6 files changed, 35 insertions, 25 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index 0a2322ffe..3d99a6c03 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -756,11 +756,14 @@ extern "C" {
    * @par     ndpi_mod = the detection module
    * @par     path     = the path of the file
    * @return  0 if the file is loaded correctly;
-   *          -1 else
+   *          -1 generic error
+   *          -2 memory allocation error
    *
    */
   int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_mod,
 			       const char* path);
+  int ndpi_load_protocols_file2(struct ndpi_detection_module_struct *ndpi_mod,
+			        FILE *fd);
 
   /**
    * Add an IP-address based risk mask
diff --git a/src/lib/ndpi_classify.c b/src/lib/ndpi_classify.c
index 538eb2b82..114982de4 100644
--- a/src/lib/ndpi_classify.c
+++ b/src/lib/ndpi_classify.c
@@ -583,7 +583,9 @@ ndpi_update_params (classifier_type_codes_t param_type, const char *param_file)
     break;
 
   default:
+#if 0
     printf("error: unknown paramerter type (%d)", param_type);
+#endif
     break;
   }
 }
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index d806957ed..8c553ef7f 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -2608,7 +2608,8 @@ static int ndpi_add_host_ip_subprotocol(struct ndpi_detection_module_struct *ndp
     }
   }
 
-  inet_pton(AF_INET, value, &pin);
+  if(inet_pton(AF_INET, value, &pin) != 1)
+    return(-1);
 
   if((node = add_to_ptree(ndpi_str->protocols_ptree, AF_INET, &pin, bits)) != NULL) {
     int i;
@@ -2653,7 +2654,7 @@ void set_ndpi_flow_free(void (*__ndpi_flow_free)(void *ptr)) {
 }
 
 void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct *ndpi_str, ndpi_log_level_t log_level,
-                       const char *file_name, const char *func_name, int line_number, const char *format, ...) {
+                       const char *file_name, const char *func_name, unsigned int line_number, const char *format, ...) {
 #ifdef NDPI_ENABLE_DEBUG_MESSAGES
   va_list args;
 #define MAX_STR_LEN 250
@@ -4351,26 +4352,37 @@ int ndpi_load_malicious_sha1_file(struct ndpi_detection_module_struct *ndpi_str,
 
 */
 int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, const char *path) {
+  int rc;
   FILE *fd;
-  char *buffer, *old_buffer;
-  int chunk_len = 1024, buffer_len = chunk_len, old_buffer_len;
-  int i, rc = -1;
 
   if(!ndpi_str || !path)
     return(-1);
 
   fd = fopen(path, "r");
-
   if(fd == NULL) {
     NDPI_LOG_ERR(ndpi_str, "Unable to open file %s [%s]\n", path, strerror(errno));
-    goto error;
+    return -1;
   }
 
-  buffer = ndpi_malloc(buffer_len);
+  rc = ndpi_load_protocols_file2(ndpi_str, fd);
 
+  fclose(fd);
+
+  return rc;
+}
+
+int ndpi_load_protocols_file2(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) {
+  char *buffer, *old_buffer;
+  int chunk_len = 1024, buffer_len = chunk_len, old_buffer_len;
+  int i;
+
+  if(!ndpi_str || !fd)
+    return -1;
+
+  buffer = ndpi_malloc(buffer_len);
   if(buffer == NULL) {
     NDPI_LOG_ERR(ndpi_str, "Memory allocation failure\n");
-    goto close_fd;
+    return -2;
   }
 
   while(1) {
@@ -4378,6 +4390,7 @@ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, cons
     int line_len = buffer_len;
 
     while(((line = fgets(line, line_len, fd)) != NULL)
+	  && strlen(line) > 0
 	  && (line[strlen(line) - 1] != '\n')) {
       i = strlen(line);
       old_buffer = buffer;
@@ -4385,11 +4398,10 @@ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, cons
       buffer_len += chunk_len;
 
       buffer = ndpi_realloc(old_buffer, old_buffer_len, buffer_len);
-
       if(buffer == NULL) {
 	NDPI_LOG_ERR(ndpi_str, "Memory allocation failure\n");
 	ndpi_free(old_buffer);
-	goto close_fd;
+	return -2;
       }
 
       line = &buffer[i];
@@ -4419,15 +4431,9 @@ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, cons
       NDPI_LOG_INFO(ndpi_str, "Discraded rule '%s'\n", buffer);
   }
 
-  rc = 0;
-
   ndpi_free(buffer);
 
- close_fd:
-  fclose(fd);
-
- error:
-  return(rc);
+  return 0;
 }
 
 /* ******************************************************************** */
@@ -9027,12 +9033,14 @@ u_int ndpi_get_ndpi_detection_module_size() {
 
 void ndpi_set_debug_bitmask(struct ndpi_detection_module_struct *ndpi_str, NDPI_PROTOCOL_BITMASK debug_bitmask) {
 #ifdef NDPI_ENABLE_DEBUG_MESSAGES
-  ndpi_str->debug_bitmask = debug_bitmask;
+  if(ndpi_str)
+    ndpi_str->debug_bitmask = debug_bitmask;
 #endif
 }
 
 void ndpi_set_log_level(struct ndpi_detection_module_struct *ndpi_str, u_int l){
-  ndpi_str->ndpi_log_level = l;
+  if(ndpi_str)
+    ndpi_str->ndpi_log_level = l;
 }
 
 /* ******************************************************************** */
diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c
index 07358468d..5fc71a67a 100644
--- a/src/lib/protocols/dns.c
+++ b/src/lib/protocols/dns.c
@@ -192,7 +192,6 @@ static uint32_t dns_validchar[8] = {
 
 static char* dns_error_code2string(u_int16_t error_code, char *buf, u_int buf_len) {
   switch(error_code) {
-  case 0: return((char*)"NOERROR");
   case 1: return((char*)"FORMERR");
   case 2: return((char*)"SERVFAIL");
   case 3: return((char*)"NXDOMAIN");
diff --git a/src/lib/protocols/raknet.c b/src/lib/protocols/raknet.c
index 49db3cc55..e134f3668 100644
--- a/src/lib/protocols/raknet.c
+++ b/src/lib/protocols/raknet.c
@@ -300,7 +300,6 @@ static void ndpi_search_raknet(struct ndpi_detection_module_struct *ndpi_struct,
         }
         return;
       }
-      break;
 
     case 0x09: /* Connection Request */
       if (packet->payload_packet_len != 16)
@@ -370,7 +369,6 @@ static void ndpi_search_raknet(struct ndpi_detection_module_struct *ndpi_struct,
         }
         return;
       }
-      break;
 
     case 0xfe: /* Game Packet */
       required_packets = 8;
diff --git a/src/lib/third_party/src/gcrypt_light.c b/src/lib/third_party/src/gcrypt_light.c
index 5a4321e75..b952fa695 100644
--- a/src/lib/third_party/src/gcrypt_light.c
+++ b/src/lib/third_party/src/gcrypt_light.c
@@ -176,7 +176,7 @@ gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
 struct gcry_cipher_hd *r = 0;
 size_t s_len = ROUND_SIZE8(sizeof(struct gcry_cipher_hd));;
 
-    if(flags || algo != GCRY_CIPHER_AES128 || !( mode == GCRY_CIPHER_MODE_ECB || mode == GCRY_CIPHER_MODE_GCM)) return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    if(flags || algo != GCRY_CIPHER_AES128) return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
 
     switch(mode) {
         case GCRY_CIPHER_MODE_ECB: