From 42d24f8799836025e4526ebb30f34750d528b980 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Mon, 30 Oct 2023 10:28:19 +0100
Subject: STUN: major code rework (#2116)

Try to have a faster classification, on first packet; use standard extra
dissection data path for sub-classification, metadata extraction and
monitoring.

STUN caches:
* use the proper confidence value
* lookup into the caches only once per flow, after having found a proper
STUN classification

Add identification of Telegram VoIP calls.
---
 fuzz/Makefile.am                 |  41 ++++++++++++++++++++++++++++++++++++---
 fuzz/corpus/fuzz_is_stun_tcp/1   | Bin 0 -> 28 bytes
 fuzz/corpus/fuzz_is_stun_tcp/10  | Bin 0 -> 192 bytes
 fuzz/corpus/fuzz_is_stun_tcp/11  | Bin 0 -> 100 bytes
 fuzz/corpus/fuzz_is_stun_tcp/13  | Bin 0 -> 4 bytes
 fuzz/corpus/fuzz_is_stun_tcp/2   | Bin 0 -> 112 bytes
 fuzz/corpus/fuzz_is_stun_tcp/20  | Bin 0 -> 106 bytes
 fuzz/corpus/fuzz_is_stun_tcp/21  | Bin 0 -> 98 bytes
 fuzz/corpus/fuzz_is_stun_tcp/22  | Bin 0 -> 114 bytes
 fuzz/corpus/fuzz_is_stun_tcp/23  | Bin 0 -> 98 bytes
 fuzz/corpus/fuzz_is_stun_tcp/3   | Bin 0 -> 108 bytes
 fuzz/corpus/fuzz_is_stun_tcp/30  | Bin 0 -> 84 bytes
 fuzz/corpus/fuzz_is_stun_tcp/4   | Bin 0 -> 112 bytes
 fuzz/corpus/fuzz_is_stun_tcp/5   | Bin 0 -> 112 bytes
 fuzz/corpus/fuzz_is_stun_tcp/6   | Bin 0 -> 168 bytes
 fuzz/corpus/fuzz_is_stun_tcp/7   | Bin 0 -> 80 bytes
 fuzz/corpus/fuzz_is_stun_tcp/8   | Bin 0 -> 108 bytes
 fuzz/corpus/fuzz_is_stun_tcp/9   | Bin 0 -> 120 bytes
 fuzz/corpus/fuzz_is_stun_udp/1   | Bin 0 -> 20 bytes
 fuzz/corpus/fuzz_is_stun_udp/10  | Bin 0 -> 140 bytes
 fuzz/corpus/fuzz_is_stun_udp/11  | Bin 0 -> 120 bytes
 fuzz/corpus/fuzz_is_stun_udp/12  | Bin 0 -> 100 bytes
 fuzz/corpus/fuzz_is_stun_udp/13  | Bin 0 -> 52 bytes
 fuzz/corpus/fuzz_is_stun_udp/2   | Bin 0 -> 28 bytes
 fuzz/corpus/fuzz_is_stun_udp/3   | Bin 0 -> 124 bytes
 fuzz/corpus/fuzz_is_stun_udp/31  | Bin 0 -> 128 bytes
 fuzz/corpus/fuzz_is_stun_udp/4   | Bin 0 -> 84 bytes
 fuzz/corpus/fuzz_is_stun_udp/5   | Bin 0 -> 116 bytes
 fuzz/corpus/fuzz_is_stun_udp/6   | Bin 0 -> 96 bytes
 fuzz/corpus/fuzz_is_stun_udp/7   | Bin 0 -> 120 bytes
 fuzz/corpus/fuzz_is_stun_udp/8   | Bin 0 -> 132 bytes
 fuzz/corpus/fuzz_is_stun_udp/9   | Bin 0 -> 52 bytes
 fuzz/corpus/fuzz_is_stun_udp/a   | Bin 0 -> 312 bytes
 fuzz/corpus/fuzz_is_stun_udp/b   | Bin 0 -> 68 bytes
 fuzz/corpus/fuzz_is_stun_udp/c   | Bin 0 -> 68 bytes
 fuzz/corpus/fuzz_is_stun_udp/c1  | Bin 0 -> 28 bytes
 fuzz/corpus/fuzz_is_stun_udp/c2  | Bin 0 -> 32 bytes
 fuzz/corpus/fuzz_is_stun_udp/d   | Bin 0 -> 68 bytes
 fuzz/corpus/fuzz_is_stun_udp/e   | Bin 0 -> 20 bytes
 fuzz/corpus/fuzz_is_stun_udp/f   | Bin 0 -> 20 bytes
 fuzz/corpus/fuzz_is_stun_udp/q   | Bin 0 -> 372 bytes
 fuzz/corpus/fuzz_is_stun_udp/q1  | Bin 0 -> 372 bytes
 fuzz/corpus/fuzz_is_stun_udp/q10 | Bin 0 -> 44 bytes
 fuzz/corpus/fuzz_is_stun_udp/q11 | Bin 0 -> 44 bytes
 fuzz/corpus/fuzz_is_stun_udp/q12 | Bin 0 -> 220 bytes
 fuzz/corpus/fuzz_is_stun_udp/q2  | Bin 0 -> 68 bytes
 fuzz/corpus/fuzz_is_stun_udp/q3  | Bin 0 -> 68 bytes
 fuzz/fuzz_is_stun.c              |  38 ++++++++++++++++++++++++++++++++++++
 48 files changed, 76 insertions(+), 3 deletions(-)
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/1
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/10
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/11
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/13
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/2
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/20
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/21
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/22
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/23
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/3
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/30
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/4
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/5
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/6
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/7
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/8
 create mode 100644 fuzz/corpus/fuzz_is_stun_tcp/9
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/1
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/10
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/11
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/12
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/13
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/2
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/3
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/31
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/4
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/5
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/6
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/7
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/8
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/9
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/a
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/b
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/c
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/c1
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/c2
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/d
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/e
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/f
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/q
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/q1
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/q10
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/q11
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/q12
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/q2
 create mode 100644 fuzz/corpus/fuzz_is_stun_udp/q3
 create mode 100644 fuzz/fuzz_is_stun.c

