From 5cf3fef8f7edc14d1f62750782901b8eec997b2a Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Wed, 29 Sep 2021 13:11:32 +0200
Subject: Remove `detected_protocol_stack` field from `ndpi_packet_struct`
 (#1317)

This field is an exact copy of `ndpi_flow_struct->detected_protocol_stack[2]`:
* at the very beginning of packet dissection, the value saved in
`flow->detected_protocol_stack` is copied in `packet->detected_protocol_stack`
(via `ndpi_detection_process_packet()` -> `ndpi_init_packet_header()`)

* every time we update `flow->detected_protocol_stack` we update
`packet->detected_protocol_stack` too (via `ndpi_int_change_protocol()`
-> `ndpi_int_change_packet_protocol()`)

These two fields are always in sync: keeping the same value in two
different places is useless.
---
 src/lib/protocols/dns.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'src/lib/protocols/dns.c')

diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c
index 987133213..fdc5cb5b0 100644
--- a/src/lib/protocols/dns.c
+++ b/src/lib/protocols/dns.c
@@ -308,8 +308,8 @@ static int search_valid_dns(struct ndpi_detection_module_struct *ndpi_struct,
 	}
       }
 
-      if((flow->packet.detected_protocol_stack[0] == NDPI_PROTOCOL_DNS)
-	 || (flow->packet.detected_protocol_stack[1] == NDPI_PROTOCOL_DNS)) {
+      if((flow->detected_protocol_stack[0] == NDPI_PROTOCOL_DNS)
+	 || (flow->detected_protocol_stack[1] == NDPI_PROTOCOL_DNS)) {
 	/* Request already set the protocol */
 	// flow->extra_packets_func = NULL; /* Removed so the caller can keep dissecting DNS flows */
       } else {
@@ -500,7 +500,7 @@ static void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, st
 		  );
 #endif
 
-    if(flow->packet.detected_protocol_stack[0] == NDPI_PROTOCOL_UNKNOWN) {
+    if(flow->detected_protocol_stack[0] == NDPI_PROTOCOL_UNKNOWN) {
       /**
 	 Do not set the protocol with DNS if ndpi_match_host_subprotocol() has
 	 matched a subprotocol
@@ -508,8 +508,8 @@ static void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, st
       NDPI_LOG_INFO(ndpi_struct, "found DNS\n");
       ndpi_set_detected_protocol(ndpi_struct, flow, ret.app_protocol, ret.master_protocol);
     } else {
-      if((flow->packet.detected_protocol_stack[0] == NDPI_PROTOCOL_DNS)
-	 || (flow->packet.detected_protocol_stack[1] == NDPI_PROTOCOL_DNS))
+      if((flow->detected_protocol_stack[0] == NDPI_PROTOCOL_DNS)
+	 || (flow->detected_protocol_stack[1] == NDPI_PROTOCOL_DNS))
 	;
       else
 	NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
@@ -519,8 +519,8 @@ static void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, st
   if(flow->packet_counter > 3)
     NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
 
-  if((flow->packet.detected_protocol_stack[0] == NDPI_PROTOCOL_DNS)
-     || (flow->packet.detected_protocol_stack[1] == NDPI_PROTOCOL_DNS)) {
+  if((flow->detected_protocol_stack[0] == NDPI_PROTOCOL_DNS)
+     || (flow->detected_protocol_stack[1] == NDPI_PROTOCOL_DNS)) {
     /* TODO: add support to RFC6891 to avoid some false positives */
     if(flow->packet.udp != NULL && flow->packet.payload_packet_len > PKT_LEN_ALERT)
       ndpi_set_risk(ndpi_struct, flow, NDPI_DNS_LARGE_PACKET);
-- 
cgit v1.2.3