aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/ndpi_api.h5
-rw-r--r--src/include/ndpi_typedefs.h2
-rw-r--r--src/lib/ndpi_analyze.c84
-rw-r--r--src/lib/ndpi_main.c3
-rw-r--r--src/lib/third_party/include/ahocorasick.h8
-rw-r--r--src/lib/third_party/src/ahocorasick.c15
-rw-r--r--src/lib/third_party/src/hll/MurmurHash3.c8
-rw-r--r--src/lib/third_party/src/hll/hll.c7
8 files changed, 107 insertions, 25 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index 5214c054f..f1a64f26b 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -1123,6 +1123,7 @@ extern "C" {
size_t ndpi_patricia_walk_tree_inorder(ndpi_patricia_tree_t *patricia, ndpi_void_fn3_t func, void *data);
size_t ndpi_patricia_walk_inorder(ndpi_patricia_node_t *node, ndpi_void_fn3_t func, void *data);
void ndpi_patricia_remove(ndpi_patricia_tree_t *patricia, ndpi_patricia_node_t *node);
+ void ndpi_patricia_process (ndpi_patricia_tree_t *patricia, ndpi_void_fn2_t func);
void ndpi_patricia_set_node_u64(ndpi_patricia_node_t *node, u_int64_t value);
u_int64_t ndpi_patricia_get_node_u64(ndpi_patricia_node_t *node);
@@ -1677,13 +1678,13 @@ extern "C" {
/* ******************************* */
int ndpi_ses_init(struct ndpi_ses_struct *ses, double alpha, float significance);
- int ndpi_ses_add_value(struct ndpi_ses_struct *ses, const u_int64_t _value, double *forecast, double *confidence_band);
+ int ndpi_ses_add_value(struct ndpi_ses_struct *ses, const double _value, double *forecast, double *confidence_band);
void ndpi_ses_fitting(double *values, u_int32_t num_values, float *ret_alpha);
/* ******************************* */
int ndpi_des_init(struct ndpi_des_struct *des, double alpha, double beta, float significance);
- int ndpi_des_add_value(struct ndpi_des_struct *des, const u_int64_t _value, double *forecast, double *confidence_band);
+ int ndpi_des_add_value(struct ndpi_des_struct *des, const double _value, double *forecast, double *confidence_band);
void ndpi_des_fitting(double *values, u_int32_t num_values, float *ret_alpha, float *ret_beta);
/* ******************************* */
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 949db82a7..022c21ce0 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1787,6 +1787,8 @@ enum ndpi_bin_family {
ndpi_bin_family16,
ndpi_bin_family32,
ndpi_bin_family64,
+
+ kMaxValue = ndpi_bin_family64, /* To ease fuzzing */
};
struct ndpi_bin {
diff --git a/src/lib/ndpi_analyze.c b/src/lib/ndpi_analyze.c
index 66b68e0b2..0fe749050 100644
--- a/src/lib/ndpi_analyze.c
+++ b/src/lib/ndpi_analyze.c
@@ -70,15 +70,22 @@ void ndpi_free_data_analysis(struct ndpi_analyze_struct *d, u_int8_t free_pointe
/* ********************************************************************************* */
void ndpi_reset_data_analysis(struct ndpi_analyze_struct *d) {
- u_int32_t *values_bkp = d->values;
- u_int32_t num_values_array_len_bpk = d->num_values_array_len;
+ u_int32_t *values_bkp;
+ u_int32_t num_values_array_len_bpk;
+
+ if(!d)
+ return;
+
+ values_bkp = d->values;
+ num_values_array_len_bpk = d->num_values_array_len;
memset(d, 0, sizeof(struct ndpi_analyze_struct));
d->values = values_bkp;
d->num_values_array_len = num_values_array_len_bpk;
- memset(d->values, 0, sizeof(u_int32_t)*d->num_values_array_len);
