libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
*	Update libinjection code (#1918)	Ivan Nardi	2023-04-04
\| \| \| \| \| \| \| \| \| \|	Update libinjection code to the current master https://github.com/libinjection/libinjection/commit/7e4b74e824dc3f0623ba4894df2a0d817351ec39 The goal is to finally fix #1820 See: https://github.com/libinjection/libinjection/issues/33 Update the corpus of the libinjection fuzzers Close #1820
*	fuzz: add a new fuzzer to test TLS certificates (#1901)	Ivan Nardi	2023-03-20
\|
*	fuzz: extend fuzz coverage (#1888)	Ivan Nardi	2023-02-16
\|
*	fuzz: some improvements and add two new fuzzers (#1881)	Ivan Nardi	2023-02-09
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Remove `FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION` define from `fuzz/Makefile.am`; it is already included by the main configure script (when fuzzing). Add a knob to force disabling of AESNI optimizations: this way we can fuzz also no-aesni crypto code. Move CRC32 algorithm into the library. Add some fake traces to extend fuzzing coverage. Note that these traces are hand-made (via scapy/curl) and must not be used as "proof" that the dissectors are really able to identify this kind of traffic. Some small updates to some dissectors: CSGO: remove a wrong rule (never triggered, BTW). Any UDP packet starting with "VS01" will be classified as STEAM (see steam.c around line 111). Googling it, it seems right so. XBOX: XBOX only analyses UDP flows while HTTP only TCP ones; therefore that condition is false. RTP, STUN: removed useless "break"s Zattoo: `flow->zattoo_stage` is never set to any values greater or equal to 5, so these checks are never true. PPStream: `flow->l4.udp.ppstream_stage` is never read. Delete it. TeamSpeak: we check for `flow->packet_counter == 3` just above, so the following check `flow->packet_counter >= 3` is always false.
*	fuzz: add a new fuzzer to test serialization/deserialization code (#1876)	Ivan Nardi	2023-01-27
\| \| \| \| \| \| \| \| \| \|	Autodetecting the needed buffer size is quite complex (especially with float/double values) so it is mandatory to properly check for `ndpi_snprintf` truncation. These issues have been undetected so far probably because the default buffer is big enough for all common cases. Add an example of usage of `ndpi_deserialize_clone_all()` (taken from `ntopng`)
*	Add some fuzzers to test other data structures. (#1870)	Ivan Nardi	2023-01-25
\| \| \| \| \| \| \|	Start using a dictionary for fuzzing (see: https://llvm.org/docs/LibFuzzer.html#dictionaries). Remove some dead code. Fuzzing with debug enabled is not usually a great idea (from performance POV). Keep the code since it might be useful while debugging.
*	fuzz: fix memory allocation failure logic (#1867)	Ivan Nardi	2023-01-20
\| \| \| \| \|	We do want to have some allocation errors. Fix some related bugs Fix: 29be01ef
*	Add some fuzzers to test algorithms and data structures (#1852)	Ivan Nardi	2023-01-17
\| \| \|	Fix some issues found with these new fuzzers
*	Add a new fuzzer for QUIC (#1800)	Ivan Nardi	2022-12-01
	QUIC packets are encrypted/obfuscated; that means that we need to decrypt them before parsing the real (TLS) message. Fuzzing is not effective here, since a random buffer is hardly a valid encrypted QUIC packet. Add a new fuzzer, testing decrypted QUIC packets. Add a basic corpus. Fix a few bugs already found by this fuzzer.