(limited to 'fuzz')

diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am
index 360b39a46..2cb21cc21 100644
--- a/fuzz/Makefile.am
+++ b/fuzz/Makefile.am
@@ -1,4 +1,4 @@
-bin_PROGRAMS = fuzz_process_packet fuzz_ndpi_reader fuzz_ndpi_reader_alloc_fail fuzz_ndpi_reader_payload_analyzer fuzz_quic_get_crypto_data fuzz_config fuzz_community_id fuzz_serialization fuzz_tls_certificate fuzz_dga
+bin_PROGRAMS = fuzz_process_packet fuzz_ndpi_reader fuzz_ndpi_reader_alloc_fail fuzz_ndpi_reader_payload_analyzer fuzz_quic_get_crypto_data fuzz_config fuzz_community_id fuzz_serialization fuzz_tls_certificate fuzz_dga fuzz_is_stun_udp fuzz_is_stun_tcp
 #Alghoritms
 bin_PROGRAMS += fuzz_alg_bins fuzz_alg_hll fuzz_alg_hw_rsi_outliers_da fuzz_alg_jitter fuzz_alg_ses_des fuzz_alg_crc32_md5 fuzz_alg_bytestream
 #Data structures
@@ -412,6 +412,32 @@ fuzz_dga_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
     $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \
     $(fuzz_dga_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@
 
+fuzz_is_stun_udp_SOURCES = fuzz_is_stun.c fuzz_common_code.c
+fuzz_is_stun_udp_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS)
+fuzz_is_stun_udp_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS)
+fuzz_is_stun_udp_LDFLAGS = $(LIBS)
+if HAS_FUZZLDFLAGS
+fuzz_is_stun_udp_CFLAGS += $(LIB_FUZZING_ENGINE)
+fuzz_is_stun_udp_LDFLAGS += $(LIB_FUZZING_ENGINE)
+endif
+# force usage of CXX for linker
+fuzz_is_stun_udp_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+    $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \
+    $(fuzz_is_stun_udp_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@
+
+fuzz_is_stun_tcp_SOURCES = fuzz_is_stun.c fuzz_common_code.c
+fuzz_is_stun_tcp_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -DSTUN_TCP
+fuzz_is_stun_tcp_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS)
+fuzz_is_stun_tcp_LDFLAGS = $(LIBS)
+if HAS_FUZZLDFLAGS
+fuzz_is_stun_tcp_CFLAGS += $(LIB_FUZZING_ENGINE)
+fuzz_is_stun_tcp_LDFLAGS += $(LIB_FUZZING_ENGINE)
+endif
+# force usage of CXX for linker
+fuzz_is_stun_tcp_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+    $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \
+    $(fuzz_is_stun_tcp_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@
+
 fuzz_gcrypt_light_SOURCES = fuzz_gcrypt_light.cpp fuzz_common_code.c
 fuzz_gcrypt_light_CXXFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -I ../src/lib/third_party/include/
 fuzz_gcrypt_light_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -I ../src/lib/third_party/include/
@@ -555,10 +581,17 @@ fuzz_serialization_seed_corpus.zip: $(files_corpus_fuzz_serialization)
 	zip -j fuzz_serialization_seed_corpus.zip $(files_corpus_fuzz_serialization)
 
 files_corpus_fuzz_community_id :=  $(wildcard corpus/fuzz_community_id/*)
-
 fuzz_community_id_seed_corpus.zip: $(files_corpus_fuzz_community_id)
 	zip -j fuzz_community_id_seed_corpus.zip $(files_corpus_fuzz_community_id)
 