+ if(d->values)
+ memset(d->values, 0, sizeof(u_int32_t)*d->num_values_array_len);
}
/* ********************************************************************************* */
@@ -178,7 +185,7 @@ float ndpi_data_mean(struct ndpi_analyze_struct *s) {
/* Compute the average only on the sliding window */
float ndpi_data_window_average(struct ndpi_analyze_struct *s) {
- if(s->num_values_array_len) {
+ if(s && s->num_values_array_len) {
float sum = 0.0;
u_int16_t i, n = ndpi_min(s->num_data_entries, s->num_values_array_len);
@@ -197,7 +204,7 @@ float ndpi_data_window_average(struct ndpi_analyze_struct *s) {
/* Compute the variance only on the sliding window */
float ndpi_data_window_variance(struct ndpi_analyze_struct *s) {
- if(s->num_values_array_len) {
+ if(s && s->num_values_array_len) {
float sum = 0.0, avg = ndpi_data_window_average(s);
u_int16_t i, n = ndpi_min(s->num_data_entries, s->num_values_array_len);
@@ -225,13 +232,16 @@ float ndpi_data_window_stddev(struct ndpi_analyze_struct *s) {
Compute entropy on the last sliding window values
*/
float ndpi_data_entropy(struct ndpi_analyze_struct *s) {
- if(s->num_values_array_len) {
+ if(s && s->num_values_array_len) {
int i;
float sum = 0.0, total = 0.0;
for(i=0; i<s->num_values_array_len; i++)
total += s->values[i];
+ if(fpclassify(total) == FP_ZERO)
+ return(0);
+
for (i=0; i<s->num_values_array_len; i++) {
float tmp = (float)s->values[i] / (float)total;
@@ -247,7 +257,7 @@ float ndpi_data_entropy(struct ndpi_analyze_struct *s) {
/* ********************************************************************************* */
void ndpi_data_print_window_values(struct ndpi_analyze_struct *s) {
- if(s->num_values_array_len) {
+ if(s && s->num_values_array_len) {
u_int16_t i, n = ndpi_min(s->num_data_entries, s->num_values_array_len);
for(i=0; i<n; i++)
@@ -371,9 +381,12 @@ void ndpi_free_bin(struct ndpi_bin *b) {
/* ********************************************************************************* */
struct ndpi_bin* ndpi_clone_bin(struct ndpi_bin *b) {
- struct ndpi_bin *out = (struct ndpi_bin*)ndpi_malloc(sizeof(struct ndpi_bin));
+ struct ndpi_bin *out;
+
+ if(!b || !b->u.bins8) return(NULL);
- if(!b || !b->u.bins8 || !out) return(NULL);
+ out = (struct ndpi_bin*)ndpi_malloc(sizeof(struct ndpi_bin));
+ if(!out) return(NULL);
out->num_bins = b->num_bins, out->family = b->family, out->is_empty = b->is_empty;
@@ -417,7 +430,7 @@ struct ndpi_bin* ndpi_clone_bin(struct ndpi_bin *b) {
/* ********************************************************************************* */
void ndpi_set_bin(struct ndpi_bin *b, u_int16_t slot_id, u_int64_t val) {
- if(!b || !b->u.bins8)
+ if(!b || !b->u.bins8 || b->num_bins == 0)
return;
if(slot_id >= b->num_bins) slot_id = 0;
@@ -441,7 +454,7 @@ void ndpi_set_bin(struct ndpi_bin *b, u_int16_t slot_id, u_int64_t val) {
/* ********************************************************************************* */
void ndpi_inc_bin(struct ndpi_bin *b, u_int16_t slot_id, u_int64_t val) {
- if(!b || !b->u.bins8)
+ if(!b || !b->u.bins8 || b->num_bins == 0)
return;
b->is_empty = 0;
@@ -467,7 +480,7 @@ void ndpi_inc_bin(struct ndpi_bin *b, u_int16_t slot_id, u_int64_t val) {
/* ********************************************************************************* */
