From 0c1322a7185b71e5a52a659b147c96529ed328a7 Mon Sep 17 00:00:00 2001 From: Nardi Ivan Date: Wed, 1 Apr 2020 16:23:06 +0200 Subject: s7comm: fix heap-overflow error --- src/lib/protocols/s7comm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/lib/protocols') diff --git a/src/lib/protocols/s7comm.c b/src/lib/protocols/s7comm.c index 8a522a2c7..7d2b92642 100644 --- a/src/lib/protocols/s7comm.c +++ b/src/lib/protocols/s7comm.c @@ -31,7 +31,7 @@ void ndpi_search_s7comm_tcp(struct ndpi_detection_module_struct *ndpi_struct, u_int16_t s7comm_port = htons(102); if(packet->tcp) { - if((packet->payload[0]==0x03)&&(packet->payload[1]==0x00)&&((packet->tcp->dest == s7comm_port) || (packet->tcp->source == s7comm_port))) { + if((packet->payload_packet_len >= 2) && (packet->payload[0]==0x03)&&(packet->payload[1]==0x00)&&((packet->tcp->dest == s7comm_port) || (packet->tcp->source == s7comm_port))) { NDPI_LOG_INFO(ndpi_struct, "found S7\n"); ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_S7COMM, NDPI_PROTOCOL_UNKNOWN); -- cgit v1.2.3 From 7b690d8b2d67ae5096941abae536ecdf75bf4540 Mon Sep 17 00:00:00 2001 From: Nardi Ivan Date: Wed, 1 Apr 2020 16:23:28 +0200 Subject: kerberos: fix heap-overflow error --- src/lib/protocols/kerberos.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/lib/protocols') diff --git a/src/lib/protocols/kerberos.c b/src/lib/protocols/kerberos.c index 2aa73dd39..ff16545f5 100644 --- a/src/lib/protocols/kerberos.c +++ b/src/lib/protocols/kerberos.c @@ -189,7 +189,7 @@ void ndpi_search_kerberos(struct ndpi_detection_module_struct *ndpi_struct, body_offset = koffsetp + 1 + pad_len; - for(i=0; i<10; i++) if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */ + for(i=0; i<10; i++) if(body_offsetpayload_packet_len && packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */ #ifdef KERBEROS_DEBUG printf("body_offset=%u [%02X %02X] [byte 0 must be 0x05]\n", body_offset, packet->payload[body_offset], packet->payload[body_offset+1]); #endif -- cgit v1.2.3 From a60854bae683c3b16c023d03b02bdcd139ca0bfd Mon Sep 17 00:00:00 2001 From: Nardi Ivan Date: Mon, 6 Apr 2020 17:58:20 +0200 Subject: Fix some debug messages --- example/ndpiReader.c | 3 ++- src/lib/ndpi_main.c | 4 ++-- src/lib/protocols/ftp_control.c | 4 ++-- src/lib/protocols/mail_smtp.c | 4 ++-- 4 files changed, 8 insertions(+), 7 deletions(-) (limited to 'src/lib/protocols') diff --git a/example/ndpiReader.c b/example/ndpiReader.c index bc9df4294..6457cbf09 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -1117,7 +1117,8 @@ static void printFlow(u_int16_t id, struct ndpi_flow_info *flow, u_int16_t threa flowGetBDMeanandVariance(flow); } - fprintf(csv_fp, "\n"); + if(csv_fp) + fprintf(csv_fp, "\n"); return; } diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 8816ea6cb..88b4fecaf 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -491,7 +491,7 @@ static int ndpi_add_host_url_subprotocol(struct ndpi_detection_module_struct *nd if(!value) return(-1); #ifdef DEBUG - NDPI_LOG_DEBUG2(ndpi_str, "[NDPI] Adding [%s][%d]\n", value, protocol_id); + NDPI_LOG_DBG2(ndpi_str, "[NDPI] Adding [%s][%d]\n", value, protocol_id); #endif rv = ndpi_string_to_automa(ndpi_str, @@ -3030,7 +3030,7 @@ void ndpi_set_bitmask_protocol_detection(char * label, */ if(NDPI_COMPARE_PROTOCOL_TO_BITMASK(*detection_bitmask, ndpi_protocol_id) != 0) { #ifdef DEBUG - NDPI_LOG_DBG2(ndpi_str + NDPI_LOG_DBG2(ndpi_str, "[NDPI] ndpi_set_bitmask_protocol_detection: %s : [callback_buffer] idx= %u, [proto_defaults] protocol_id=%u\n", label, idx, ndpi_protocol_id); #endif diff --git a/src/lib/protocols/ftp_control.c b/src/lib/protocols/ftp_control.c index 56d2e8d31..a56f2cd61 100644 --- a/src/lib/protocols/ftp_control.c +++ b/src/lib/protocols/ftp_control.c @@ -43,7 +43,7 @@ static int ndpi_ftp_control_check_request(struct ndpi_flow_struct *flow, const u_int8_t *payload, size_t payload_len) { #ifdef FTP_DEBUG - printf("%s() [%s]\n", __FUNCTION__, payload); + printf("%s() [%.*s]\n", __FUNCTION__, (int)payload_len, payload); #endif if(ndpi_match_strprefix(payload, payload_len, "USER")) { @@ -550,7 +550,7 @@ static int ndpi_ftp_control_check_response(struct ndpi_flow_struct *flow, const u_int8_t *payload, size_t payload_len) { #ifdef FTP_DEBUG - printf("%s() [%s]\n", __FUNCTION__, payload); + printf("%s() [%.*s]\n", __FUNCTION__, (int)payload_len, payload); #endif if(payload_len == 0) return(1); diff --git a/src/lib/protocols/mail_smtp.c b/src/lib/protocols/mail_smtp.c index 0b4c47be8..025161be8 100644 --- a/src/lib/protocols/mail_smtp.c +++ b/src/lib/protocols/mail_smtp.c @@ -125,7 +125,7 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct, && (packet->line[a].ptr[3] == 'H' || packet->line[a].ptr[3] == 'h') && packet->line[a].ptr[4] == ' ') { #ifdef SMTP_DEBUG - printf("%s() AUTH [%s]\n", __FUNCTION__, packet->line[a].ptr); + printf("%s() AUTH [%.*s]\n", __FUNCTION__, packet->line[a].len, packet->line[a].ptr); #endif flow->l4.tcp.smtp_command_bitmask |= SMTP_BIT_AUTH; @@ -133,7 +133,7 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct, } else { if(packet->line[a].ptr[3] != ' ') { #ifdef SMTP_DEBUG - printf("%s() => [%s]\n", __FUNCTION__, packet->line[a].ptr); + printf("%s() => [%.*s]\n", __FUNCTION__, packet->line[a].len, packet->line[a].ptr); #endif if(flow->protos.ftp_imap_pop_smtp.auth_found) { -- cgit v1.2.3