| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
| |
as mining
Implements #503
|
| | |
|
| | |
|
| |\ |
|
| | |\
| | |
| | | |
Prevent missing text lines and invalid reads past end-of-buffer.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
The recent revert commit applied to ndpi_parse_packet_line_info resurrects an old bug where the last lines in packets that end with a CR+NL will not be parsed. This revert commit is an attempt to prevent invalid reads past the end of the packet buffer. This PR moves the end-of-bounds test to before the 16-bit read and returns if true. This fixes the case where a text line ends aligned to the buffer-end boundary, and it fixes the invalid read issue.
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
|
| | |/
| |
| |
| | |
Slight performance improvements in spotify dissector (avoid doing ntohl and masking in each and all if conditions).
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(#589)
* if one protocol do not have it's regex (pattern_to_match)
then parse it's string (string_to_match) into hex
so we can match every protocol with hyperscan
* fix string2hex()
* fix init_hyperscan():
check return value of string2hex()
|
| | |
|
| | |
|
| |\
| |
| | |
Avoid possible NULL pointer dereference in ndpi_detection_process_packet
|
| | | |
|
| |/ |
|
| |
|
|
| |
Fixes warning
|
| | |
|
| |\
| |
| | |
Move the configure include file inclusion and code depending on it in…
|
| | |
| |
| |
| | |
protected by the NDPI_LIB_COMPILATION define, this should avoid it polluting the environment when including this file from ntopng.
|
| | |
| |
| |
| |
| | |
Added optimization for TCP flows that do not start with a SYN packet: early giveup is performed
Code cleanup
|
| | | |
|
| |/
|
|
| |
Used clang instead of gcc on MacOS
|
| |
|
|
|
| |
Added target for install
Fixes #593
|
| |\
| |
| |
| | |
https://github.com/eglooca/ndpi-pr into eglooca-pr-remove-autoconf-include
|
| | |
| |
| |
| |
| |
| | |
Including this file in any "public" API header breaks all projects that also use autotools because macros such as PACKAGE_VERSION will be redefined.
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
|
| |\ \
| | |
| | | |
ndpi_typedefs.h : missing include
|
| | | |
| | |
| | |
| | |
| | |
| | | |
include to ndpi_protocol_ids.h needed for:
- NDPI_PROTOCOL_SIZE
- NDPI_MAX_SUPPORTED_PROTOCOLS
- NDPI_MAX_NUM_CUSTOM_PROTOCOLS
|
| |/ /
| |
| |
| | |
.c in ndpi_main.c
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
Include <sys/types.h> for u_int16_t.
|
| | |/
| |
| |
| |
| |
| | |
On various embedded environments (OpenWrt, EdgeOS), <sys/types.h> must be included for u_intX_t types. The Hyperscan changes made recently introducted a u_int16_t member in actypes.h which is undeclared in certainly environments without this include.
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| |/ |
|
| |
|
|
| |
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
|
| | |
|
| |\
| |
| | |
Adjust the SSDP dissector's minimum packet length
|
| | |
| |
| |
| | |
The minimum packet payload length is: "NOTIFY * HTTP/1.1" + 0x0d + 0x0a (19 bytes).
|
| |\ \
| | |
| | | |
Fix end-of-line bounds handling.
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The existing implementation misses ending lines and as a result, fails
to match certain protocols (SMTP for example, which needs to see at
least 3 commain/response matches). It appears from the commit history
that an attempt was made (end-1) to prevent reads past payload length.
This can be ensured by simply not reading any payload that is < 3 bytes.
The updated logic for this loop is:
- Payload length is >= 3 bytes, or return.
- Loop over payload, compare for EOL (CR + NL) sequence.
- If found, process string.
- If index 'a' plus two is less than payload length, increment 'a' by
one and continue.
- Loop return always increments index 'a' by one.
|