u_int64_t ndpi_get_bin_value(struct ndpi_bin *b, u_int16_t slot_id) {
- if(!b || !b->u.bins8)
+ if(!b || !b->u.bins8 || b->num_bins == 0)
return(0);
if(slot_id >= b->num_bins) slot_id = 0;
@@ -669,7 +682,7 @@ float ndpi_bin_similarity(struct ndpi_bin *b1, struct ndpi_bin *b2,
}
#else
{
- u_int32_t sum = 0;
+ double sum = 0;
for(i=0; i<b1->num_bins; i++) {
u_int32_t a = ndpi_get_bin_value(b1, i);
@@ -714,6 +727,9 @@ int ndpi_cluster_bins(struct ndpi_bin *bins, u_int16_t num_bins,
srand(time(NULL));
+ if(!bins || num_bins == 0 || !cluster_ids || num_clusters == 0)
+ return(-1);
+
if(num_clusters > num_bins) num_clusters = num_bins;
if(num_clusters > MAX_NUM_CLUSTERS) num_clusters = MAX_NUM_CLUSTERS;
@@ -917,6 +933,9 @@ int ndpi_cluster_bins(struct ndpi_bin *bins, u_int16_t num_bins,
*/
int ndpi_alloc_rsi(struct ndpi_rsi_struct *s, u_int16_t num_learning_values) {
+ if(!s || num_learning_values == 0)
+ return(-1);
+
memset(s, 0, sizeof(struct ndpi_rsi_struct));
s->empty = 1, s->num_values = num_learning_values;
@@ -1061,6 +1080,9 @@ int ndpi_hw_init(struct ndpi_hw_struct *hw,
double alpha, double beta, double gamma, float significance) {
memset(hw, 0, sizeof(struct ndpi_hw_struct));
+ if(num_periods == 65535) /* To avoid overflow */
+ return(-1);
+
hw->params.num_season_periods = num_periods + 1;
hw->params.alpha = alpha;
hw->params.beta = beta;
@@ -1195,6 +1217,9 @@ int ndpi_hw_add_value(struct ndpi_hw_struct *hw, const u_int64_t _value, double
*/
int ndpi_jitter_init(struct ndpi_jitter_struct *s, u_int16_t num_learning_values) {
+ if(!s)
+ return(-1);
+
memset(s, 0, sizeof(struct ndpi_jitter_struct));
if(num_learning_values < 2) num_learning_values = 2;
@@ -1255,6 +1280,9 @@ float ndpi_jitter_add_value(struct ndpi_jitter_struct *s, const float value) {
*/
int ndpi_ses_init(struct ndpi_ses_struct *ses, double alpha, float significance) {
+ if(!ses)
+ return(-1);
+
memset(ses, 0, sizeof(struct ndpi_ses_struct));
ses->params.alpha = alpha;
@@ -1282,7 +1310,7 @@ int ndpi_ses_init(struct ndpi_ses_struct *ses, double alpha, float significance)
0 Too early: we're still in the learning phase. Output values are zero.
1 Normal processing: forecast and confidence_band are meaningful
*/
-int ndpi_ses_add_value(struct ndpi_ses_struct *ses, const u_int64_t _value, double *forecast, double *confidence_band) {
+int ndpi_ses_add_value(struct ndpi_ses_struct *ses, const double _value, double *forecast, double *confidence_band) {
double value = (double)_value, error, sq_error;
int rc;
@@ -1330,6 +1358,11 @@ void ndpi_ses_fitting(double *values, u_int32_t num_values, float *ret_alpha) {
double sse, lowest_sse;
int trace = 0;
+ if(!values || num_values == 0) {
+ *ret_alpha = 0;
+ return;
+ }
+
lowest_sse = 0, best_alpha = 0;
for(alpha=0.1; alpha<0.99; alpha += 0.05) {
@@ -1382,6 +1415,9 @@ void ndpi_ses_fitting(double *values, u_int32_t num_values, float *ret_alpha) {
*/
int ndpi_des_init(struct ndpi_des_struct *des, double alpha, double beta, float significance) {
+ if(!des)
+ return(-1);
+
memset(des, 0, sizeof(struct ndpi_des_struct));
des->params.alpha = alpha;
@@ -1410,7 +1446,7 @@ int ndpi_des_init(struct ndpi_des_struct *des, double alpha, double beta, float
