From cc39ef0946fe43fe29f24285649b8fbe18238a57 Mon Sep 17 00:00:00 2001 From: Stuart Reilly Date: Fri, 28 Jun 2019 15:53:11 +0100 Subject: Remove duplicate defintions and fix function prototypes --- src/include/ndpi_api.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index a0a3c92af..631ab4038 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -768,7 +768,7 @@ extern "C" { ndpi_proto_defaults_t* ndpi_get_proto_defaults(struct ndpi_detection_module_struct *ndpi_mod); u_int ndpi_get_ndpi_num_supported_protocols(struct ndpi_detection_module_struct *ndpi_mod); u_int ndpi_get_ndpi_num_custom_protocols(struct ndpi_detection_module_struct *ndpi_mod); - u_int ndpi_get_ndpi_detection_module_size(); + u_int ndpi_get_ndpi_detection_module_size(void); void ndpi_set_log_level(struct ndpi_detection_module_struct *ndpi_mod, u_int l); /* LRU cache */ @@ -795,9 +795,9 @@ extern "C" { void set_ndpi_flow_free(void (*__ndpi_flow_free)(void *ptr)); void set_ndpi_debug_function(struct ndpi_detection_module_struct *ndpi_str, ndpi_debug_function_ptr ndpi_debug_printf); - void * ndpi_malloc(size_t size); - void * ndpi_calloc(unsigned long count, size_t size); - void ndpi_free(void *ptr); + //void * ndpi_malloc(size_t size); + //void * ndpi_calloc(unsigned long count, size_t size); + //void ndpi_free(void *ptr); u_int8_t ndpi_get_api_version(); /* https://github.com/corelight/community-id-spec */ -- cgit v1.2.3 From 4b717276614e20feada22e6fe29ea2099ba9fd37 Mon Sep 17 00:00:00 2001 From: Stuart Reilly Date: Fri, 28 Jun 2019 15:55:00 +0100 Subject: Fix two potential OOB reads in ndpi_main.c --- src/lib/ndpi_main.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index fcc159350..56a9bfa5d 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -5683,8 +5683,8 @@ ndpi_protocol_category_t ndpi_get_proto_category(struct ndpi_detection_module_st char* ndpi_get_proto_name(struct ndpi_detection_module_struct *ndpi_mod, u_int16_t proto_id) { if((proto_id >= ndpi_mod->ndpi_num_supported_protocols) - || ((proto_id < (NDPI_MAX_SUPPORTED_PROTOCOLS+NDPI_MAX_NUM_CUSTOM_PROTOCOLS)) - && (ndpi_mod->proto_defaults[proto_id].protoName == NULL))) + || (proto_id < (NDPI_MAX_SUPPORTED_PROTOCOLS+NDPI_MAX_NUM_CUSTOM_PROTOCOLS)) + || (ndpi_mod->proto_defaults[proto_id].protoName == NULL)) proto_id = NDPI_PROTOCOL_UNKNOWN; return(ndpi_mod->proto_defaults[proto_id].protoName); @@ -5695,8 +5695,8 @@ char* ndpi_get_proto_name(struct ndpi_detection_module_struct *ndpi_mod, u_int16 ndpi_protocol_breed_t ndpi_get_proto_breed(struct ndpi_detection_module_struct *ndpi_mod, u_int16_t proto_id) { if((proto_id >= ndpi_mod->ndpi_num_supported_protocols) - || ((proto_id < (NDPI_MAX_SUPPORTED_PROTOCOLS+NDPI_MAX_NUM_CUSTOM_PROTOCOLS)) - && (ndpi_mod->proto_defaults[proto_id].protoName == NULL))) + || (proto_id < (NDPI_MAX_SUPPORTED_PROTOCOLS+NDPI_MAX_NUM_CUSTOM_PROTOCOLS)) + || (ndpi_mod->proto_defaults[proto_id].protoName == NULL)) proto_id = NDPI_PROTOCOL_UNKNOWN; return(ndpi_mod->proto_defaults[proto_id].protoBreed); -- cgit v1.2.3 From bc1b4885de3a80accda894c51c361e2009d54210 Mon Sep 17 00:00:00 2001 From: Stuart Reilly Date: Fri, 28 Jun 2019 16:00:32 +0100 Subject: Fix potential NULL deref in libcache --- src/lib/third_party/src/libcache.