diff --git a/.gitignore b/.gitignore index 35ff7eee732..ab82643ef52 100644 --- a/.gitignore +++ b/.gitignore @@ -76,6 +76,7 @@ /fuzz/fuzz_ds_cmsketch /fuzz/fuzz_gcrypt_light /fuzz/fuzz_ndpi_reader_payload_analyzer +/fuzz/fuzz_filecfg_protocols /fuzz/fuzz_ndpi_reader_alloc_fail_seed_corpus.zip /fuzz/fuzz_ndpi_reader_seed_corpus.zip /fuzz/fuzz_quic_get_crypto_data_seed_corpus.zip @@ -96,6 +97,7 @@ /fuzz/fuzz_ds_ahocorasick_seed_corpus.zip /fuzz/fuzz_libinjection_seed_corpus.zip /fuzz/fuzz_tls_certificate_seed_corpus.zip +/fuzz/fuzz_filecfg_protocols_seed_corpus.zip /fuzz/fuzz_dga_seed_corpus.zip /fuzz/fuzz_ndpi_reader_payload_analyzer_seed_corpus.zip /fuzz/fuzz_*.dict diff --git a/example/reader_util.c b/example/reader_util.c index 268f87ed1f4..071acb7745d 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -469,14 +469,14 @@ struct ndpi_workflow* ndpi_workflow_init(const struct ndpi_workflow_prefs * pref if(module == NULL) { LOG(NDPI_LOG_ERROR, "global structure initialization failed\n"); - exit(-1); + return NULL; } workflow = ndpi_calloc(1, sizeof(struct ndpi_workflow)); if(workflow == NULL) { LOG(NDPI_LOG_ERROR, "global structure initialization failed\n"); ndpi_free(module); - exit(-1); + return NULL; } workflow->pcap_handle = pcap_handle; diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index 53c7832d02e..e189ffe0cd0 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -7,6 +7,8 @@ bin_PROGRAMS += fuzz_ds_patricia fuzz_ds_ahocorasick fuzz_ds_libcache fuzz_ds_tr bin_PROGRAMS += fuzz_libinjection #Internal crypto bin_PROGRAMS += fuzz_gcrypt_light +#Configuration files +bin_PROGRAMS += fuzz_filecfg_protocols fuzz_process_packet_SOURCES = fuzz_process_packet.c fuzz_common_code.c fuzz_process_packet_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) @@ -21,7 +23,7 @@ fuzz_process_packet_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ $(fuzz_process_packet_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ -fuzz_ndpi_reader_SOURCES = fuzz_ndpi_reader.c ../example/reader_util.c +fuzz_ndpi_reader_SOURCES = fuzz_ndpi_reader.c fuzz_common_code.c ../example/reader_util.c fuzz_ndpi_reader_CFLAGS = -I../example/ @NDPI_CFLAGS@ $(CXXFLAGS) fuzz_ndpi_reader_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) fuzz_ndpi_reader_LDFLAGS = $(PCAP_LIB) $(LIBS) @@ -378,6 +380,20 @@ fuzz_gcrypt_light_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ $(fuzz_gcrypt_light_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ +fuzz_filecfg_protocols_SOURCES = fuzz_filecfg_protocols.c fuzz_common_code.c +fuzz_filecfg_protocols_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) +fuzz_filecfg_protocols_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) +fuzz_filecfg_protocols_LDFLAGS = $(LIBS) +if HAS_FUZZLDFLAGS +fuzz_filecfg_protocols_CFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_filecfg_protocols_LDFLAGS += $(LIB_FUZZING_ENGINE) +endif +# force usage of CXX for linker +fuzz_filecfg_protocols_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ + $(fuzz_filecfg_protocols_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ + + # required for Google oss-fuzz # see https://github.com/google/oss-fuzz/tree/master/projects/ndpi testpcaps := $(wildcard ../tests/cfgs/default/pcap/*.pcap*) @@ -481,7 +497,12 @@ files_corpus_fuzz_tls_certificate := $(wildcard corpus/fuzz_tls_certificate/*) fuzz_tls_certificate_seed_corpus.zip: $(files_corpus_fuzz_tls_certificate) zip -j fuzz_tls_certificate_seed_corpus.zip $(files_corpus_fuzz_tls_certificate) -corpus: fuzz_ndpi_reader_seed_corpus.zip fuzz_ndpi_reader_alloc_fail_seed_corpus.zip fuzz_ndpi_reader_payload_analyzer_seed_corpus.zip fuzz_quic_get_crypto_data_seed_corpus.zip fuzz_config_seed_corpus.zip fuzz_ds_patricia_seed_corpus.zip fuzz_ds_ahocorasick_seed_corpus.zip fuzz_alg_ses_des_seed_corpus.zip fuzz_alg_hw_rsi_outliers_da_seed_corpus.zip fuzz_alg_bins_seed_corpus.zip fuzz_alg_hll_seed_corpus.zip fuzz_alg_jitter_seed_corpus.zip fuzz_ds_libcache_seed_corpus.zip fuzz_community_id_seed_corpus.zip fuzz_ds_tree_seed_corpus.zip fuzz_serialization_seed_corpus.zip fuzz_ds_ptree_seed_corpus.zip fuzz_alg_crc32_md5_seed_corpus.zip fuzz_alg_bytestream_seed_corpus.zip fuzz_libinjection_seed_corpus.zip fuzz_tls_certificate_seed_corpus.zip +files_corpus_fuzz_filecfg_protocols := $(wildcard corpus/fuzz_filecfg_protocols/*) + +fuzz_filecfg_protocols_seed_corpus.zip: $(files_corpus_fuzz_filecfg_protocols) + zip -j fuzz_filecfg_protocols_seed_corpus.zip $(files_corpus_fuzz_filecfg_protocols) + +corpus: fuzz_ndpi_reader_seed_corpus.zip fuzz_ndpi_reader_alloc_fail_seed_corpus.zip fuzz_ndpi_reader_payload_analyzer_seed_corpus.zip fuzz_quic_get_crypto_data_seed_corpus.zip fuzz_config_seed_corpus.zip fuzz_ds_patricia_seed_corpus.zip fuzz_ds_ahocorasick_seed_corpus.zip fuzz_alg_ses_des_seed_corpus.zip fuzz_alg_hw_rsi_outliers_da_seed_corpus.zip fuzz_alg_bins_seed_corpus.zip fuzz_alg_hll_seed_corpus.zip fuzz_alg_jitter_seed_corpus.zip fuzz_ds_libcache_seed_corpus.zip fuzz_community_id_seed_corpus.zip fuzz_ds_tree_seed_corpus.zip fuzz_serialization_seed_corpus.zip fuzz_ds_ptree_seed_corpus.zip fuzz_alg_crc32_md5_seed_corpus.zip fuzz_alg_bytestream_seed_corpus.zip fuzz_libinjection_seed_corpus.zip fuzz_tls_certificate_seed_corpus.zip fuzz_filecfg_protocols_seed_corpus.zip cp corpus/fuzz_*seed_corpus.zip . #Create dictionaries exactly as expected by oss-fuzz. @@ -502,8 +523,11 @@ distdir: -o -name '*.cpp' \ -o -name '*.dict' \ -o -name 'ipv4_addresses.txt' \ + -o -name 'bd_param.txt' \ + -o -name 'splt_param.txt' \ -o -path './corpus/fuzz_*.zip' \ -o -path './corpus/fuzz_quic_get_crypto_data/*' \ + -o -path './corpus/fuzz_filecfg_protocols/*' \ -o -path './corpus/fuzz_config/*' \ -o -path './corpus/fuzz_serialization/*' \ -o -path './corpus/fuzz_community_id/*' \ diff --git a/fuzz/bd_param.txt b/fuzz/bd_param.txt new file mode 100644 index 00000000000..e1663a7b409 --- /dev/null +++ b/fuzz/bd_param.txt @@ -0,0 +1,627 @@ +-2.088057846500587456e+00 +7.763936238952200239e-05 +4.404309737393306595e-05 +-9.467385027293546973e-02 +4.348947142638090457e-01 +-2.091409170053043390e-04 +-5.788902107267982974e-04 +4.481443450852441001e-10 +-3.136135459023654537e+00 +-1.507730262127600751e+00 +-1.204663669965535977e+00 +-1.171839254318371104e+00 +4.329302247232582057e-01 +8.310653628092458334e+00 +3.299246725156660176e+00 +0.000000000000000000e+00 +1.847454931582027254e-02 +-1.498024139966201096e+00 +-7.660670007653060942e-01 +-2.908130300830076731e+00 +-1.252564844610269734e+00 +-1.910955328742287573e+00 +9.471710980110392697e-01 +2.352302758516665371e+00 +2.982269972214651954e+00 +4.280736383314343918e+00 +4.633629909719495288e+00 +-2.198052637823726840e+00 +-1.150759637168392580e+00 +3.420433363184381292e+00 +1.857878113059351077e-02 +-1.559806674919653746e+00 +4.197498183183401288e+00 +6.262186949633183453e+00 +1.100694844370524095e+01 +2.778688785515088000e+01 +3.679948298336883195e+00 +-2.432801394376875592e+00 +5.133442052706843617e-01 +2.181172654073517680e+00 +-8.577551729671881731e-01 +7.013844214023315926e-01 +3.138233436228588857e+00 +7.319940508466630247e-01 +0.000000000000000000e+00 +3.529209394581482861e+00 +1.464585117707144413e+01 +8.506550226820598359e-01 +-9.060397326548508268e-01 +6.787474954688997641e+00 +8.125411068867387954e+00 +4.515740684104064151e+00 +5.372135582950940069e+00 +9.210951196799497254e-01 +4.802177410869620466e+00 +2.945445016176073594e+01 +1.575032253128311632e+00 +-1.355276854364796946e-01 +-3.322474764169629502e-01 +3.018397817188666732e+00 +1.186503569922195744e+00 +0.000000000000000000e+00 +8.883242370198487503e-01 +7.248276146728496627e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-4.831246718433664711e+00 +6.124136970173365002e-01 +4.145693892559814686e-01 +2.683998941637626867e+00 +2.063906603639539039e+00 +2.989801217386735210e+00 +2.262965767379551962e-01 +2.240332214649647380e+00 +5.984550782416063086e+00 +4.587011255338186544e+00 +1.233118485315272039e+01 +1.115223490909697857e+00 +-3.682686422016995476e+00 +6.096498453291562258e-01 +1.119275528656461516e+00 +1.377886278915177731e-01 +3.828176805973048324e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +1.442927634029647344e+01 +0.000000000000000000e+00 +5.719118583309401593e-01 +1.993632609731877392e-01 +3.047472271520709430e+00 +5.736784864911910198e+00 +6.677826247219391220e+00 +6.307175478564531090e+00 +3.150295169417364249e+01 +3.738597740702392258e+00 +1.129754590514236234e+01 +6.108506268573830056e+00 +1.605489516792866667e+00 +2.929631990348545489e+00 +-2.832543082245212937e-02 +1.358286530670594461e+00 +1.655932469853677924e+00 +6.701964773769768513e-01 +2.131182050917533211e+00 +2.998351165769753468e+00 +7.772095996358327596e+00 +1.285014785269981141e+00 +4.407334784589962418e+00 +1.719858214230612026e+00 +-1.012765674651314063e+00 +-5.749271123172469133e-01 +-3.559614093795681278e+00 +-3.073088477387719397e+00 +-4.492469521371540431e+00 +-3.753286990415885427e+00 +-3.219255423324282273e+00 +-2.806436518181075090e+00 +-2.697305948568419875e+00 +-7.879608430851776646e-01 +4.625507221739111330e+00 +4.809280703883450414e+00 +-3.435194026629848629e+00 +-3.218943068168937049e+00 +3.335535704890596698e+00 +2.071359212435486263e+00 +4.538992059175040339e+00 +-2.770772323566738038e+01 +2.903047708571506735e+00 +-4.436143805989154032e+00 +-2.647991280011542381e-01 +1.737252348126810064e+00 +-4.121989655995259128e+00 +3.209709099445720581e-01 +1.012758514896711759e+01 +3.313255624721038295e+00 +4.631467619785444967e+00 +7.668642402146534032e+00 +6.780938812710099128e+00 +-3.256164342602652972e+00 +6.749565128319576779e-01 +0.000000000000000000e+00 +-4.407265954524525853e+00 +0.000000000000000000e+00 +-3.666522115024547901e+01 +-7.886029397826226273e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-2.261283814517791058e+01 +-4.024317426178160240e+00 +3.213063737030031342e-01 +5.079805145796887800e+00 +1.326813226475260343e+00 +1.233684078112145643e+00 +8.671852503871454232e+00 +-2.041800256066371944e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.607347800380474823e+01 +-4.430790279223246309e+00 +1.177552465851384511e+00 +6.342921220500139512e+00 +-2.466913734548706327e-02 +3.451642566010713065e-01 +-6.012767168531006234e+00 +7.328146570137336724e+00 +7.500088131707050465e+00 +0.000000000000000000e+00 +-3.547913249211809017e+01 +-3.130964814607208879e+00 +8.247326544297072237e-01 +3.757262485775580418e-01 +-2.136528302027558723e+00 +-2.631627236037529793e-01 +-2.016718799388414141e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-7.708602132869285528e-01 +-2.602868328868111814e+00 +1.435184800833797958e+00 +0.000000000000000000e+00 +-2.080420864280113413e+00 +1.169498351211070819e+00 +-1.798334115637199560e+01 +-1.193885252696202670e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +4.304089297965300709e+00 +-3.020893216686394656e+00 +-1.234427481614708721e+00 +0.000000000000000000e+00 +1.853340741926325697e+00 +-2.686000064995862147e+01 +-1.672275139058893600e+01 +-2.826268691607605987e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.547397429377200817e+00 +-4.018181657009961327e+00 +-7.289186736637049968e+00 +-7.458655219230571731e+00 +-9.625538282761622710e+00 +-1.103039457077456298e+01 +-6.262675161142102809e+01 +-9.265912629799268885e+00 +-8.961543476816615339e+00 +-9.622764435629340696e+00 +-1.097978292092879826e+01 +-1.097978292092879826e+01 +-2.088057846500587456e+00 +7.763936238952200239e-05 +4.404309737393306595e-05 +-9.467385027293546973e-02 +4.348947142638090457e-01 +-2.091409170053043390e-04 +-5.788902107267982974e-04 +4.481443450852441001e-10 +-3.136135459023654537e+00 +-1.507730262127600751e+00 +-1.204663669965535977e+00 +-1.171839254318371104e+00 +4.329302247232582057e-01 +8.310653628092458334e+00 +3.299246725156660176e+00 +0.000000000000000000e+00 +1.847454931582027254e-02 +-1.498024139966201096e+00 +-7.660670007653060942e-01 +-2.908130300830076731e+00 +-1.252564844610269734e+00 +-1.910955328742287573e+00 +9.471710980110392697e-01 +2.352302758516665371e+00 +2.982269972214651954e+00 +4.280736383314343918e+00 +4.633629909719495288e+00 +-2.198052637823726840e+00 +-1.150759637168392580e+00 +3.420433363184381292e+00 +1.857878113059351077e-02 +-1.559806674919653746e+00 +4.197498183183401288e+00 +6.262186949633183453e+00 +1.100694844370524095e+01 +2.778688785515088000e+01 +3.679948298336883195e+00 +-2.432801394376875592e+00 +5.133442052706843617e-01 +2.181172654073517680e+00 +-8.577551729671881731e-01 +7.013844214023315926e-01 +3.138233436228588857e+00 +7.319940508466630247e-01 +0.000000000000000000e+00 +3.529209394581482861e+00 +1.464585117707144413e+01 +8.506550226820598359e-01 +-9.060397326548508268e-01 +6.787474954688997641e+00 +8.125411068867387954e+00 +4.515740684104064151e+00 +5.372135582950940069e+00 +9.210951196799497254e-01 +4.802177410869620466e+00 +2.945445016176073594e+01 +1.575032253128311632e+00 +-1.355276854364796946e-01 +-3.322474764169629502e-01 +3.018397817188666732e+00 +1.186503569922195744e+00 +0.000000000000000000e+00 +8.883242370198487503e-01 +7.248276146728496627e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-4.831246718433664711e+00 +6.124136970173365002e-01 +4.145693892559814686e-01 +2.683998941637626867e+00 +2.063906603639539039e+00 +2.989801217386735210e+00 +2.262965767379551962e-01 +2.240332214649647380e+00 +5.984550782416063086e+00 +4.587011255338186544e+00 +1.233118485315272039e+01 +1.115223490909697857e+00 +-3.682686422016995476e+00 +6.096498453291562258e-01 +1.119275528656461516e+00 +1.377886278915177731e-01 +3.828176805973048324e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +1.442927634029647344e+01 +0.000000000000000000e+00 +5.719118583309401593e-01 +1.993632609731877392e-01 +3.047472271520709430e+00 +5.736784864911910198e+00 +6.677826247219391220e+00 +6.307175478564531090e+00 +3.150295169417364249e+01 +3.738597740702392258e+00 +1.129754590514236234e+01 +6.108506268573830056e+00 +1.605489516792866667e+00 +2.929631990348545489e+00 +-2.832543082245212937e-02 +1.358286530670594461e+00 +1.655932469853677924e+00 +6.701964773769768513e-01 +2.131182050917533211e+00 +2.998351165769753468e+00 +7.772095996358327596e+00 +1.285014785269981141e+00 +4.407334784589962418e+00 +1.719858214230612026e+00 +-1.012765674651314063e+00 +-5.749271123172469133e-01 +-3.559614093795681278e+00 +-3.073088477387719397e+00 +-4.492469521371540431e+00 +-3.753286990415885427e+00 +-3.219255423324282273e+00 +-2.806436518181075090e+00 +-2.697305948568419875e+00 +-7.879608430851776646e-01 +4.625507221739111330e+00 +4.809280703883450414e+00 +-3.435194026629848629e+00 +-3.218943068168937049e+00 +3.335535704890596698e+00 +2.071359212435486263e+00 +4.538992059175040339e+00 +-2.770772323566738038e+01 +2.903047708571506735e+00 +-4.436143805989154032e+00 +-2.647991280011542381e-01 +1.737252348126810064e+00 +-4.121989655995259128e+00 +3.209709099445720581e-01 +1.012758514896711759e+01 +3.313255624721038295e+00 +4.631467619785444967e+00 +7.668642402146534032e+00 +6.780938812710099128e+00 +-3.256164342602652972e+00 +6.749565128319576779e-01 +0.000000000000000000e+00 +-4.407265954524525853e+00 +0.000000000000000000e+00 +-3.666522115024547901e+01 +-7.886029397826226273e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-2.261283814517791058e+01 +-4.024317426178160240e+00 +3.213063737030031342e-01 +5.079805145796887800e+00 +1.326813226475260343e+00 +1.233684078112145643e+00 +8.671852503871454232e+00 +-2.041800256066371944e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.607347800380474823e+01 +-4.430790279223246309e+00 +1.177552465851384511e+00 +6.342921220500139512e+00 +-2.466913734548706327e-02 +3.451642566010713065e-01 +-6.012767168531006234e+00 +7.328146570137336724e+00 +7.500088131707050465e+00 +0.000000000000000000e+00 +-3.547913249211809017e+01 +-3.130964814607208879e+00 +8.247326544297072237e-01 +3.757262485775580418e-01 +-2.136528302027558723e+00 +-2.631627236037529793e-01 +-2.016718799388414141e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-7.708602132869285528e-01 +-2.602868328868111814e+00 +1.435184800833797958e+00 +0.000000000000000000e+00 +-2.080420864280113413e+00 +1.169498351211070819e+00 +-1.798334115637199560e+01 +-1.193885252696202670e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +4.304089297965300709e+00 +-3.020893216686394656e+00 +-1.234427481614708721e+00 +0.000000000000000000e+00 +1.853340741926325697e+00 +-2.686000064995862147e+01 +-1.672275139058893600e+01 +-2.826268691607605987e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.547397429377200817e+00 +-4.018181657009961327e+00 +-7.289186736637049968e+00 +-7.458655219230571731e+00 +-9.625538282761622710e+00 +-1.103039457077456298e+01 +-6.262675161142102809e+01 +-9.265912629799268885e+00 +-8.961543476816615339e+00 +-9.622764435629340696e+00 +-1.097978292092879826e+01 +-1.097978292092879826e+01 +-2.088057846500587456e+00 +7.763936238952200239e-05 +4.404309737393306595e-05 +-9.467385027293546973e-02 +4.348947142638090457e-01 +-2.091409170053043390e-04 +-5.788902107267982974e-04 +4.481443450852441001e-10 +-3.136135459023654537e+00 +-1.507730262127600751e+00 +-1.204663669965535977e+00 +-1.171839254318371104e+00 +4.329302247232582057e-01 +8.310653628092458334e+00 +3.299246725156660176e+00 +0.000000000000000000e+00 +1.847454931582027254e-02 +-1.498024139966201096e+00 +-7.660670007653060942e-01 +-2.908130300830076731e+00 +-1.252564844610269734e+00 +-1.910955328742287573e+00 +9.471710980110392697e-01 +2.352302758516665371e+00 +2.982269972214651954e+00 +4.280736383314343918e+00 +4.633629909719495288e+00 +-2.198052637823726840e+00 +-1.150759637168392580e+00 +3.420433363184381292e+00 +1.857878113059351077e-02 +-1.559806674919653746e+00 +4.197498183183401288e+00 +6.262186949633183453e+00 +1.100694844370524095e+01 +2.778688785515088000e+01 +3.679948298336883195e+00 +-2.432801394376875592e+00 +5.133442052706843617e-01 +2.181172654073517680e+00 +-8.577551729671881731e-01 +7.013844214023315926e-01 +3.138233436228588857e+00 +7.319940508466630247e-01 +0.000000000000000000e+00 +3.529209394581482861e+00 +1.464585117707144413e+01 +8.506550226820598359e-01 +-9.060397326548508268e-01 +6.787474954688997641e+00 +8.125411068867387954e+00 +4.515740684104064151e+00 +5.372135582950940069e+00 +9.210951196799497254e-01 +4.802177410869620466e+00 +2.945445016176073594e+01 +1.575032253128311632e+00 +-1.355276854364796946e-01 +-3.322474764169629502e-01 +3.018397817188666732e+00 +1.186503569922195744e+00 +0.000000000000000000e+00 +8.883242370198487503e-01 +7.248276146728496627e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-4.831246718433664711e+00 +6.124136970173365002e-01 +4.145693892559814686e-01 +2.683998941637626867e+00 +2.063906603639539039e+00 +2.989801217386735210e+00 +2.262965767379551962e-01 +2.240332214649647380e+00 +5.984550782416063086e+00 +4.587011255338186544e+00 +1.233118485315272039e+01 +1.115223490909697857e+00 +-3.682686422016995476e+00 +6.096498453291562258e-01 +1.119275528656461516e+00 +1.377886278915177731e-01 +3.828176805973048324e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +1.442927634029647344e+01 +0.000000000000000000e+00 +5.719118583309401593e-01 +1.993632609731877392e-01 +3.047472271520709430e+00 +5.736784864911910198e+00 +6.677826247219391220e+00 +6.307175478564531090e+00 +3.150295169417364249e+01 +3.738597740702392258e+00 +1.129754590514236234e+01 +6.108506268573830056e+00 +1.605489516792866667e+00 +2.929631990348545489e+00 +-2.832543082245212937e-02 +1.358286530670594461e+00 +1.655932469853677924e+00 +6.701964773769768513e-01 +2.131182050917533211e+00 +2.998351165769753468e+00 +7.772095996358327596e+00 +1.285014785269981141e+00 +4.407334784589962418e+00 +1.719858214230612026e+00 +-1.012765674651314063e+00 +-5.749271123172469133e-01 +-3.559614093795681278e+00 +-3.073088477387719397e+00 +-4.492469521371540431e+00 +-3.753286990415885427e+00 +-3.219255423324282273e+00 +-2.806436518181075090e+00 +-2.697305948568419875e+00 +-7.879608430851776646e-01 +4.625507221739111330e+00 +4.809280703883450414e+00 +-3.435194026629848629e+00 +-3.218943068168937049e+00 +3.335535704890596698e+00 +2.071359212435486263e+00 +4.538992059175040339e+00 +-2.770772323566738038e+01 +2.903047708571506735e+00 +-4.436143805989154032e+00 +-2.647991280011542381e-01 +1.737252348126810064e+00 +-4.121989655995259128e+00 +3.209709099445720581e-01 +1.012758514896711759e+01 +3.313255624721038295e+00 +4.631467619785444967e+00 +7.668642402146534032e+00 +6.780938812710099128e+00 +-3.256164342602652972e+00 +6.749565128319576779e-01 +0.000000000000000000e+00 +-4.407265954524525853e+00 +0.000000000000000000e+00 +-3.666522115024547901e+01 +-7.886029397826226273e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-2.261283814517791058e+01 +-4.024317426178160240e+00 +3.213063737030031342e-01 +5.079805145796887800e+00 +1.326813226475260343e+00 +1.233684078112145643e+00 +8.671852503871454232e+00 +-2.041800256066371944e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.607347800380474823e+01 +-4.430790279223246309e+00 +1.177552465851384511e+00 +6.342921220500139512e+00 +-2.466913734548706327e-02 +3.451642566010713065e-01 +-6.012767168531006234e+00 +7.328146570137336724e+00 +7.500088131707050465e+00 +0.000000000000000000e+00 +-3.547913249211809017e+01 +-3.130964814607208879e+00 +8.247326544297072237e-01 +3.757262485775580418e-01 +-2.136528302027558723e+00 +-2.631627236037529793e-01 +-2.016718799388414141e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-7.708602132869285528e-01 +-2.602868328868111814e+00 +1.435184800833797958e+00 +0.000000000000000000e+00 +-2.080420864280113413e+00 +1.169498351211070819e+00 +-1.798334115637199560e+01 +-1.193885252696202670e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +4.304089297965300709e+00 +-3.020893216686394656e+00 +-1.234427481614708721e+00 +0.000000000000000000e+00 +1.853340741926325697e+00 +-2.686000064995862147e+01 +-1.672275139058893600e+01 +-2.826268691607605987e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.547397429377200817e+00 +-4.018181657009961327e+00 +-7.289186736637049968e+00 +-7.458655219230571731e+00 +-9.625538282761622710e+00 +-1.103039457077456298e+01 +-6.262675161142102809e+01 +-9.265912629799268885e+00 +-8.961543476816615339e+00 +-9.622764435629340696e+00 +-1.097978292092879826e+01 +-1.097978292092879826e+01 diff --git a/fuzz/corpus/fuzz_filecfg_protocols/certificate.txt b/fuzz/corpus/fuzz_filecfg_protocols/certificate.txt new file mode 100644 index 00000000000..0e47bd35244 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/certificate.txt @@ -0,0 +1 @@ +trusted_issuer_dn:"CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US" diff --git a/fuzz/corpus/fuzz_filecfg_protocols/certificate2.txt b/fuzz/corpus/fuzz_filecfg_protocols/certificate2.txt new file mode 100644 index 00000000000..25807bac0ae --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/certificate2.txt @@ -0,0 +1 @@ +trusted_issuer_dn:CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US diff --git a/fuzz/corpus/fuzz_filecfg_protocols/custom.txt b/fuzz/corpus/fuzz_filecfg_protocols/custom.txt new file mode 100644 index 00000000000..fe9250d390f --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/custom.txt @@ -0,0 +1,9 @@ +ip:213.75.170.11/32:443@CustomProtocol +ip:8.248.73.247:443@AmazonPrime +ip:54.80.47.130@AmazonPrime + +ip:3.3.3.3:443@CustomProtocolA +ip:3.3.3.3:444@CustomProtocolB +ip:3.3.3.3:446@CustomProtocolC=400 +ip:3.3.3.3:447@CustomProtocolD=1 +ip:3.3.3.3:448@CustomProtocolD=4000 diff --git a/fuzz/corpus/fuzz_filecfg_protocols/invalid_proto_name.txt b/fuzz/corpus/fuzz_filecfg_protocols/invalid_proto_name.txt new file mode 100644 index 00000000000..127b1259867 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/invalid_proto_name.txt @@ -0,0 +1,2 @@ +tcp:65535@TestProt o +tcp:65534@TestProt/&^:;\"o diff --git a/fuzz/corpus/fuzz_filecfg_protocols/nbpf.txt b/fuzz/corpus/fuzz_filecfg_protocols/nbpf.txt new file mode 100644 index 00000000000..f03ce3f53a5 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/nbpf.txt @@ -0,0 +1 @@ +nbpf:"host 192.168.1.1 and port 80"@HomeRouter diff --git a/fuzz/corpus/fuzz_filecfg_protocols/nbpf2.txt b/fuzz/corpus/fuzz_filecfg_protocols/nbpf2.txt new file mode 100644 index 00000000000..4af40919d17 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/nbpf2.txt @@ -0,0 +1 @@ +nbpf:"host 192.168.1.2"@HomeRouter2 diff --git a/fuzz/corpus/fuzz_filecfg_protocols/port.txt b/fuzz/corpus/fuzz_filecfg_protocols/port.txt new file mode 100644 index 00000000000..d7664eb0d38 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/port.txt @@ -0,0 +1,7 @@ +tcp:81,tcp:8181@HTTP +udp:5062@SIP +tcp:860,udp:860,tcp:3260,udp:3260@iSCSI +tcp:3000@ntop +tcp:9002@Elasticsearch +tcp:5601@Kibana +tcp:65535@TestProto diff --git a/fuzz/corpus/fuzz_filecfg_protocols/risks.txt b/fuzz/corpus/fuzz_filecfg_protocols/risks.txt new file mode 100644 index 00000000000..fa7160903b8 --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/risks.txt @@ -0,0 +1,4 @@ +#ip_risk_mask:192.168.1.0/24=0 +ip_risk_mask:10.10.120.0/24=0 +ip_risk_mask:10.196.157.228=0 +host_risk_mask:".home"=0 diff --git a/fuzz/corpus/fuzz_filecfg_protocols/subproto.txt b/fuzz/corpus/fuzz_filecfg_protocols/subproto.txt new file mode 100644 index 00000000000..fbcb113c06e --- /dev/null +++ b/fuzz/corpus/fuzz_filecfg_protocols/subproto.txt @@ -0,0 +1,3 @@ +host:"disneyplus.com",host:"cdn.registerdisney.go.com",host:"disney-portal.my.onetrust.com",host:"disneyplus.bn5x.net",host:"disney-plus.net"@DisneyPlus +host:"*.lvlt.dash.us.aiv-cdn.net.c.footprint.net"@AmazonVideo +host:"api-global.netflix.com"@Netflix diff --git a/fuzz/fuzz_common_code.c b/fuzz/fuzz_common_code.c index 88b7adf2d6c..554c82336cd 100644 --- a/fuzz/fuzz_common_code.c +++ b/fuzz/fuzz_common_code.c @@ -58,3 +58,8 @@ void fuzz_init_detection_module(struct ndpi_detection_module_struct **ndpi_info_ ndpi_finalize_initialization(*ndpi_info_mod); } } + +FILE *buffer_to_file(const uint8_t *data, size_t size) +{ + return fmemopen((void *)data, size, "rw"); +} diff --git a/fuzz/fuzz_common_code.h b/fuzz/fuzz_common_code.h index 02df3e0cc84..c5e4fb9c938 100644 --- a/fuzz/fuzz_common_code.h +++ b/fuzz/fuzz_common_code.h @@ -15,6 +15,8 @@ void fuzz_set_alloc_callbacks(void); void fuzz_set_alloc_seed(int seed); void fuzz_set_alloc_callbacks_and_seed(int seed); +FILE *buffer_to_file(const uint8_t *data, size_t size); + #ifdef __cplusplus } #endif diff --git a/fuzz/fuzz_config.cpp b/fuzz/fuzz_config.cpp index 2eb933f1345..c5ee020428f 100644 --- a/fuzz/fuzz_config.cpp +++ b/fuzz/fuzz_config.cpp @@ -197,10 +197,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { ndpi_http_method2str(flow.http.method); ndpi_get_l4_proto_name(ndpi_get_l4_proto_info(ndpi_info_mod, p.app_protocol)); ndpi_is_subprotocol_informative(ndpi_info_mod, p.app_protocol); - ndpi_get_http_method(ndpi_info_mod, &flow); + ndpi_get_http_method(ndpi_info_mod, bool_value ? &flow : NULL); ndpi_get_http_url(ndpi_info_mod, &flow); ndpi_get_http_content_type(ndpi_info_mod, &flow); ndpi_check_for_email_address(ndpi_info_mod, 0); + ndpi_get_flow_name(bool_value ? &flow : NULL); /* ndpi_guess_undetected_protocol() is a "strange" function. Try fuzzing it, here */ if(!ndpi_is_protocol_detected(ndpi_info_mod, p)) { ndpi_guess_undetected_protocol(ndpi_info_mod, bool_value ? &flow : NULL, diff --git a/fuzz/fuzz_filecfg_protocols.c b/fuzz/fuzz_filecfg_protocols.c new file mode 100644 index 00000000000..cba26c07c53 --- /dev/null +++ b/fuzz/fuzz_filecfg_protocols.c @@ -0,0 +1,47 @@ +#include "ndpi_api.h" +#include "fuzz_common_code.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + struct ndpi_detection_module_struct *ndpi_struct; + FILE *fd; + /* Try to be fast */ + ndpi_init_prefs prefs = ndpi_dont_load_tor_list | + ndpi_dont_load_azure_list | + ndpi_dont_load_whatsapp_list | + ndpi_dont_load_amazon_aws_list | + ndpi_dont_load_ethereum_list | + ndpi_dont_load_zoom_list | + ndpi_dont_load_cloudflare_list | + ndpi_dont_load_microsoft_list | + ndpi_dont_load_google_list | + ndpi_dont_load_google_cloud_list | + ndpi_dont_load_asn_lists | + ndpi_dont_init_risk_ptree | + ndpi_dont_load_cachefly_list | + ndpi_dont_load_protonvpn_list | + ndpi_dont_load_gambling_list | + ndpi_dont_load_mullvad_list; + NDPI_PROTOCOL_BITMASK all; + NDPI_PROTOCOL_BITMASK debug_bitmask; + + /* To allow memory allocation failures */ + fuzz_set_alloc_callbacks_and_seed(size); + + ndpi_struct = ndpi_init_detection_module(prefs); + NDPI_BITMASK_SET_ALL(all); + ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); + + NDPI_BITMASK_SET_ALL(debug_bitmask); + ndpi_set_log_level(ndpi_struct, 4); + ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + + fd = buffer_to_file(data, size); + ndpi_load_protocols_file2(ndpi_struct, fd); + if(fd) + fclose(fd); + + /* We don't really need to call ndpi_finalize_initialization */ + + ndpi_exit_detection_module(ndpi_struct); + return 0; +} diff --git a/fuzz/fuzz_gcrypt_light.cpp b/fuzz/fuzz_gcrypt_light.cpp index f75d38beecd..043a90d0d56 100644 --- a/fuzz/fuzz_gcrypt_light.cpp +++ b/fuzz/fuzz_gcrypt_light.cpp @@ -26,6 +26,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { /* To allow memory allocation failures */ fuzz_set_alloc_callbacks_and_seed(size); + gcry_control(fuzzed_data.ConsumeIntegralInRange(0, 2), + fuzzed_data.ConsumeIntegralInRange(0, 1)); + /* MD */ if(fuzzed_data.ConsumeBool()) @@ -73,19 +76,19 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (!enc_out) return 0; + h = NULL; rc = gcry_cipher_open(&h, algo, mode, flags); - if (rc == 0) { - rc = gcry_cipher_setkey(h, key2.data(), key2.size()); - if (rc == 0) { - if(fuzzed_data.ConsumeBool()) { /* To trigger MBEDTLS_ERR_CIPHER_BAD_KEY */ - rc = gcry_cipher_setkey(h, key2.data(), key2.size()); - } else { - rc = gcry_cipher_encrypt(h, enc_out, src.size(), src.data(), src.size()); - } - } - gcry_cipher_ctl(h, 0, NULL, 0); - gcry_cipher_close(h); - } + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); + if(fuzzed_data.ConsumeBool()) + gcry_cipher_setkey(h, key2.data(), key2.size()); + if(fuzzed_data.ConsumeBool()) /* To trigger MBEDTLS_ERR_CIPHER_BAD_KEY */ + gcry_cipher_setkey(h, key2.data(), key2.size()); + rc = gcry_cipher_decrypt(h, enc_out, src.size(), src.data(), src.size()); + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); + rc = gcry_cipher_encrypt(h, enc_out, src.size(), src.data(), src.size()); + gcry_cipher_ctl(h, 0, NULL, 0); + gcry_cipher_close(h); + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); /* GCM */ @@ -97,25 +100,29 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { auth_len = fuzzed_data.ConsumeIntegralInRange(0, 257); /* 257 is an invalid value */ std::vectorauth = fuzzed_data.ConsumeBytes(auth_len); + h = NULL; rc = gcry_cipher_open(&h, algo, mode, flags); - if (rc == 0) { + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); + if(fuzzed_data.ConsumeBool()) { rc = gcry_cipher_setkey(h, key2.data(), key2.size()); + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); + } + if(fuzzed_data.ConsumeBool()) + gcry_cipher_reset(h); + rc = gcry_cipher_setiv(h, iv.data(), iv.size()); + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); + if(fuzzed_data.ConsumeBool()) { /* To trigger MBEDTLS_ERR_CIPHER_BAD_KEY */ + rc = gcry_cipher_setiv(h, iv.data(), iv.size()); + } else { + rc = gcry_cipher_authenticate(h, auth.data(), auth.size()); if (rc == 0) { - gcry_cipher_reset(h); - rc = gcry_cipher_setiv(h, iv.data(), iv.size()); - if (rc == 0) { - if(fuzzed_data.ConsumeBool()) { /* To trigger MBEDTLS_ERR_CIPHER_BAD_KEY */ - rc = gcry_cipher_setiv(h, iv.data(), iv.size()); - } else { - rc = gcry_cipher_authenticate(h, auth.data(), auth.size()); - if (rc == 0) { - rc = gcry_cipher_decrypt(h, enc_out, src.size(), src.data(), src.size()); - } - } - } + rc = gcry_cipher_encrypt(h, enc_out, src.size(), src.data(), src.size()); + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); + rc = gcry_cipher_decrypt(h, enc_out, src.size(), src.data(), src.size()); } - gcry_cipher_close(h); } + gcry_cipher_close(h); + gpg_strerror_r(rc, buf_err, sizeof(buf_err)); ndpi_free(enc_out); diff --git a/fuzz/fuzz_ndpi_reader.c b/fuzz/fuzz_ndpi_reader.c index f29506b362e..8b1674c9b2f 100644 --- a/fuzz/fuzz_ndpi_reader.c +++ b/fuzz/fuzz_ndpi_reader.c @@ -30,22 +30,6 @@ extern void ndpi_report_payload_stats(FILE *out); extern int force_no_aesni; #endif -FILE *bufferToFile(const uint8_t *Data, size_t Size) { - FILE *fd; - fd = tmpfile(); - if (fd == NULL) { - perror("Error tmpfile"); - return NULL; - } - if (fwrite (Data, 1, Size, fd) != Size) { - perror("Error fwrite"); - fclose(fd); - return NULL; - } - rewind(fd); - return fd; -} - int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { pcap_t * pkts; const u_char *pkt; @@ -106,10 +90,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { #ifdef ENABLE_MEM_ALLOC_FAILURES /* Don't fail memory allocations until init phase is done */ - fuzz_set_alloc_seed(Size); + fuzz_set_alloc_callbacks_and_seed(Size); #endif - fd = bufferToFile(Data, Size); + fd = buffer_to_file(Data, Size); if (fd == NULL) return 0; @@ -159,5 +143,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if(enable_payload_analyzer) ndpi_report_payload_stats(NULL); +#ifdef ENABLE_PAYLOAD_ANALYZER + ndpi_update_params(SPLT_PARAM_TYPE, "splt_param.txt"); + ndpi_update_params(BD_PARAM_TYPE, "bd_param.txt"); + ndpi_update_params(2, ""); /* invalid */ +#endif + return 0; } diff --git a/fuzz/splt_param.txt b/fuzz/splt_param.txt new file mode 100644 index 00000000000..cfaeb8918f8 --- /dev/null +++ b/fuzz/splt_param.txt @@ -0,0 +1,209 @@ +-2.088057846500587456e+00 +7.763936238952200239e-05 +4.404309737393306595e-05 +-9.467385027293546973e-02 +4.348947142638090457e-01 +-2.091409170053043390e-04 +-5.788902107267982974e-04 +4.481443450852441001e-10 +-3.136135459023654537e+00 +-1.507730262127600751e+00 +-1.204663669965535977e+00 +-1.171839254318371104e+00 +4.329302247232582057e-01 +8.310653628092458334e+00 +3.299246725156660176e+00 +0.000000000000000000e+00 +1.847454931582027254e-02 +-1.498024139966201096e+00 +-7.660670007653060942e-01 +-2.908130300830076731e+00 +-1.252564844610269734e+00 +-1.910955328742287573e+00 +9.471710980110392697e-01 +2.352302758516665371e+00 +2.982269972214651954e+00 +4.280736383314343918e+00 +4.633629909719495288e+00 +-2.198052637823726840e+00 +-1.150759637168392580e+00 +3.420433363184381292e+00 +1.857878113059351077e-02 +-1.559806674919653746e+00 +4.197498183183401288e+00 +6.262186949633183453e+00 +1.100694844370524095e+01 +2.778688785515088000e+01 +3.679948298336883195e+00 +-2.432801394376875592e+00 +5.133442052706843617e-01 +2.181172654073517680e+00 +-8.577551729671881731e-01 +7.013844214023315926e-01 +3.138233436228588857e+00 +7.319940508466630247e-01 +0.000000000000000000e+00 +3.529209394581482861e+00 +1.464585117707144413e+01 +8.506550226820598359e-01 +-9.060397326548508268e-01 +6.787474954688997641e+00 +8.125411068867387954e+00 +4.515740684104064151e+00 +5.372135582950940069e+00 +9.210951196799497254e-01 +4.802177410869620466e+00 +2.945445016176073594e+01 +1.575032253128311632e+00 +-1.355276854364796946e-01 +-3.322474764169629502e-01 +3.018397817188666732e+00 +1.186503569922195744e+00 +0.000000000000000000e+00 +8.883242370198487503e-01 +7.248276146728496627e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-4.831246718433664711e+00 +6.124136970173365002e-01 +4.145693892559814686e-01 +2.683998941637626867e+00 +2.063906603639539039e+00 +2.989801217386735210e+00 +2.262965767379551962e-01 +2.240332214649647380e+00 +5.984550782416063086e+00 +4.587011255338186544e+00 +1.233118485315272039e+01 +1.115223490909697857e+00 +-3.682686422016995476e+00 +6.096498453291562258e-01 +1.119275528656461516e+00 +1.377886278915177731e-01 +3.828176805973048324e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +1.442927634029647344e+01 +0.000000000000000000e+00 +5.719118583309401593e-01 +1.993632609731877392e-01 +3.047472271520709430e+00 +5.736784864911910198e+00 +6.677826247219391220e+00 +6.307175478564531090e+00 +3.150295169417364249e+01 +3.738597740702392258e+00 +1.129754590514236234e+01 +6.108506268573830056e+00 +1.605489516792866667e+00 +2.929631990348545489e+00 +-2.832543082245212937e-02 +1.358286530670594461e+00 +1.655932469853677924e+00 +6.701964773769768513e-01 +2.131182050917533211e+00 +2.998351165769753468e+00 +7.772095996358327596e+00 +1.285014785269981141e+00 +4.407334784589962418e+00 +1.719858214230612026e+00 +-1.012765674651314063e+00 +-5.749271123172469133e-01 +-3.559614093795681278e+00 +-3.073088477387719397e+00 +-4.492469521371540431e+00 +-3.753286990415885427e+00 +-3.219255423324282273e+00 +-2.806436518181075090e+00 +-2.697305948568419875e+00 +-7.879608430851776646e-01 +4.625507221739111330e+00 +4.809280703883450414e+00 +-3.435194026629848629e+00 +-3.218943068168937049e+00 +3.335535704890596698e+00 +2.071359212435486263e+00 +4.538992059175040339e+00 +-2.770772323566738038e+01 +2.903047708571506735e+00 +-4.436143805989154032e+00 +-2.647991280011542381e-01 +1.737252348126810064e+00 +-4.121989655995259128e+00 +3.209709099445720581e-01 +1.012758514896711759e+01 +3.313255624721038295e+00 +4.631467619785444967e+00 +7.668642402146534032e+00 +6.780938812710099128e+00 +-3.256164342602652972e+00 +6.749565128319576779e-01 +0.000000000000000000e+00 +-4.407265954524525853e+00 +0.000000000000000000e+00 +-3.666522115024547901e+01 +-7.886029397826226273e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-2.261283814517791058e+01 +-4.024317426178160240e+00 +3.213063737030031342e-01 +5.079805145796887800e+00 +1.326813226475260343e+00 +1.233684078112145643e+00 +8.671852503871454232e+00 +-2.041800256066371944e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.607347800380474823e+01 +-4.430790279223246309e+00 +1.177552465851384511e+00 +6.342921220500139512e+00 +-2.466913734548706327e-02 +3.451642566010713065e-01 +-6.012767168531006234e+00 +7.328146570137336724e+00 +7.500088131707050465e+00 +0.000000000000000000e+00 +-3.547913249211809017e+01 +-3.130964814607208879e+00 +8.247326544297072237e-01 +3.757262485775580418e-01 +-2.136528302027558723e+00 +-2.631627236037529793e-01 +-2.016718799388414141e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +0.000000000000000000e+00 +-7.708602132869285528e-01 +-2.602868328868111814e+00 +1.435184800833797958e+00 +0.000000000000000000e+00 +-2.080420864280113413e+00 +1.169498351211070819e+00 +-1.798334115637199560e+01 +-1.193885252696202670e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +4.304089297965300709e+00 +-3.020893216686394656e+00 +-1.234427481614708721e+00 +0.000000000000000000e+00 +1.853340741926325697e+00 +-2.686000064995862147e+01 +-1.672275139058893600e+01 +-2.826268691607605987e+01 +0.000000000000000000e+00 +0.000000000000000000e+00 +-1.547397429377200817e+00 +-4.018181657009961327e+00 +-7.289186736637049968e+00 +-7.458655219230571731e+00 +-9.625538282761622710e+00 +-1.103039457077456298e+01 +-6.262675161142102809e+01 +-9.265912629799268885e+00 +-8.961543476816615339e+00 +-9.622764435629340696e+00 +-1.097978292092879826e+01 +-1.097978292092879826e+01 diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index 0a2322ffe5f..3d99a6c03d3 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -756,11 +756,14 @@ extern "C" { * @par ndpi_mod = the detection module * @par path = the path of the file * @return 0 if the file is loaded correctly; - * -1 else + * -1 generic error + * -2 memory allocation error * */ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_mod, const char* path); + int ndpi_load_protocols_file2(struct ndpi_detection_module_struct *ndpi_mod, + FILE *fd); /** * Add an IP-address based risk mask diff --git a/src/lib/ndpi_classify.c b/src/lib/ndpi_classify.c index 538eb2b8234..114982de45a 100644 --- a/src/lib/ndpi_classify.c +++ b/src/lib/ndpi_classify.c @@ -583,7 +583,9 @@ ndpi_update_params (classifier_type_codes_t param_type, const char *param_file) break; default: +#if 0 printf("error: unknown paramerter type (%d)", param_type); +#endif break; } } diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index d806957ed0a..8c553ef7f08 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -2608,7 +2608,8 @@ static int ndpi_add_host_ip_subprotocol(struct ndpi_detection_module_struct *ndp } } - inet_pton(AF_INET, value, &pin); + if(inet_pton(AF_INET, value, &pin) != 1) + return(-1); if((node = add_to_ptree(ndpi_str->protocols_ptree, AF_INET, &pin, bits)) != NULL) { int i; @@ -2653,7 +2654,7 @@ void set_ndpi_flow_free(void (*__ndpi_flow_free)(void *ptr)) { } void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct *ndpi_str, ndpi_log_level_t log_level, - const char *file_name, const char *func_name, int line_number, const char *format, ...) { + const char *file_name, const char *func_name, unsigned int line_number, const char *format, ...) { #ifdef NDPI_ENABLE_DEBUG_MESSAGES va_list args; #define MAX_STR_LEN 250 @@ -4351,26 +4352,37 @@ int ndpi_load_malicious_sha1_file(struct ndpi_detection_module_struct *ndpi_str, */ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, const char *path) { + int rc; FILE *fd; - char *buffer, *old_buffer; - int chunk_len = 1024, buffer_len = chunk_len, old_buffer_len; - int i, rc = -1; if(!ndpi_str || !path) return(-1); fd = fopen(path, "r"); - if(fd == NULL) { NDPI_LOG_ERR(ndpi_str, "Unable to open file %s [%s]\n", path, strerror(errno)); - goto error; + return -1; } - buffer = ndpi_malloc(buffer_len); + rc = ndpi_load_protocols_file2(ndpi_str, fd); + fclose(fd); + + return rc; +} + +int ndpi_load_protocols_file2(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) { + char *buffer, *old_buffer; + int chunk_len = 1024, buffer_len = chunk_len, old_buffer_len; + int i; + + if(!ndpi_str || !fd) + return -1; + + buffer = ndpi_malloc(buffer_len); if(buffer == NULL) { NDPI_LOG_ERR(ndpi_str, "Memory allocation failure\n"); - goto close_fd; + return -2; } while(1) { @@ -4378,6 +4390,7 @@ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, cons int line_len = buffer_len; while(((line = fgets(line, line_len, fd)) != NULL) + && strlen(line) > 0 && (line[strlen(line) - 1] != '\n')) { i = strlen(line); old_buffer = buffer; @@ -4385,11 +4398,10 @@ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, cons buffer_len += chunk_len; buffer = ndpi_realloc(old_buffer, old_buffer_len, buffer_len); - if(buffer == NULL) { NDPI_LOG_ERR(ndpi_str, "Memory allocation failure\n"); ndpi_free(old_buffer); - goto close_fd; + return -2; } line = &buffer[i]; @@ -4419,15 +4431,9 @@ int ndpi_load_protocols_file(struct ndpi_detection_module_struct *ndpi_str, cons NDPI_LOG_INFO(ndpi_str, "Discraded rule '%s'\n", buffer); } - rc = 0; - ndpi_free(buffer); - close_fd: - fclose(fd); - - error: - return(rc); + return 0; } /* ******************************************************************** */ @@ -9027,12 +9033,14 @@ u_int ndpi_get_ndpi_detection_module_size() { void ndpi_set_debug_bitmask(struct ndpi_detection_module_struct *ndpi_str, NDPI_PROTOCOL_BITMASK debug_bitmask) { #ifdef NDPI_ENABLE_DEBUG_MESSAGES - ndpi_str->debug_bitmask = debug_bitmask; + if(ndpi_str) + ndpi_str->debug_bitmask = debug_bitmask; #endif } void ndpi_set_log_level(struct ndpi_detection_module_struct *ndpi_str, u_int l){ - ndpi_str->ndpi_log_level = l; + if(ndpi_str) + ndpi_str->ndpi_log_level = l; } /* ******************************************************************** */ diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c index 07358468d72..5fc71a67a23 100644 --- a/src/lib/protocols/dns.c +++ b/src/lib/protocols/dns.c @@ -192,7 +192,6 @@ static uint32_t dns_validchar[8] = { static char* dns_error_code2string(u_int16_t