0 Too early: we're still in the learning phase. Output values are zero.
1 Normal processing: forecast and confidence_band are meaningful
*/
-int ndpi_des_add_value(struct ndpi_des_struct *des, const u_int64_t _value, double *forecast, double *confidence_band) {
+int ndpi_des_add_value(struct ndpi_des_struct *des, const double _value, double *forecast, double *confidence_band) {
double value = (double)_value, error, sq_error;
int rc;
@@ -1460,6 +1496,12 @@ void ndpi_des_fitting(double *values, u_int32_t num_values, float *ret_alpha, fl
double sse, lowest_sse;
int trace = 0;
+ if(!values || num_values == 0) {
+ *ret_alpha = 0;
+ *ret_beta = 0;
+ return;
+ }
+
lowest_sse = 0, best_alpha = 0, best_beta = 0;
for(beta=0.1; beta<0.99; beta += 0.05) {
@@ -1513,7 +1555,10 @@ u_int ndpi_find_outliers(u_int32_t *values, bool *outliers, u_int32_t num_values
u_int i, ret = 0;
float mean, stddev, low_threshold = -2.5, high_threshold = 2.5;
struct ndpi_analyze_struct a;
-
+
+ if(!values || !outliers || num_values == 0)
+ return(ret);
+
ndpi_init_data_analysis(&a, 3 /* this is the window so we do not need to store values and 3 is enough */);
/* Add values */
@@ -1522,7 +1567,12 @@ u_int ndpi_find_outliers(u_int32_t *values, bool *outliers, u_int32_t num_values
mean = ndpi_data_mean(&a);
stddev = ndpi_data_stddev(&a);
-
+
+ if(fpclassify(stddev) == FP_ZERO) {
+ ndpi_free_data_analysis(&a, 0);
+ return(ret);
+ }
+
/* Process values */
for(i=0; i<num_values; i++) {
float z_score = (((float)values[i]) - mean) / stddev;
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 4618cb75f..dd54356cf 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -2104,7 +2104,8 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
#define MATCH_DEBUG_INFO(fmt, ...) if(txt->option & AC_FEATURE_DEBUG) printf(fmt, ##__VA_ARGS__)
-static int ac_domain_match_handler(AC_MATCH_t *m, AC_TEXT_t *txt, AC_REP_t *match) {
+/* No static because it is used by fuzzer, too */
+int ac_domain_match_handler(AC_MATCH_t *m, AC_TEXT_t *txt, AC_REP_t *match) {
AC_PATTERN_t *pattern = m->patterns;
int i,start,end = m->position;
diff --git a/src/lib/third_party/include/ahocorasick.h b/src/lib/third_party/include/ahocorasick.h
index 0651ce0f8..37d13b0f0 100644
--- a/src/lib/third_party/include/ahocorasick.h
+++ b/src/lib/third_party/include/ahocorasick.h
@@ -18,6 +18,10 @@
along with multifast. If not, see <http://www.gnu.org/licenses/>.