+files_corpus_fuzz_is_stun_udp :=  $(wildcard corpus/fuzz_is_stun_udp/*)
+fuzz_is_stun_udp_seed_corpus.zip: $(files_corpus_fuzz_is_stun_udp)
+	zip -j fuzz_is_stun_udp_seed_corpus.zip $(files_corpus_fuzz_is_stun_udp)
+
+files_corpus_fuzz_is_stun_tcp :=  $(wildcard corpus/fuzz_is_stun_tcp/*)
+fuzz_is_stun_tcp_seed_corpus.zip: $(files_corpus_fuzz_is_stun_tcp)
+	zip -j fuzz_is_stun_tcp_seed_corpus.zip $(files_corpus_fuzz_is_stun_tcp)
+
 files_corpus_fuzz_ds_patricia :=  $(wildcard corpus/fuzz_ds_patricia/*)
 fuzz_ds_patricia_seed_corpus.zip: $(files_corpus_fuzz_ds_patricia)
 	zip -j fuzz_ds_patricia_seed_corpus.zip $(files_corpus_fuzz_ds_patricia)
@@ -639,7 +672,7 @@ files_corpus_fuzz_ds_domain_classify :=  $(wildcard corpus/fuzz_ds_domain_classi
 fuzz_ds_domain_classify_seed_corpus.zip: $(files_corpus_fuzz_ds_domain_classify)
 	zip -j fuzz_ds_domain_classify_seed_corpus.zip $(files_corpus_fuzz_ds_domain_classify)
 
-corpus: fuzz_ndpi_reader_seed_corpus.zip fuzz_ndpi_reader_alloc_fail_seed_corpus.zip fuzz_ndpi_reader_payload_analyzer_seed_corpus.zip fuzz_quic_get_crypto_data_seed_corpus.zip fuzz_config_seed_corpus.zip fuzz_ds_patricia_seed_corpus.zip fuzz_ds_ahocorasick_seed_corpus.zip fuzz_alg_ses_des_seed_corpus.zip fuzz_alg_hw_rsi_outliers_da_seed_corpus.zip fuzz_alg_bins_seed_corpus.zip fuzz_alg_hll_seed_corpus.zip fuzz_alg_jitter_seed_corpus.zip fuzz_ds_libcache_seed_corpus.zip fuzz_community_id_seed_corpus.zip fuzz_ds_tree_seed_corpus.zip fuzz_serialization_seed_corpus.zip fuzz_ds_ptree_seed_corpus.zip fuzz_alg_crc32_md5_seed_corpus.zip fuzz_alg_bytestream_seed_corpus.zip fuzz_libinjection_seed_corpus.zip fuzz_tls_certificate_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip fuzz_readerutils_workflow_seed_corpus.zip fuzz_readerutils_parseprotolist_seed_corpus.zip fuzz_ds_bitmap64_seed_corpus.zip fuzz_ds_domain_classify_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip
+corpus: fuzz_ndpi_reader_seed_corpus.zip fuzz_ndpi_reader_alloc_fail_seed_corpus.zip fuzz_ndpi_reader_payload_analyzer_seed_corpus.zip fuzz_quic_get_crypto_data_seed_corpus.zip fuzz_config_seed_corpus.zip fuzz_ds_patricia_seed_corpus.zip fuzz_ds_ahocorasick_seed_corpus.zip fuzz_alg_ses_des_seed_corpus.zip fuzz_alg_hw_rsi_outliers_da_seed_corpus.zip fuzz_alg_bins_seed_corpus.zip fuzz_alg_hll_seed_corpus.zip fuzz_alg_jitter_seed_corpus.zip fuzz_ds_libcache_seed_corpus.zip fuzz_community_id_seed_corpus.zip fuzz_ds_tree_seed_corpus.zip fuzz_serialization_seed_corpus.zip fuzz_ds_ptree_seed_corpus.zip fuzz_alg_crc32_md5_seed_corpus.zip fuzz_alg_bytestream_seed_corpus.zip fuzz_libinjection_seed_corpus.zip fuzz_tls_certificate_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip fuzz_readerutils_workflow_seed_corpus.zip fuzz_readerutils_parseprotolist_seed_corpus.zip fuzz_ds_bitmap64_seed_corpus.zip fuzz_ds_domain_classify_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip fuzz_is_stun_udp_seed_corpus.zip fuzz_is_stun_tcp_seed_corpus.zip
 	cp corpus/fuzz_*seed_corpus.zip .
 
