == 0) || (len == 0)) {
+ NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
+ return;
+ } else
offset += rtcp_section_len;
}
@@ -63,10 +64,6 @@ void ndpi_search_rtcp(struct ndpi_detection_module_struct *ndpi_struct,
if(flow->packet_counter > 3)
NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
- } else {
- exclude_rtcp:
-
- NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
}
}
diff --git a/src/lib/protocols/rtp.c b/src/lib/protocols/rtp.c
index 5c0e68f40..ad090dc1e 100644
--- a/src/lib/protocols/rtp.c
+++ b/src/lib/protocols/rtp.c
@@ -114,6 +114,7 @@ static u_int8_t isZoom(u_int16_t sport, u_int16_t dport,
u_int16_t *payload_offset) {
u_int16_t header_offset = sizeof(struct zoom_sfu_encapsulation) + sizeof(struct zoom_media_encapsulation);
+ *payload_offset = 0;
if(payloadLen < header_offset)
return(0);
diff --git a/src/lib/protocols/sip.c b/src/lib/protocols/sip.c
index 9862c5c1e..6352b27d7 100644
--- a/src/lib/protocols/sip.c
+++ b/src/lib/protocols/sip.c
@@ -185,12 +185,6 @@ void ndpi_search_sip_handshake(struct ndpi_detection_module_struct
return;
}
- /* for STUN flows we need some more packets */
- if(packet->udp != NULL && flow->detected_protocol_stack[0] == NDPI_PROTOCOL_STUN && flow->packet_counter < 40) {
- NDPI_LOG_DBG2(ndpi_struct, "need next STUN packet\n");
- return;
- }
-
if(payload_len == 4 && get_u_int32_t(packet_payload, 0) == 0) {
NDPI_LOG_DBG2(ndpi_struct, "maybe sip. need next packet\n");
return;
@@ -203,10 +197,7 @@ void ndpi_search_sip(struct ndpi_detection_module_struct *ndpi_struct, struct nd
{
NDPI_LOG_DBG(ndpi_struct, "search sip\n");
- /* skip marked packets */
- if(flow->detected_protocol_stack[0] != NDPI_PROTOCOL_SIP) {
- ndpi_search_sip_handshake(ndpi_struct, flow);
- }
+ ndpi_search_sip_handshake(ndpi_struct, flow);
}
void init_sip_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask)
diff --git a/src/lib/protocols/someip.c b/src/lib/protocols/someip.c
index 6409f175d..8d7baa230 100644
--- a/src/lib/protocols/someip.c
+++ b/src/lib/protocols/someip.c
@@ -108,21 +108,12 @@ void ndpi_search_someip (struct ndpi_detection_module_struct *ndpi_struct,
NDPI_LOG_DBG(ndpi_struct, "search SOME/IP\n");
- if (flow->detected_protocol_stack[0] != NDPI_PROTOCOL_UNKNOWN) {
- return;
- }
-
//we extract the Message ID and Request ID and check for special cases later
u_int32_t message_id = ntohl(someip_data_cover_32(&packet->payload[0]));
u_int32_t request_id = ntohl(someip_data_cover_32(&packet->payload[8]));
NDPI_LOG_DBG2(ndpi_struct, "====>>>> SOME/IP Message ID: %08x [len: %u]\n",
message_id, packet->payload_packet_len);
- if (packet->payload_packet_len < 16) {
- NDPI_LOG_DBG(ndpi_struct, "Excluding SOME/IP .. mandatory header not found\n");
- NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_SOMEIP);
- return;
- }
//####Maximum packet size in SOMEIP depends on the carrier protocol, and I'm not certain how well enforced it is, so let's leave that for round 2####
diff --git a/src/lib/protocols/teamviewer.c b/src/lib/protocols/teamviewer.c
index b40f6d1fc..37aa01052 100644
--- a/src/lib/protocols/teamviewer.c
+++ b/src/lib/protocols/teamviewer.c
@@ -63,8 +63,6 @@ void ndpi_search_teamview(struct ndpi_detection_module_struct *ndpi_struct, stru
}
}
- if(packet->payload_packet_len == 0) return;
-
if (packet->udp != NULL) {
if (packet->payload_packet_len > 13) {
if (packet->payload[0] == 0x00 && packet->payload[11] == 0x17 && packet->payload[12] == 0x24) { /* byte 0 is a counter/seq number, and at the start is 0 */
diff --git a/src/lib/protocols/vhua.c b/src/lib/protocols/vhua.c
index d3812d6f9..9a910fc78 100644
--- a/src/lib/protocols/vhua.c
+++ b/src/lib/protocols/vhua.c
@@ -39,11 +39,8 @@ static void ndpi_int_vhua_add_connection(struct ndpi_detection_module_struct *nd
static void ndpi_check_vhua(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
struct ndpi_packet_struct *packet = &ndpi_struct->packet;
- u_int32_t payload_len = packet->payload_packet_len;
u_char p0[] = { 0x05, 0x14, 0x3a, 0x05, 0x08, 0xf8, 0xa1, 0xb1, 0x03 };
- if(payload_len == 0) return; /* Shouldn't happen */
-
/* Break after 3 packets. */
if((flow->packet_counter > 3)
|| (packet->udp == NULL)
diff --git a/src/lib/protocols/websocket.c b/src/lib/protocols/websocket.c
index 421f239a6..a6c566ac1 100644
--- a/src/lib/protocols/websocket.c
+++ b/src/lib/protocols/websocket.c
@@ -102,11 +102,6 @@ void ndpi_search_websocket(struct ndpi_detection_module_struct *ndpi_struct, str
return;
}
- if (flow->detected_protocol_stack[0] != NDPI_PROTOCOL_UNKNOWN)
- {
- return;
- }
-
NDPI_LOG_DBG(ndpi_struct, "search WEBSOCKET\n");
ndpi_check_websocket(ndpi_struct, flow);
diff --git a/src/lib/protocols/zeromq.c b/src/lib/protocols/zeromq.c
index abd53650d..32335eeb0 100644
--- a/src/lib/protocols/zeromq.c
+++ b/src/lib/protocols/zeromq.c
@@ -37,8 +37,6 @@ static void ndpi_check_zmq(struct ndpi_detection_module_struct *ndpi_struct, str
u_char p1[] = { 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x7f };
u_char p2[] = { 0x28, 0x66, 0x6c, 0x6f, 0x77, 0x00 };
- if(payload_len == 0) return; /* Shouldn't happen */
-
/* Break after 17 packets. */
if(flow->packet_counter > 17) {
NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
Powered by cgit, Themed by Ted Yin.