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/lib/third_party/src/libcache.c b/src/lib/third_party/src/libcache.c index 4479ff54d..597684ccc 100644 --- a/src/lib/third_party/src/libcache.c +++ b/src/lib/third_party/src/libcache.c @@ -196,7 +196,11 @@ cache_result cache_add(cache_t cache, void *item, uint32_t item_size) { } if(hash_entry_map_prev) { - hash_entry_map_prev->next = hash_entry_map->next; + if (hash_entry_map) { + hash_entry_map_prev->next = hash_entry_map->next; + } else { + hash_entry_map_prev->next = NULL; + } } else { cache->map[hash] = hash_entry_map->next; } -- cgit v1.2.3 From d8ec0a9229ce32b3194de4bda3ae11a5203d4df9 Mon Sep 17 00:00:00 2001 From: Stuart Reilly Date: Fri, 28 Jun 2019 16:08:36 +0100 Subject: Move NULL checks to start of functions --- src/lib/ndpi_main.c | 47 ++++++++++++++++++++++++++--------------------- src/lib/protocols/eaq.c | 8 ++++++++ 2 files changed, 34 insertions(+), 21 deletions(-) (limited to 'src') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 56a9bfa5d..3a420607e 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -3474,24 +3474,23 @@ static int ndpi_init_packet_header(struct ndpi_detection_module_struct *ndpi_str u_int8_t l4protocol; u_int8_t l4_result; - if(flow) { - /* reset payload_packet_len, will be set if ipv4 tcp or udp */ - flow->packet.payload_packet_len = 0; - flow->packet.l4_packet_len = 0; - flow->packet.l3_packet_len = packetlen; - - flow->packet.tcp = NULL; - flow->packet.udp = NULL; - flow->packet.generic_l4_ptr = NULL; + if (!flow) { + return 1; + } + + /* reset payload_packet_len, will be set if ipv4 tcp or udp */ + flow->packet.payload_packet_len = 0; + flow->packet.l4_packet_len = 0; + flow->packet.l3_packet_len = packetlen; + + flow->packet.tcp = NULL; + flow->packet.udp = NULL; + flow->packet.generic_l4_ptr = NULL; #ifdef NDPI_DETECTION_SUPPORT_IPV6 - flow->packet.iphv6 = NULL; + flow->packet.iphv6 = NULL; #endif /* NDPI_DETECTION_SUPPORT_IPV6 */ - } - if(flow) - ndpi_apply_flow_protocol_to_packet(flow, &flow->packet); - else - ndpi_int_reset_packet_protocol(&flow->packet); + ndpi_apply_flow_protocol_to_packet(flow, &flow->packet); l3len = flow->packet.l3_packet_len; @@ -3557,7 +3556,7 @@ static int ndpi_init_packet_header(struct ndpi_detection_module_struct *ndpi_str /* check for new tcp syn packets, here * idea: reset detection state if a connection is unknown */ - if(flow && flow->packet.tcp->syn != 0 + if(flow->packet.tcp->syn != 0 && flow->packet.tcp->ack == 0 && flow->init_finished != 0 && flow->detected_protocol_stack[0] == NDPI_PROTOCOL_UNKNOWN) { @@ -3605,6 +3604,10 @@ void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_struct, const struct ndpi_tcphdr *tcph = packet->tcp; const struct ndpi_udphdr *udph = flow->packet.udp; + if (!flow) { + return; + } + packet->tcp_retransmission = 0, packet->packet_direction = 0; if(ndpi_struct->direction_detect_disable) { @@ -3621,8 +3624,6 @@ void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_struct, } packet->packet_lines_parsed_complete = 0; - if(flow == NULL) - return; if(flow->init_finished == 0) { flow->init_finished = 1; @@ -3717,6 +3718,11 @@ void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_struct, void check_ndpi_other_flow_func(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, NDPI_SELECTION_BITMASK_PROTOCOL_SIZE *ndpi_selection_packet) { + + if (!flow) { + return; + } + void *func = NULL; u_int32_t a; u_int16_t proto_index = ndpi_struct->proto_defaults[flow->guessed_protocol_id].protoIdx; @@ -3742,10 +3748,9 @@ void check_ndpi_other_flow_func(struct ndpi_detection_module_struct *ndpi_struct if((func != ndpi_struct->callback_buffer_non_tcp_udp[a].func) && (ndpi_struct->callback_buffer_non_tcp_udp[a].ndpi_selection_bitmask & *ndpi_selection_packet) == ndpi_struct->callback_buffer_non_tcp_udp[a].ndpi_selection_bitmask - && (flow == NULL - || + && NDPI_BITMASK_COMPARE(flow->excluded_protocol_bitmask, - ndpi_struct->callback_buffer_non_tcp_udp[a].excluded_protocol_bitmask) == 0) + ndpi_struct->callback_buffer_non_tcp_udp[a].excluded_protocol_bitmask) == 0 && NDPI_BITMASK_COMPARE(ndpi_struct->callback_buffer_non_tcp_udp[a].detection_bitmask, detection_bitmask) != 0) { diff --git a/src/lib/protocols/eaq.c b/src/lib/protocols/eaq.c index 8768cac6f..e86b83181 100644 --- a/src/lib/protocols/eaq.c +++ b/src/lib/protocols/eaq.c @@ -41,7 +41,15 @@ static void ndpi_int_eaq_add_connection(struct ndpi_detection_module_struct *ndp void ndpi_search_eaq(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { + if (!flow) { + return; + } + struct ndpi_packet_struct *packet = &flow->packet; + if (!packet) { + return; + } + u_int16_t sport = ntohs(packet->udp->source), dport = ntohs(packet->udp->dest); NDPI_LOG_DBG(ndpi_struct, "search eaq\n"); -- cgit v1.2.3 From 79634a6789df2aedf59fb557699277563a8a4268 Mon Sep 17 00:00:00 2001 From: Stuart Reilly Date: Fri, 28 Jun 2019 16:11:33 +0100 Subject: Fix two resource leaks --- src/lib/third_party/src/ht_hash.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src') diff --git a/src/lib/third_party/src/ht_hash.c b/src/lib/third_party/src/ht_hash.c index 4eaac9bcb..ce50f1669 100644 --- a/src/lib/third_party/src/ht_hash.c +++ b/src/lib/third_party/src/ht_hash.c @@ -24,6 +24,7 @@ hashtable_t *ht_create(int size) { /* Allocate pointers to the head nodes. */ if((hashtable->table = ndpi_malloc(sizeof(entry_t *) * size)) == NULL) + free(hashtable); return NULL; else { for(i = 0; i < size; i++) @@ -62,6 +63,7 @@ entry_t *ht_newpair(char *key, u_int16_t value) { return NULL; if((newpair->key = ndpi_strdup(key)) == NULL) + free(newpair); return NULL; newpair->value = value, newpair->next = NULL; -- cgit v1.2.3 From ef1b8e36a043509bb7fcdcc4f356f2e04d6e6117 Mon Sep 17 00:00:00 2001 From: Stuart Reilly Date: Fri, 28 Jun 2019 16:12:42 +0100 Subject: Fix potential NULL dref in btlib.c --- src/lib/protocols/btlib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/lib/protocols/btlib.c b/src/lib/protocols/btlib.c index 309a10717..71b4dff9a 100644 --- a/src/lib/protocols/btlib.c +++ b/src/lib/protocols/btlib.c @@ -423,7 +423,7 @@ const u_int8_t *bt_decode(const u_int8_t *b, size_t *l, int *ret, bt_parse_data_ int64_t d = 0; u_int8_t c; - if(*l == 0) return NULL; + if(!l || *l == 0) return NULL; if(cbd->level > BDEC_MAXDEPT) goto bad_data; c = *b++; (*l)--; if(c == 'i') { // integer -- cgit v1.2.3 From f3161309ff0b0900eb0c2745518df98311934c4a Mon Sep 17 00:00:00 2001 From: Stuart Reilly Date: Fri, 28 Jun 2019 16:21:49 +0100 Subject: Fix missing braces --- src/lib/third_party/src/ht_hash.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/lib/third_party/src/ht_hash.c b/src/lib/third_party/src/ht_hash.c index ce50f1669..838fc2c6d 100644 --- a/src/lib/third_party/src/ht_hash.c +++ b/src/lib/third_party/src/ht_hash.c @@ -23,10 +23,10 @@ hashtable_t *ht_create(int size) { return NULL; /* Allocate pointers to the head nodes. */ - if((hashtable->table = ndpi_malloc(sizeof(entry_t *) * size)) == NULL) + if((hashtable->table = ndpi_malloc(sizeof(entry_t *) * size)) == NULL) { free(hashtable); return NULL; - else { + } else { for(i = 0; i < size; i++) hashtable->table[i] = NULL; } @@ -62,9 +62,10 @@ entry_t *ht_newpair(char *key, u_int16_t value) { if((newpair = ndpi_malloc(sizeof(entry_t))) == NULL) return NULL; - if((newpair->key = ndpi_strdup(key)) == NULL) + if((newpair->key = ndpi_strdup(key)) == NULL) { free(newpair); return NULL; + } newpair->value = value, newpair->next = NULL; -- cgit v1.2.3