 #Create dictionaries exactly as expected by oss-fuzz.
@@ -672,6 +705,8 @@ distdir:
 		-o -path './corpus/fuzz_readerutils_workflow/*' \
 		-o -path './corpus/fuzz_readerutils_parseprotolist/*' \
 		-o -path './corpus/fuzz_config/*' \
+		-o -path './corpus/fuzz_is_stun_udp/*' \
+		-o -path './corpus/fuzz_is_stun_tcp/*' \
 		-o -path './corpus/fuzz_serialization/*' \
 		-o -path './corpus/fuzz_community_id/*' \
 		-o -path './corpus/fuzz_libinjection/*' \
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/1 b/fuzz/corpus/fuzz_is_stun_tcp/1
new file mode 100644
index 000000000..1f13a27a7
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/1 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/10 b/fuzz/corpus/fuzz_is_stun_tcp/10
new file mode 100644
index 000000000..37e17ee5d
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/10 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/11 b/fuzz/corpus/fuzz_is_stun_tcp/11
new file mode 100644
index 000000000..9d622b3e3
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/11 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/13 b/fuzz/corpus/fuzz_is_stun_tcp/13
new file mode 100644
index 000000000..e979df8cd
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/13 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/2 b/fuzz/corpus/fuzz_is_stun_tcp/2
new file mode 100644
index 000000000..e7ee537fd
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/2 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/20 b/fuzz/corpus/fuzz_is_stun_tcp/20
new file mode 100644
index 000000000..da4835462
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/20 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/21 b/fuzz/corpus/fuzz_is_stun_tcp/21
new file mode 100644
index 000000000..f1652efa4
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/21 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/22 b/fuzz/corpus/fuzz_is_stun_tcp/22
new file mode 100644
index 000000000..d5bd06be7
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/22 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/23 b/fuzz/corpus/fuzz_is_stun_tcp/23
new file mode 100644
index 000000000..f1652efa4
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/23 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/3 b/fuzz/corpus/fuzz_is_stun_tcp/3
new file mode 100644
index 000000000..5975001dc
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/3 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/30 b/fuzz/corpus/fuzz_is_stun_tcp/30
new file mode 100644
index 000000000..389c8a620
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/30 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/4 b/fuzz/corpus/fuzz_is_stun_tcp/4
new file mode 100644
index 000000000..69e393095
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/4 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/5 b/fuzz/corpus/fuzz_is_stun_tcp/5
new file mode 100644
index 000000000..80db8a335
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/5 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/6 b/fuzz/corpus/fuzz_is_stun_tcp/6
new file mode 100644
index 000000000..8e4e54bd3
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/6 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/7 b/fuzz/corpus/fuzz_is_stun_tcp/7
new file mode 100644
index 000000000..303bdcd21
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/7 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/8 b/fuzz/corpus/fuzz_is_stun_tcp/8
new file mode 100644
index 000000000..67f400888
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/8 differ
diff --git a/fuzz/corpus/fuzz_is_stun_tcp/9 b/fuzz/corpus/fuzz_is_stun_tcp/9
new file mode 100644
index 000000000..6b4daeafa
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_tcp/9 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/1 b/fuzz/corpus/fuzz_is_stun_udp/1
new file mode 100644
index 000000000..e28a81bbf
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/1 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/10 b/fuzz/corpus/fuzz_is_stun_udp/10
new file mode 100644
index 000000000..5d5cd5f71
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/10 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/11 b/fuzz/corpus/fuzz_is_stun_udp/11
new file mode 100644
index 000000000..73c5ce60e
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/11 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/12 b/fuzz/corpus/fuzz_is_stun_udp/12
new file mode 100644
index 000000000..9b5871513
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/12 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/13 b/fuzz/corpus/fuzz_is_stun_udp/13
new file mode 100644
index 000000000..7b60ce798
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/13 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/2 b/fuzz/corpus/fuzz_is_stun_udp/2
new file mode 100644
index 000000000..e183759db
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/2 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/3 b/fuzz/corpus/fuzz_is_stun_udp/3
new file mode 100644
index 000000000..184e7c508
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/3 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/31 b/fuzz/corpus/fuzz_is_stun_udp/31
new file mode 100644
index 000000000..0365ecb77
