From b51a2ac72a3cbd1b470890d0151a46da28e6754e Mon Sep 17 00:00:00 2001 From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> Date: Thu, 9 Feb 2023 20:02:12 +0100 Subject: fuzz: some improvements and add two new fuzzers (#1881) Remove `FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION` define from `fuzz/Makefile.am`; it is already included by the main configure script (when fuzzing). Add a knob to force disabling of AESNI optimizations: this way we can fuzz also no-aesni crypto code. Move CRC32 algorithm into the library. Add some fake traces to extend fuzzing coverage. Note that these traces are hand-made (via scapy/curl) and must not be used as "proof" that the dissectors are really able to identify this kind of traffic. Some small updates to some dissectors: CSGO: remove a wrong rule (never triggered, BTW). Any UDP packet starting with "VS01" will be classified as STEAM (see steam.c around line 111). Googling it, it seems right so. XBOX: XBOX only analyses UDP flows while HTTP only TCP ones; therefore that condition is false. RTP, STUN: removed useless "break"s Zattoo: `flow->zattoo_stage` is never set to any values greater or equal to 5, so these checks are never true. PPStream: `flow->l4.udp.ppstream_stage` is never read. Delete it. TeamSpeak: we check for `flow->packet_counter == 3` just above, so the following check `flow->packet_counter >= 3` is always false. --- src/lib/protocols/csgo.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'src/lib/protocols/csgo.c') diff --git a/src/lib/protocols/csgo.c b/src/lib/protocols/csgo.c index a7d0cd130..fc298e781 100644 --- a/src/lib/protocols/csgo.c +++ b/src/lib/protocols/csgo.c @@ -62,12 +62,6 @@ static void ndpi_search_csgo(struct ndpi_detection_module_struct* ndpi_struct, s return; } - if(packet->payload_packet_len >= 36 && w == 0x56533031ul) { - NDPI_LOG_INFO( ndpi_struct, "found csgo udp\n"); - ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_CSGO, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); - return; - } - if(packet->payload_packet_len >= 36 && w == 0x01007364) { uint32_t w2 = htonl(get_u_int32_t(packet->payload, 4)); if(w2 == 0x70696e67) { -- cgit v1.2.3