aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* Redefined type name to avoid conflictsLuca Deri2022-05-30
|
* Added ability to return risk info in JSON format in ndpi_get_flow_risk_info()Luca2022-05-30
|
* Support word diff for tests/do.sh for better readability. (#1565)Toni2022-05-30
| | | | | * Sync unit tests Signed-off-by: lns <matzeton@googlemail.com>
* Prohibit MPEG-DASH to set HTTP as application protocol. (#1560)Toni2022-05-30
| | | Signed-off-by: lns <matzeton@googlemail.com>
* HTTP: fix heap-buffer-overflow error (#1564)Ivan Nardi2022-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ``` ==222479==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60b000014739 at pc 0x55af06f2364f bp 0x7ffd7b6f4bf0 sp 0x7ffd7b6f4378 READ of size 12 at 0x60b000014739 thread T0 #0 0x55af06f2364e in printf_common(void*, char const*, __va_list_tag*) asan_interceptors.cpp.o #1 0x55af06f24f70 in __interceptor_snprintf (/home/ivan/svnrepos/nDPI/fuzz/fuzz_ndpi_reader_with_main+0x613f70) (BuildId: f6545ec2bd7663bc3f16aeeb87bddc64d173a2a8) #2 0x55af0720927f in ndpi_check_http_header /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:982:2 #3 0x55af071f4797 in ndpi_check_http_tcp /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:1219:5 #4 0x55af071f05c5 in ndpi_search_http_tcp /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:1402:3 #5 0x55af07080d1e in check_ndpi_detection_func /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:5150:6 #6 0x55af07081734 in check_ndpi_tcp_flow_func /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:5198:12 #7 0x55af070813d7 in ndpi_check_flow_func /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:5217:12 #8 0x55af070939f7 in ndpi_detection_process_packet /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:6076:15 #9 0x55af06fc7e1f in packet_processing /home/ivan/svnrepos/nDPI/example/reader_util.c:1541 #10 0x55af06fc7e1f in ndpi_workflow_process_packet /home/ivan/svnrepos/nDPI/example/reader_util.c:2110 #11 0x55af06fc2859 in LLVMFuzzerTestOneInput /home/ivan/svnrepos/nDPI/fuzz/fuzz_ndpi_reader.c:109:7 #12 0x55af06fc2feb in main /home/ivan/svnrepos/nDPI/fuzz/fuzz_ndpi_reader.c:181:17 #13 0x7efe5eaac082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16 #14 0x55af06f0055d in _start (/home/ivan/svnrepos/nDPI/fuzz/fuzz_ndpi_reader_with_main+0x5ef55d) (BuildId: f6545ec2bd7663bc3f16aeeb87bddc64d173a2a8) 0x60b000014739 is located 0 bytes to the right of 105-byte region [0x60b0000146d0,0x60b000014739) allocated by thread T0 here: #0 0x55af06f84bae in malloc (/home/ivan/svnrepos/nDPI/fuzz/fuzz_ndpi_reader_with_main+0x673bae) (BuildId: f6545ec2bd7663bc3f16aeeb87bddc64d173a2a8) #1 0x55af06fc2673 in LLVMFuzzerTestOneInput /home/ivan/svnrepos/nDPI/fuzz/fuzz_ndpi_reader.c:103:31 #2 0x55af06fc2feb in main /home/ivan/svnrepos/nDPI/fuzz/fuzz_ndpi_reader.c:181:17 #3 0x7efe5eaac082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16 ``` Fiund by oss-fuzzer. See: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47724
* Certificate timestamps should be printed in UTC (#1563)Ivan Nardi2022-05-30
| | | This way, the CI results are consistent
* Fixed dispay bug for risk_infoLuca Deri2022-05-30
|
* Updated tests resultsLuca Deri2022-05-30
| | | | Code cleanup
* Added RiskInfo stringLuca Deri2022-05-30
|
* Fix dissection of IPv4 header (#1561)Ivan Nardi2022-05-29
| | | | | See: https://github.com/ntop/nDPI/runs/6643914510?check_suite_focus=true Convert al the `MIN(a,b)` calls to `ndpi_min(a,b)`
* Dazn: add support for Dazn streaming service (#1559)Ivan Nardi2022-05-29
| | | Update .gitignore file
* Compilation fixes for old ggc'sLuca Deri2022-05-29
|
* CommentLuca Deri2022-05-29
|
* Added detection for WordPress exploitsLuca Deri2022-05-29
| | | | Fixed ndpi_iph_is_valid_and_not_fragmented() that was bugged with non UDP traffic
* Use Doxygen to generate the API documentation. (#1558)Toni2022-05-29
| | | | | * Integrated Doxygen documentation into Sphinx Signed-off-by: lns <matzeton@googlemail.com>
* Added MPEG-DASH dissector. Fixes #1223. (#1555)Toni2022-05-29
| | | | | | * Improved HTTP POST detection * Refactored subprotocol detection Signed-off-by: lns <matzeton@googlemail.com>
* Fixed HTTP lower/upper protocol mess for Aimini/IPP. (#1557)Toni2022-05-28
| | | | | * If HTTP was already detected, there is no need to overwrite the detection again Signed-off-by: lns <matzeton@googlemail.com>
* Compilation fixes for old gcc compilerLuca Deri2022-05-28
|
* Compilation fixesLuca Deri2022-05-27
|
* Version cut fixLuca Deri2022-05-27