*/
+#ifdef __cplusplus
+extern "C" {
+#endif
+
#ifndef _AC_TYPES_H_
#define _AC_TYPES_H_
@@ -274,3 +278,7 @@ void ac_automata_dump (AC_AUTOMATA_t * thiz, FILE *);
#endif
void ac_automata_get_stats(AC_AUTOMATA_t * thiz, struct ac_stats *stats);
#endif
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/src/lib/third_party/src/ahocorasick.c b/src/lib/third_party/src/ahocorasick.c
index 70f566550..34ca51dac 100644
--- a/src/lib/third_party/src/ahocorasick.c
+++ b/src/lib/third_party/src/ahocorasick.c
@@ -643,17 +643,25 @@ static AC_ERROR_t dump_node_common(AC_AUTOMATA_t * thiz,
dump_node_header(n,ai);
if (n->matched_patterns && n->matched_patterns->num && n->final) {
char lbuf[512];
- int nl = 0,j;
+ int nl = 0,j,ret;
nl = ndpi_snprintf(lbuf,sizeof(lbuf),"'%.100s' N:%d{",rstr,n->matched_patterns->num);
for (j=0; j<n->matched_patterns->num; j++) {
AC_PATTERN_t *sid = &n->matched_patterns->patterns[j];
- if(j) nl += ndpi_snprintf(&lbuf[nl],sizeof(lbuf)-nl-1,", ");
- nl += ndpi_snprintf(&lbuf[nl],sizeof(lbuf)-nl-1,"%d %c%.100s%c",
+ if(j) {
+ ret = ndpi_snprintf(&lbuf[nl],sizeof(lbuf)-nl-1,", ");
+ if (ret < 0 || (unsigned int)ret >= sizeof(lbuf)-nl-1)
+ break;
+ nl += (unsigned int)ret;
+ }
+ ret = ndpi_snprintf(&lbuf[nl],sizeof(lbuf)-nl-1,"%d %c%.100s%c",
sid->rep.number & 0x3fff,
sid->rep.number & 0x8000 ? '^':' ',
sid->astring,
sid->rep.number & 0x4000 ? '$':' ');
+ if (ret < 0 || (unsigned int)ret >= sizeof(lbuf)-nl-1)
+ break;
+ nl += (unsigned int)ret;
}
fprintf(ai->file,"%s}\n",lbuf);
}
@@ -700,6 +708,7 @@ void ac_automata_dump(AC_AUTOMATA_t * thiz, FILE *file) {
fprintf(ai.file,"---\n mem size %zu avg node size %d, node one char %d, <=8c %d, >8c %d, range %d\n---DUMP-END-\n",
ai.memcnt,(int)ai.memcnt/(thiz->all_nodes_num+1),(int)ai.node_oc,(int)ai.node_8c,(int)ai.node_xc,(int)ai.node_xr);
#endif
+ acho_free(ai.bufstr);
}
#endif
diff --git a/src/lib/third_party/src/hll/MurmurHash3.c b/src/lib/third_party/src/hll/MurmurHash3.c
index ba4d60680..cf395f52b 100644
--- a/src/lib/third_party/src/hll/MurmurHash3.c
+++ b/src/lib/third_party/src/hll/MurmurHash3.c
@@ -16,7 +16,9 @@ u_int32_t MurmurHash3_x86_32(const void *key, u_int32_t len, u_int32_t seed) {
const u_int32_t c1 = 0xcc9e2d51;
const u_int32_t c2 = 0x1b873593;
- const u_int32_t *blocks = (const u_int32_t *)(data + nblocks * 4);
+ const u_int32_t *blocks = NULL;
+ if(data && len) /* To avoid UBSAN warning: runtime error: applying zero offset to null pointer */
+ blocks = (const u_int32_t *)(data + nblocks * 4);
for(i = -nblocks; i; i++)
{
@@ -31,7 +33,9 @@ u_int32_t MurmurHash3_x86_32(const void *key, u_int32_t len, u_int32_t seed) {
h1 = h1 * 5 + 0xe6546b64;
}
- const u_int8_t * tail = (const u_int8_t *)(data + nblocks * 4);
+ const u_int8_t * tail = NULL;
+ if(data && len) /* To avoid UBSAN warning: runtime error: applying zero offset to null pointer */
+ tail = (const u_int8_t *)(data + nblocks * 4);
u_int32_t k1 = 0;
diff --git a/src/lib/third_party/src/hll/hll.c b/src/lib/third_party/src/hll/hll.c
index ad7284411..b0e0a1343 100644
--- a/src/lib/third_party/src/hll/hll.c
+++ b/src/lib/third_party/src/hll/hll.c
@@ -71,6 +71,13 @@ static __inline u_int8_t _hll_rank(u_int32_t hash, u_int8_t bits) {
[i: 19] 524288 bytes [StdError: 0.14%]
*/
int hll_init(struct ndpi_hll *hll, u_int8_t bits) {
+ if(!hll) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ memset(hll, '\0', sizeof(*hll));
+
if(bits < 4 || bits > 20) {
errno = ERANGE;
return -1;
Powered by cgit, Themed by Ted Yin.