fuzz: extend fuzzing coverage (#2208)

author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2023-12-11 19:24:17 +0100
committer: GitHub <noreply@github.com> 2023-12-11 19:24:17 +0100
commit: 7b5354588bdd91b46f65136d1adae662d1acb516 (patch)
tree: 7fe074f16eff9431c7736ae93fb430362d1f65f4 /src
parent: b3f2b1bb7f90c18a7542ab06acdf26318cdfa6fe (diff)
3 files changed, 65 insertions, 31 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index 64d183ef6..080f8d924 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -754,8 +754,6 @@ extern "C" {
    */
   int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_mod,
 			       const char* path);
-  int ndpi_load_protocols_file_fd(struct ndpi_detection_module_struct *ndpi_mod,
-			          FILE *fd);
 
   /**
    * Add an IP-address based risk mask
@@ -798,7 +796,6 @@ extern "C" {
    *          -1 else
    */
   int ndpi_load_categories_file(struct ndpi_detection_module_struct *ndpi_str, const char* path, void *user_data);
-  int ndpi_load_categories_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd, void *user_data);
 
   /**
    * Loads a file (separated by <cr>) of domain names associated with the specified category
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 6eafa598b..75e6d5a33 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -4460,15 +4460,15 @@ int ndpi_load_categories_file(struct ndpi_detection_module_struct *ndpi_str,
     return -1;
   }
 
-  rc = ndpi_load_categories_file_fd(ndpi_str, fd, user_data);
+  rc = load_categories_file_fd(ndpi_str, fd, user_data);
 
   fclose(fd);
 
   return rc;
 }
 
-int ndpi_load_categories_file_fd(struct ndpi_detection_module_struct *ndpi_str,
-			         FILE *fd, void *user_data) {
+int load_categories_file_fd(struct ndpi_detection_module_struct *ndpi_str,
+			    FILE *fd, void *user_data) {
   char buffer[512], *line, *name, *category, *saveptr;
   int len, num = 0;
 
@@ -4678,20 +4678,32 @@ static int ndpi_load_risky_domain(struct ndpi_detection_module_struct *ndpi_str,
  *  - you can add a .<domain name> to avoid mismatches
  */
 int ndpi_load_risk_domain_file(struct ndpi_detection_module_struct *ndpi_str, const char *path) {
-  char buffer[128], *line;
+  int rc;
   FILE *fd;
-  int len, num = 0;
 
   if(!ndpi_str || !path)
     return(-1);
 
   fd = fopen(path, "r");
-
   if(fd == NULL) {
     NDPI_LOG_ERR(ndpi_str, "Unable to open file %s [%s]\n", path, strerror(errno));
-    return(-1);
+    return -1;
   }
 
+  rc = load_risk_domain_file_fd(ndpi_str, fd);
+
+  fclose(fd);
+
+  return rc;
+}
+
+int load_risk_domain_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) {
+  char buffer[128], *line;
+  int len, num = 0;
+
+  if(!ndpi_str || !fd)
+    return(-1);
+
   while(1) {
     line = fgets(buffer, sizeof(buffer), fd);
 
@@ -4709,8 +4721,6 @@ int ndpi_load_risk_domain_file(struct ndpi_detection_module_struct *ndpi_str, co
       num++;
   }
 
-  fclose(fd);
-
   if(ndpi_str->risky_domain_automa.ac_automa)
     ac_automata_finalize((AC_AUTOMATA_t *)ndpi_str->risky_domain_automa.ac_automa);
 
@@ -4726,22 +4736,34 @@ int ndpi_load_risk_domain_file(struct ndpi_detection_module_struct *ndpi_str, co
  *
  */
 int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str, const char *path) {
-  char buffer[128], *line;
+  int rc;
   FILE *fd;
-  int len, num = 0;
 
   if(!ndpi_str || !path)
     return(-1);
-  if(ndpi_str->malicious_ja3_hashmap == NULL && ndpi_hash_init(&ndpi_str->malicious_ja3_hashmap) != 0)
-    return(-1);
 
   fd = fopen(path, "r");
-
   if(fd == NULL) {
     NDPI_LOG_ERR(ndpi_str, "Unable to open file %s [%s]\n", path, strerror(errno));
-    return(-1);
+    return -1;
   }
 