|
* Fixes compilation issues on RedHat systemsLuca Deri2022-05-26
|
* Sync unit test results (#1554)Ivan Nardi2022-05-26
|
* Updated SkypeCall -> Skype_TeamsCallLuca Deri2022-05-26
|
* Fixed false positives with NATSLuca Deri2022-05-26
|
* Added script to compare and verify the output of `make dist'. (#1551)Toni2022-05-26
| | | | | | | This fixes some build/test issues resulting when using tarballs. * nDPI uses autotools (especially autoconf) in a wrong way, see #1163 Signed-off-by: lns <matzeton@googlemail.com>
* Replaced obsolete autoconf macros. (#1553)Toni2022-05-26
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Fixed windows-latest build error. (#1552)Toni2022-05-26
| | | | | * The warning itself looks like a bug Signed-off-by: lns <matzeton@googlemail.com>
* Improved invalid host detectionLuca Deri2022-05-24
|
* Added invalid SNI check in QUICLuca Deri2022-05-24
|
* Improved detection of invalid SNI and hostnames in TLS, HTTPLuca Deri2022-05-24
|
* Added room for storing information used by custom third-party dissectorsLuca Deri2022-05-19
|
* Moved RTSP http patterns to the protocol source file.lns2022-05-19
| | | | Signed-off-by: lns <matzeton@googlemail.com>
* Yet another approach to fix #1499 (basically a copy&pasta from @socketpair).Toni Uhlig2022-05-16
| | | | | | * Related to #1545, #1494 and #1189 as well Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Removed MacOS XCode integration.Toni Uhlig2022-05-16
| | | | | | | | | * It is outdated (from 2018) and will most likely not work anymore due to changed protocol files and outdated API usage in the example integration * Removal is the only option besides fixing those issues and provide a CI integration for future automatic checks Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Moved mgcp.pcapng to tests/pcap/ instead of tests/Toni Uhlig2022-05-16
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* DNS-over-QUIC: update default port (#1548)Ivan Nardi2022-05-12
| | | | | | Final RFC (https://www.rfc-editor.org/rfc/rfc9250.txt) changed the default port to 853 (from the 784 used on the early drafts). Since there is at least one deployed implementation still stuck at draft-02, keep also the old value, for the time being.
* Improved Viber (TCP) detection. (#1547)Toni2022-05-10
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Improved Xiaomi HTTP detection. (#1546)Toni2022-05-10
| | | | | * Merged Xiaomi pcap files Signed-off-by: lns <matzeton@googlemail.com>
* Removed TLS patterns in the CiscoVPN aka Anyconnect dissector as mentioned ↵Toni2022-05-09
| | | | | in PR #1534. (#1543) Signed-off-by: lns <matzeton@googlemail.com>
* Added Softether(-VPN) DDNS service detection. (#1544)Toni2022-05-09
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Improved TLS alert detection. (#1542)Toni2022-05-08
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Improved TLS application data detection. (#1541)Toni2022-05-08
| | | | | | * #1532 did fx TLS appdata detection only partially * use flow->l4.tcp.tls.message.buffer_used instead of packet->payload Signed-off-by: lns <matzeton@googlemail.com>
* Added Edgecast and Cachefly CDNs. (#1540)Toni2022-05-07
| | | | | | | | * Improved ASN update script * Ran `utils/update_every_lists.sh' * `tests/do.sh.in' prints the amount of failed pcap(s) * `utils/asn_update.sh' prints the amount of failed download(s) Signed-off-by: lns <matzeton@googlemail.com>
* Replaced ndpiReader's libjson-c support with libnDPI's internal ↵Toni2022-05-07
| | | | | | | | | | | serialization interface. (#1535) * Fixes #1528 * Serialization Interface should also fuzzed * libjson-c may only be used in the unit test to verify the internal serialization interface * Serialization Interface supports tlv(broken), csv and json * Unit test does work again and requires libjson-c Signed-off-by: lns <matzeton@googlemail.com>
* Fix compilation (if `--enable-debug-messages` is used) (#1539)Ivan Nardi2022-05-04
|
* Added extra check to make sure that the guessed protocol is the one we ↵Luca Deri2022-05-04
| | | | expect and not another one
* Fixes bug that prevents triggering alerts for traffic on non-standard ports ↵Luca Deri2022-05-04
| | | | | | that have been defined in the custom protocols file Fixes https://github.com/ntop/ntopng/issues/6458
* Fixes outdated descriptionLuca Deri2022-05-04
|
* Modified risk labelsLuca Deri2022-05-04
|
* Added some Pluralsight Hostnames/SNIs. May fix #1501. (#1538)Toni2022-05-03
| | | Signed-off-by: lns <matzeton@googlemail.com>
Powered by cgit, Themed by Ted Yin.