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/31 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/4 b/fuzz/corpus/fuzz_is_stun_udp/4
new file mode 100644
index 000000000..923ac68bb
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/4 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/5 b/fuzz/corpus/fuzz_is_stun_udp/5
new file mode 100644
index 000000000..135ae982c
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/5 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/6 b/fuzz/corpus/fuzz_is_stun_udp/6
new file mode 100644
index 000000000..8587de335
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/6 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/7 b/fuzz/corpus/fuzz_is_stun_udp/7
new file mode 100644
index 000000000..0d758aaf2
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/7 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/8 b/fuzz/corpus/fuzz_is_stun_udp/8
new file mode 100644
index 000000000..8c8015e46
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/8 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/9 b/fuzz/corpus/fuzz_is_stun_udp/9
new file mode 100644
index 000000000..1c02600d6
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/9 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/a b/fuzz/corpus/fuzz_is_stun_udp/a
new file mode 100644
index 000000000..6957d60b7
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/a differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/b b/fuzz/corpus/fuzz_is_stun_udp/b
new file mode 100644
index 000000000..e814be29f
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/b differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/c b/fuzz/corpus/fuzz_is_stun_udp/c
new file mode 100644
index 000000000..e814be29f
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/c differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/c1 b/fuzz/corpus/fuzz_is_stun_udp/c1
new file mode 100644
index 000000000..0a5e47172
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/c1 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/c2 b/fuzz/corpus/fuzz_is_stun_udp/c2
new file mode 100644
index 000000000..635cde00c
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/c2 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/d b/fuzz/corpus/fuzz_is_stun_udp/d
new file mode 100644
index 000000000..21de91869
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/d differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/e b/fuzz/corpus/fuzz_is_stun_udp/e
new file mode 100644
index 000000000..d145e02b1
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/e differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/f b/fuzz/corpus/fuzz_is_stun_udp/f
new file mode 100644
index 000000000..cee523a13
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/f differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/q b/fuzz/corpus/fuzz_is_stun_udp/q
new file mode 100644
index 000000000..7e440f7ed
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/q differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/q1 b/fuzz/corpus/fuzz_is_stun_udp/q1
new file mode 100644
index 000000000..eb71bd82b
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/q1 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/q10 b/fuzz/corpus/fuzz_is_stun_udp/q10
new file mode 100644
index 000000000..0185e21ee
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/q10 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/q11 b/fuzz/corpus/fuzz_is_stun_udp/q11
new file mode 100644
index 000000000..bb106a234
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/q11 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/q12 b/fuzz/corpus/fuzz_is_stun_udp/q12
new file mode 100644
index 000000000..e56a6dbd2
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/q12 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/q2 b/fuzz/corpus/fuzz_is_stun_udp/q2
new file mode 100644
index 000000000..c69a11bec
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/q2 differ
diff --git a/fuzz/corpus/fuzz_is_stun_udp/q3 b/fuzz/corpus/fuzz_is_stun_udp/q3
new file mode 100644
index 000000000..5cb0447d1
Binary files /dev/null and b/fuzz/corpus/fuzz_is_stun_udp/q3 differ
diff --git a/fuzz/fuzz_is_stun.c b/fuzz/fuzz_is_stun.c
new file mode 100644
index 000000000..b8b80c097
--- /dev/null
+++ b/fuzz/fuzz_is_stun.c
@@ -0,0 +1,38 @@
+#define NDPI_LIB_COMPILATION
+
+#include "ndpi_api.h"
+#include "fuzz_common_code.h"
+
+static struct ndpi_detection_module_struct *ndpi_struct = NULL;
+static struct ndpi_flow_struct ndpi_flow;
+#ifdef STUN_TCP
+struct ndpi_tcphdr tcph;
+#else
+struct ndpi_udphdr udph;
+#endif
+
+extern int is_stun(struct ndpi_detection_module_struct *ndpi_struct,
+                   struct ndpi_flow_struct *flow,
+                   u_int16_t *app_proto);
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+  u_int16_t app_proto; /* unused */
+  struct ndpi_packet_struct *packet;
+
+  if (ndpi_struct == NULL) {
+    fuzz_init_detection_module(&ndpi_struct);
+  }
+
+  packet = &ndpi_struct->packet;
+  packet->payload = data;
+  packet->payload_packet_len = size;
+#ifndef STUN_TCP
+  packet->udp = &udph;
+#else
+  packet->tcp = &tcph;
+#endif
+
+  is_stun(ndpi_struct, &ndpi_flow, &app_proto);
+  return 0;
+}
-- 
cgit v1.2.3