| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | |
|
| | |
|
| |
|
|
| |
TCP framing is optional
|
| | |
|
| | |
|
| |
|
|
| |
Look for RTP packets in the STUN sessions.
TODO: tell RTP from RTCP
|
| |
|
| |
We can't access to `ndpi_str->packet` from `ndpi_detection_giveup()`
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Enhanced the Line IP list with https://ipinfo.io/AS23576/125.209.252.0/24 used by line
|
| | |
|
| |
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
In file included from ../include/ndpi_main.h:34,
from ../include/ndpi_api.h:28,
from protocols/activision.c:26:
../include/ndpi_typedefs.h:294:3: error: unknown type name 'u_char'
294 | u_char h_dest[6]; /* destination eth addr */
| ^~~~~~
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
File copied from https://github.com/google/oss-fuzz/blob/master/projects/ndpi/build.sh
The general idea is to keep the build script in our repository and use
it from oss-fuzz builder: updating it from our side is easier and faster
then passing via an oss-fuzz PR.
The original idea is from @utoni in 3068306b60.
Once this change has been merged, we can update the code in oss-fuzz.
|
| | |
|
| | |
|
| |
|
|
| |
Found while fuzzing
|
| |
|
|
|
|
| |
See: https://www.rfc-editor.org/rfc/rfc9369.txt
Old v2-01 version has been removed, since it has never been really used.
|
| | |
|
| | |
|
| |
|
|
|
| |
* fixed numtrunc error in protocols/tls.c
* fixed build error for tls.c
|
| |
|
|
|
|
|
|
|
| |
* added new domain names
* Sync unit tests results
---------
Co-authored-by: Nardi Ivan <nardi.ivan@gmail.com>
|
| |
|
| |
Usage: `FORCE_UPDATING_UTESTS_RESULTS=1 ./tests/do.sh`
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add bitcoing protocol dissector.
* remove bitcoin protcol detection from mining.c
* add a new bitcoin deissector.
* add a new category: Cryptocurrency.
Signed-off-by: Mahmoud Maatuq <mahmoudmatook.mm@gmail.com>
* Remove useless checks and add missing windows and docs file.
Signed-off-by: Mahmoud Maatuq <mahmoudmatook.mm@gmail.com>
* update affected tests.
Signed-off-by: Mahmoud Maatuq <mahmoudmatook.mm@gmail.com>
* add a brief version.
Add notes on the difference between normal bitcoin protocol and the
mining protocol.
Signed-off-by: Mahmoud Maatuq <mahmoudmatook.mm@gmail.com>
* update enable_payload_stat test after dev rebasing.
Signed-off-by: Mahmoud Maatuq <mahmoudmatook.mm@gmail.com>
---------
Signed-off-by: Mahmoud Maatuq <mahmoudmatook.mm@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* fixed numeric truncation error in ndpi_analyze.c
* fixed numeric truncation error in ndpi_analyze.c x2
* fixed numeric truncation error in ndpi_analyze.c x3
* fixed numeric truncation error in ndpi_analyze.c and printf format
* fixed tests
|
| |
|
|
|
| |
* make user data available for any build config
Signed-off-by: lns <matzeton@googlemail.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Some low hanging fruits found using nallocfuzz.
See: https://github.com/catenacyber/nallocfuzz
See: https://github.com/google/oss-fuzz/pull/9902
Most of these errors are quite trivial to fix; the only exception is the
stuff in the uthash.
If the insertion fails (because of an allocation failure), we need to
avoid some memory leaks. But the only way to check if the `HASH_ADD_*`
failed, is to perform a new lookup: a bit costly, but we don't use that
code in any critical data-path.
|
| |
|
|
|
|
| |
`ndpi_detection_giveup()` (#1996)
`ndpi_reconcile_protocols()` is already called by
`ndpi_set_detected_protocol()`
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
```
==32439==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x604000000080 at pc 0x564a9a1639ac bp 0x7ffc77d42e20 sp 0x7ffc77d42e18
READ of size 1 at 0x604000000080 thread T0
#0 0x564a9a1639ab in ndpi_check_punycode_string /home/ivan/svnrepos/nDPI/src/lib/ndpi_utils.c:98:12
#1 0x564a9a26025a in ndpi_match_host_subprotocol /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:8652:6
#2 0x564a9a33e45c in ndpi_http_parse_subprotocol /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:446:9
#3 0x564a9a3354b8 in check_content_type_and_change_protocol /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:921:3
#4 0x564a9a32dc8b in process_request /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:1237:3
#5 0x564a9a329a9c in ndpi_check_http_tcp /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:1351:5
#6 0x564a9a3293ed in ndpi_search_http_tcp /home/ivan/svnrepos/nDPI/src/lib/protocols/http.c:1425:3
#7 0x564a9a21c64a in check_ndpi_detection_func /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:5906:6
#8 0x564a9a21d057 in check_ndpi_tcp_flow_func /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:5954:12
```
Found by oss-fuzzer.
See: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59393
|
| |
|
|
|
| |
Add a basic unit test
Fix an endianess issue
|
| |
|
|
|
|
| |
In the main dissector callbacks the flow protocols are (almost) always
unknown. Only two exceptions:
* extra dissection data path
* HTTP sub-protocols
|
| |
|
|
|
| |
* added additional (more restrictive) checks
Signed-off-by: lns <matzeton@googlemail.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fixed invalid use of ndpi_free(). Sorry, my fault.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fine tuned symbol check script.
* added check for expected syms in modules
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---------
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | |
|
| |
|
| |
There is no BitTorrent hash in the DNS flows
|
| |
|
|
|
| |
* added CI check
Signed-off-by: lns <matzeton@googlemail.com>
|
| | |
|
| |
|
|
|
| |
* add illegal gambling sites (Belgium)
Signed-off-by: lns <matzeton@googlemail.com>
|
| | |
|
| | |
|
| | |
|
| | |
|