+  rc = load_malicious_ja3_file_fd(ndpi_str, fd);
+
+  fclose(fd);
+
+  return rc;
+}
+
+int load_malicious_ja3_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) {
+  char buffer[128], *line;
+  int len, num = 0;
+
+  if(!ndpi_str || !fd)
+    return(-1);
+  if(ndpi_str->malicious_ja3_hashmap == NULL && ndpi_hash_init(&ndpi_str->malicious_ja3_hashmap) != 0)
+    return(-1);
+
   while(1) {
     char *comma;
 
@@ -4771,8 +4793,6 @@ int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str,
       num++;
   }
 
-  fclose(fd);
-
   return(num);
 }
 
@@ -4788,24 +4808,37 @@ int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str,
  */
 int ndpi_load_malicious_sha1_file(struct ndpi_detection_module_struct *ndpi_str, const char *path)
 {
-  char buffer[128];
-  char *first_comma, *second_comma;
+  int rc;
   FILE *fd;
-  size_t i, len;
-  int num = 0;
 
   if(!ndpi_str || !path)
     return(-1);
-  if(ndpi_str->malicious_sha1_hashmap == NULL && ndpi_hash_init(&ndpi_str->malicious_sha1_hashmap) != 0)
-    return(-1);
 
   fd = fopen(path, "r");
-
   if(fd == NULL) {
     NDPI_LOG_ERR(ndpi_str, "Unable to open file %s [%s]\n", path, strerror(errno));
     return -1;
   }
 
+  rc = load_malicious_sha1_file_fd(ndpi_str, fd);
+
+  fclose(fd);
+
+  return rc;
+}
+
+int load_malicious_sha1_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd)
+{
+  char buffer[128];
+  char *first_comma, *second_comma;
+  size_t i, len;
+  int num = 0;
+
+  if(!ndpi_str || !fd)
+    return(-1);
+  if(ndpi_str->malicious_sha1_hashmap == NULL && ndpi_hash_init(&ndpi_str->malicious_sha1_hashmap) != 0)
+    return(-1);
+
   while (fgets(buffer, sizeof(buffer), fd) != NULL) {
     len = strlen(buffer);
 
@@ -4836,8 +4869,6 @@ int ndpi_load_malicious_sha1_file(struct ndpi_detection_module_struct *ndpi_str,
       num++;
   }
 
-  fclose(fd);
-
   return num;
 }
 
@@ -4874,14 +4905,14 @@ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, cons
     return -1;
   }
 
-  rc = ndpi_load_protocols_file_fd(ndpi_str, fd);
+  rc = load_protocols_file_fd(ndpi_str, fd);
 
   fclose(fd);
 
   return rc;
 }
 
-int ndpi_load_protocols_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) {
+int load_protocols_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) {
   char *buffer, *old_buffer;
   int chunk_len = 1024, buffer_len = chunk_len, old_buffer_len;
   int i;
diff --git a/src/lib/ndpi_private.h b/src/lib/ndpi_private.h
index 148b4b9eb..9829ef0c3 100644
--- a/src/lib/ndpi_private.h
+++ b/src/lib/ndpi_private.h
@@ -355,6 +355,12 @@ char* ndpi_intoav4(unsigned int addr, char* buf, u_int16_t bufLen);
 
 u_int16_t icmp4_checksum(u_int8_t const * const buf, size_t len);
 
+int load_protocols_file_fd(struct ndpi_detection_module_struct *ndpi_mod, FILE *fd);
+int load_categories_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd, void *user_data);
+int load_malicious_sha1_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd);
+int load_malicious_ja3_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd);
+int load_risk_domain_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd);
+
 
 /* TLS */
 int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2023-12-11 19:24:17 +0100
committer	GitHub <noreply@github.com>	2023-12-11 19:24:17 +0100
commit	7b5354588bdd91b46f65136d1adae662d1acb516 (patch)
tree	7fe074f16eff9431c7736ae93fb430362d1f65f4 /src
parent	b3f2b1bb7f90c18a7542ab06acdf26318cdfa6fe (diff)