diff options
Diffstat (limited to 'src/lib/ndpi_main.c')
| -rw-r--r-- | src/lib/ndpi_main.c | 84 |
1 files changed, 65 insertions, 19 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index c67e7b2c8..95d880dcb 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -491,13 +491,16 @@ void ndpi_set_proto_subprotocols(struct ndpi_detection_module_struct *ndpi_str, ndpi_str->proto_defaults[protoId].subprotocols = ndpi_malloc(sizeof(protoId) * ndpi_str->proto_defaults[protoId].subprotocol_count); + if(!ndpi_str->proto_defaults[protoId].subprotocols) { + ndpi_str->proto_defaults[protoId].subprotocol_count = 0; + return; + } va_start(ap, protoId); current_arg = va_arg(ap, int); while (current_arg != NDPI_PROTOCOL_NO_MORE_SUBPROTOCOLS) { - if(is_proto_enabled(ndpi_str, current_arg) && - ndpi_str->proto_defaults[protoId].subprotocols != NULL) { + if(is_proto_enabled(ndpi_str, current_arg)) { ndpi_str->proto_defaults[protoId].subprotocols[i++] = current_arg; } current_arg = va_arg(ap, int); @@ -621,6 +624,11 @@ static void addDefaultPort(struct ndpi_detection_module_struct *ndpi_str, (void *) root, ndpi_default_ports_tree_node_t_cmp); /* Add it to the tree */ + if(ret == NULL) { + NDPI_LOG_DBG(ndpi_str, "[NDPI] %s:%d error searching for port %u\n", _func, _line, port); + ndpi_free(node); + break; + } if(ret != node) { NDPI_LOG_DBG(ndpi_str, "[NDPI] %s:%d found duplicate for port %u: overwriting it with new value\n", _func, _line, port); @@ -803,6 +811,8 @@ void ndpi_init_protocol_match(struct ndpi_detection_module_struct *ndpi_str, if(ndpi_str->proto_defaults[match->protocol_id].protoName == NULL) { ndpi_str->proto_defaults[match->protocol_id].protoName = ndpi_strdup(match->proto_name); + if(!ndpi_str->proto_defaults[match->protocol_id].protoName) + return; ndpi_str->proto_defaults[match->protocol_id].isAppProtocol = 1; ndpi_str->proto_defaults[match->protocol_id].protoId = match->protocol_id; ndpi_str->proto_defaults[match->protocol_id].protoCategory = match->protocol_category; @@ -925,6 +935,9 @@ static void init_string_based_protocols(struct ndpi_detection_module_struct *ndp int ndpi_set_detection_preferences(struct ndpi_detection_module_struct *ndpi_str, ndpi_detection_preference pref, int value) { + if(!ndpi_str) + return -1; + switch(pref) { case ndpi_pref_direction_detect_disable: ndpi_str->direction_detect_disable = (u_int8_t) value; @@ -2157,6 +2170,9 @@ void ndpi_patricia_get_stats(ndpi_patricia_tree_t *tree, struct ndpi_patricia_tr int ndpi_get_patricia_stats(struct ndpi_detection_module_struct *ndpi_struct, ptree_type ptree_type, struct ndpi_patricia_tree_stats *stats) { + if(!ndpi_struct || !stats) + return -1; + switch(ptree_type) { case NDPI_PTREE_RISK_MASK: ndpi_patricia_get_stats((ndpi_patricia_tree_t *)ndpi_struct->ip_risk_mask_ptree, stats); @@ -2296,6 +2312,9 @@ u_int16_t ndpi_network_port_ptree_match(struct ndpi_detection_module_struct *ndp ndpi_prefix_t prefix; ndpi_patricia_node_t *node; + if(!ndpi_str->protocols_ptree) + return(NDPI_PROTOCOL_UNKNOWN); + if(ndpi_str->ndpi_num_custom_protocols == 0) { /* In case we don't have defined any custom protocol we check the ptree @@ -2823,7 +2842,7 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs if((ndpi_str->custom_categories.ipAddresses == NULL) || (ndpi_str->custom_categories.ipAddresses_shadow == NULL)) { NDPI_LOG_ERR(ndpi_str, "[NDPI] Error allocating Patricia trees\n"); - ndpi_free(ndpi_str); + ndpi_exit_detection_module(ndpi_str); return(NULL); } @@ -2841,7 +2860,6 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs ndpi_str->opportunistic_tls_pop_enabled = 1; ndpi_str->opportunistic_tls_ftp_enabled = 1; - for(i = 0; i < NUM_CUSTOM_CATEGORIES; i++) ndpi_snprintf(ndpi_str->custom_category_labels[i], CUSTOM_CATEGORY_LABEL_LEN, "User custom category %u", (unsigned int) (i + 1)); @@ -2899,6 +2917,9 @@ static void ndpi_add_domain_risk_exceptions(struct ndpi_detection_module_struct void ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str) { u_int i; + if(!ndpi_str) + return; + ndpi_add_domain_risk_exceptions(ndpi_str); if(ndpi_str->ookla_cache_num_entries > 0) { @@ -3035,6 +3056,9 @@ int ndpi_get_automa_stats(struct ndpi_detection_module_struct *ndpi_struct, automa_type automa_type, struct ndpi_automa_stats *stats) { + if(!ndpi_struct || !stats) + return -1; + switch(automa_type) { case NDPI_AUTOMA_HOST: ndpi_automa_get_stats(ndpi_struct->host_automa.ac_automa, stats); @@ -3537,7 +3561,7 @@ int ndpi_add_host_risk_mask(struct ndpi_detection_module_struct *ndpi_str, u_int len; char *host_dup = NULL; - if((ndpi_str->host_risk_mask_automa.ac_automa == NULL) || (host == NULL)) + if((ndpi_str == NULL) || (ndpi_str->host_risk_mask_automa.ac_automa == NULL) || (host == NULL)) return(-2); /* Zap heading/trailing quotes */ @@ -3928,6 +3952,8 @@ int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str, FILE *fd; int len, num = 0; + if(!ndpi_str) + return(-1); if(ndpi_str->malicious_ja3_hashmap == NULL && ndpi_hash_init(&ndpi_str->malicious_ja3_hashmap) != 0) return(-1); @@ -3990,6 +4016,8 @@ int ndpi_load_malicious_sha1_file(struct ndpi_detection_module_struct *ndpi_str, size_t i, len; int num = 0; + if(!ndpi_str) + return(-1); if(ndpi_str->malicious_sha1_hashmap == NULL && ndpi_hash_init(&ndpi_str->malicious_sha1_hashmap) != 0) return(-1); @@ -5119,16 +5147,19 @@ void ndpi_free_flow_data(struct ndpi_flow_struct* flow) { if(flow->l4.udp.quic_reasm_buf_bitmap) ndpi_free(flow->l4.udp.quic_reasm_buf_bitmap); } - } - if(flow->flow_payload != NULL) - ndpi_free(flow->flow_payload); + if(flow->flow_payload != NULL) + ndpi_free(flow->flow_payload); + } } /* ************************************************ */ -void ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *ndpi_str, +int ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *ndpi_str, const NDPI_PROTOCOL_BITMASK *dbm) { + if(!ndpi_str) + return -1; + NDPI_BITMASK_SET(ndpi_str->detection_bitmask, *dbm); ndpi_init_protocol_defaults(ndpi_str); @@ -5137,7 +5168,9 @@ void ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *n if(ndpi_callback_init(ndpi_str)) { NDPI_LOG_ERR(ndpi_str, "[NDPI] Error allocating callbacks\n"); + return -1; } + return 0; } /* ************************************************ */ @@ -5942,7 +5975,7 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st *protocol_was_guessed = 0; - if(flow == NULL) + if(!ndpi_str || !flow) return(ret); /* Init defaults */ @@ -6178,7 +6211,8 @@ int ndpi_enable_loaded_categories(struct ndpi_detection_module_struct *ndpi_str) 1 /* free patterns strings memory */); /* Finalize */ - ac_automata_finalize((AC_AUTOMATA_t *) ndpi_str->custom_categories.hostnames_shadow.ac_automa); + if(ndpi_str->custom_categories.hostnames_shadow.ac_automa) + ac_automata_finalize((AC_AUTOMATA_t *) ndpi_str->custom_categories.hostnames_shadow.ac_automa); /* Swap */ ndpi_str->custom_categories.hostnames.ac_automa = ndpi_str->custom_categories.hostnames_shadow.ac_automa; @@ -6410,18 +6444,23 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct struct ndpi_flow_struct *flow, const unsigned char *packet_data, const unsigned short packetlen, const u_int64_t current_time_ms, const struct ndpi_flow_input_info *input_info) { - struct ndpi_packet_struct *packet = &ndpi_str->packet; + struct ndpi_packet_struct *packet; NDPI_SELECTION_BITMASK_PROTOCOL_SIZE ndpi_selection_packet; u_int32_t num_calls = 0; - ndpi_protocol ret = { flow->detected_protocol_stack[1], flow->detected_protocol_stack[0], flow->guessed_protocol_id_by_ip, flow->category, NULL }; + ndpi_protocol ret = { 0 }; + + if(!flow || !ndpi_str) + return(ret); + + packet = &ndpi_str->packet; NDPI_LOG_DBG(ndpi_str, "[%d/%d] START packet processing\n", flow->detected_protocol_stack[0], flow->detected_protocol_stack[1]); - if(flow == NULL) - return(ret); - else - ret.category = flow->category; + ret.master_protocol = flow->detected_protocol_stack[1], + ret.app_protocol = flow->detected_protocol_stack[0]; + ret.protocol_by_ip = flow->guessed_protocol_id_by_ip; + ret.category = flow->category; if(flow->fail_with_unknown) { // printf("%s(): FAIL_WITH_UNKNOWN\n", __FUNCTION__); @@ -6437,8 +6476,6 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct flow->num_processed_pkts++; /* Init default */ - ret.master_protocol = flow->detected_protocol_stack[1], - ret.app_protocol = flow->detected_protocol_stack[0]; if(flow->extra_packets_func) { ndpi_process_extra_packet(ndpi_str, flow, packet_data, packetlen, current_time_ms, input_info); @@ -8442,6 +8479,9 @@ int ndpi_get_lru_cache_stats(struct ndpi_detection_module_struct *ndpi_struct, lru_cache_type cache_type, struct ndpi_lru_cache_stats *stats) { + if(!ndpi_struct || !stats) + return -1; + switch(cache_type) { case NDPI_LRUCACHE_OOKLA: ndpi_lru_get_stats(ndpi_struct->ookla_cache, stats); @@ -8476,6 +8516,9 @@ int ndpi_set_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct, lru_cache_type cache_type, u_int32_t num_entries) { + if(!ndpi_struct) + return -1; + switch(cache_type) { case NDPI_LRUCACHE_OOKLA: ndpi_struct->ookla_cache_num_entries = num_entries; @@ -8510,6 +8553,9 @@ int ndpi_get_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct, lru_cache_type cache_type, u_int32_t *num_entries) { + if(!ndpi_struct) + return -1; + switch(cache_type) { case NDPI_LRUCACHE_OOKLA: *num_entries = ndpi_struct->ookla_cache_num_entries; |