diff options
| -rw-r--r-- | Makefile.am | 2 | ||||
| -rw-r--r-- | packages/rpm/ndpi.spec.in | 2 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 1 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 12 | ||||
| -rw-r--r-- | src/lib/protocols/dns.c | 4 | ||||
| -rw-r--r-- | src/lib/protocols/mail_smtp.c | 7 |
6 files changed, 20 insertions, 8 deletions
diff --git a/Makefile.am b/Makefile.am index 37f084916..4090817b3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ ACLOCAL_AMFLAGS = -I m4 SUBDIRS = src/lib example tests -pkgconfigdir = $(prefix)/libdata/pkgconfig +pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libndpi.pc EXTRA_DIST = autogen.sh diff --git a/packages/rpm/ndpi.spec.in b/packages/rpm/ndpi.spec.in index 7b9b44365..d2e473627 100644 --- a/packages/rpm/ndpi.spec.in +++ b/packages/rpm/ndpi.spec.in @@ -75,7 +75,7 @@ rm -fr $RPM_BUILD_ROOT /usr/local/lib/libndpi.so.@PACKAGE_VERSION@ /usr/local/bin/ndpiReader /etc/ld.so.conf.d/ndpi.conf -/usr/local/libdata/pkgconfig/libndpi.pc +%{libdir}/pkgconfig/libndpi.pc %preun diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 03f7bf6c3..97fb71a80 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -808,6 +808,7 @@ typedef enum { CUSTOM_CATEGORY_ADVERTISEMENT = 101, CUSTOM_CATEGORY_BANNED_SITE = 102, CUSTOM_CATEGORY_SITE_UNAVAILABLE = 103, + CUSTOM_CATEGORY_ALLOWED_SITE = 104, /* IMPORTANT diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 8bcb06198..6561bf1b9 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -423,7 +423,8 @@ static const char* categories[] = { "Malware", "Advertisement", "Banned_Site", - "Site_Unavailable" + "Site_Unavailable", + "Allowed_Site", }; /* ****************************************** */ @@ -2885,6 +2886,12 @@ int ndpi_handle_rule(struct ndpi_detection_module_struct *ndpi_mod, Format: <tcp|udp>:<port>,<tcp|udp>:<port>,.....@<proto> + Subprotocols Format: + host:"<value>",host:"<value>",.....@<subproto> + + IP based Subprotocols Format (<value> is IP or CIDR): + ip:<value>,ip:<value>,.....@<subproto> + Example: tcp:80,tcp:3128@HTTP udp:139@NETBIOS @@ -5031,7 +5038,8 @@ void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struc packet->line[packet->parsed_lines].ptr = packet->payload; packet->line[packet->parsed_lines].len = 0; - for(a = 0; a < packet->payload_packet_len; a++) { + for(a = 0; (a < packet->payload_packet_len) + && (packet->parsed_lines < NDPI_MAX_PARSE_LINES_PER_PACKET); a++) { if((a + 1) == packet->payload_packet_len) return; /* Return if only one byte remains (prevent invalid reads past end-of-buffer) */ diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c index 1c2593feb..dc97f3fe7 100644 --- a/src/lib/protocols/dns.c +++ b/src/lib/protocols/dns.c @@ -190,11 +190,11 @@ void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, struct nd flow->protos.dns.rsp_type = rsp_type; /* here x points to the response "class" field */ - if((x+12) < flow->packet.payload_packet_len) { + if((x+12) <= flow->packet.payload_packet_len) { x += 6; data_len = get16(&x, flow->packet.payload); - if(((x + data_len) < flow->packet.payload_packet_len) + if(((x + data_len) <= flow->packet.payload_packet_len) && (((rsp_type == 0x1) && (data_len == 4)) /* A */ #ifdef NDPI_DETECTION_SUPPORT_IPV6 || ((rsp_type == 0x1c) && (data_len == 16)) /* AAAA */ diff --git a/src/lib/protocols/mail_smtp.c b/src/lib/protocols/mail_smtp.c index f7fbd337c..fdc47d15c 100644 --- a/src/lib/protocols/mail_smtp.c +++ b/src/lib/protocols/mail_smtp.c @@ -58,13 +58,16 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct NDPI_LOG_DBG(ndpi_struct, "search mail_smtp\n"); - if (packet->payload_packet_len > 2 && ntohs(get_u_int16_t(packet->payload, packet->payload_packet_len - 2)) == 0x0d0a) { + if((packet->payload_packet_len > 2) + && (packet->parsed_lines < NDPI_MAX_PARSE_LINES_PER_PACKET) + && (ntohs(get_u_int16_t(packet->payload, packet->payload_packet_len - 2)) == 0x0d0a) + ) { u_int8_t a; u_int8_t bit_count = 0; NDPI_PARSE_PACKET_LINE_INFO(ndpi_struct, flow,packet); - for (a = 0; a < packet->parsed_lines; a++) { + for (a = 0; a < packet->parsed_lines; a++) { // expected server responses if (packet->line[a].len >= 3) { if (memcmp(packet->line[a].ptr, "220", 3) == 0) { |