error_code, char *buf, u_int buf_len) { switch(error_code) { - case 0: return((char*)"NOERROR"); case 1: return((char*)"FORMERR"); case 2: return((char*)"SERVFAIL"); case 3: return((char*)"NXDOMAIN"); diff --git a/src/lib/protocols/raknet.c b/src/lib/protocols/raknet.c index 49db3cc5576..e134f36680f 100644 --- a/src/lib/protocols/raknet.c +++ b/src/lib/protocols/raknet.c @@ -300,7 +300,6 @@ static void ndpi_search_raknet(struct ndpi_detection_module_struct *ndpi_struct, } return; } - break; case 0x09: /* Connection Request */ if (packet->payload_packet_len != 16) @@ -370,7 +369,6 @@ static void ndpi_search_raknet(struct ndpi_detection_module_struct *ndpi_struct, } return; } - break; case 0xfe: /* Game Packet */ required_packets = 8; diff --git a/src/lib/third_party/src/gcrypt_light.c b/src/lib/third_party/src/gcrypt_light.c index 5a4321e751e..b952fa695d1 100644 --- a/src/lib/third_party/src/gcrypt_light.c +++ b/src/lib/third_party/src/gcrypt_light.c @@ -176,7 +176,7 @@ gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle, struct gcry_cipher_hd *r = 0; size_t s_len = ROUND_SIZE8(sizeof(struct gcry_cipher_hd));; - if(flags || algo != GCRY_CIPHER_AES128 || !( mode == GCRY_CIPHER_MODE_ECB || mode == GCRY_CIPHER_MODE_GCM)) return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + if(flags || algo != GCRY_CIPHER_AES128) return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; switch(mode) { case GCRY_CIPHER_MODE_ECB: diff --git a/tests/cfgs/default/pcap/ossfuzz_seed_fake_traces_2.pcapng b/tests/cfgs/default/pcap/ossfuzz_seed_fake_traces_2.pcapng index 0ff58a50c57..deb318357be 100644 Binary files a/tests/cfgs/default/pcap/ossfuzz_seed_fake_traces_2.pcapng and b/tests/cfgs/default/pcap/ossfuzz_seed_fake_traces_2.pcapng differ diff --git a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out index 425c0c5aa24..60aff652942 100644 --- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out +++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out @@ -1,10 +1,10 @@ Guessed flow protos: 1 -DPI Packets (TCP): 12 (6.00 pkts/flow) +DPI Packets (TCP): 18 (6.00 pkts/flow) DPI Packets (UDP): 4 (2.00 pkts/flow) Confidence Match by port : 1 (flows) -Confidence DPI : 3 (flows) -Num dissector calls: 494 (123.50 diss/flow) +Confidence DPI : 4 (flows) +Num dissector calls: 613 (122.60 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) @@ -20,12 +20,14 @@ Automa risk mask: 0/0 (search/found) Automa common alpns: 0/0 (search/found) Patricia risk mask: 0/0 (search/found) Patricia risk: 0/0 (search/found) -Patricia protocols: 8/0 (search/found) +Patricia protocols: 10/0 (search/found) +PostgreSQL 10 689 1 Usenet 12 1099 2 WireGuard 4 592 2 - 1 TCP 172.26.235.166:55630 <-> 172.30.92.62:119 [proto: 93/Usenet][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Web/5][4 pkts/293 bytes <-> 2 pkts/264 bytes][Goodput ratio: 7/47][0.02 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 6/17 17/17 8/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 73/132 87/190 9/58][PLAIN TEXT (200 Leafnode NNTP Daemon)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 2 TCP 192.168.190.20:55630 <-> 192.168.190.5:119 [proto: 93/Usenet][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Web/5][4 pkts/278 bytes <-> 2 pkts/264 bytes][Goodput ratio: 2/47][0.02 sec][bytes ratio: 0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 6/17 17/17 8/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 70/132 74/190 4/58][PLAIN TEXT (200 Leafnode NNTP Daemon)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 3 UDP 10.9.0.1:43462 <-> 10.9.0.2:51820 [proto: 206/WireGuard][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 2][cat: VPN/2][1 pkts/190 bytes <-> 1 pkts/106 bytes][Goodput ratio: 77/60][0.00 sec][Plen Bins: 0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 4 UDP 10.147.205.42:43462 <-> 10.45.123.132:51820 [proto: 206/WireGuard][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: VPN/2][1 pkts/190 bytes <-> 1 pkts/106 bytes][Goodput ratio: 77/60][0.00 sec][Plen Bins: 0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 172.16.20.244:59038 <-> 172.16.20.75:5432 [proto: 19/PostgreSQL][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Database/11][6 pkts/416 bytes <-> 4 pkts/273 bytes][Goodput ratio: 2/0][0.02 sec][bytes ratio: 0.208 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/9 17/18 7/9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 69/68 78/74 5/3][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 172.26.235.166:55630 <-> 172.30.92.62:119 [proto: 93/Usenet][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Web/5][4 pkts/293 bytes <-> 2 pkts/264 bytes][Goodput ratio: 7/47][0.02 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 6/17 17/17 8/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 73/132 87/190 9/58][PLAIN TEXT (200 Leafnode NNTP Daemon)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 TCP 192.168.190.20:55630 <-> 192.168.190.5:119 [proto: 93/Usenet][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Web/5][4 pkts/278 bytes <-> 2 pkts/264 bytes][Goodput ratio: 2/47][0.02 sec][bytes ratio: 0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 6/17 17/17 8/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 70/132 74/190 4/58][PLAIN TEXT (200 Leafnode NNTP Daemon)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 4 UDP 10.9.0.1:43462 <-> 10.9.0.2:51820 [proto: 206/WireGuard][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 2][cat: VPN/2][1 pkts/190 bytes <-> 1 pkts/106 bytes][Goodput ratio: 77/60][0.00 sec][Plen Bins: 0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 5 UDP 10.147.205.42:43462 <-> 10.45.123.132:51820 [proto: 206/WireGuard][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: VPN/2][1 pkts/190 bytes <-> 1 pkts/106 bytes][Goodput ratio: 77/60][0.00 sec][Plen Bins: 0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/ossfuzz.sh b/tests/ossfuzz.sh index 37742b1656c..723c675e0ad 100644 --- a/tests/ossfuzz.sh +++ b/tests/ossfuzz.sh @@ -58,3 +58,5 @@ cp example/risky_domains.txt $OUT/ cp example/ja3_fingerprints.csv $OUT/ cp example/sha1_fingerprints.csv $OUT/ cp fuzz/ipv4_addresses.txt $OUT/ +cp fuzz/bd_param.txt $OUT/ +cp fuzz/splt_param.txt $OUT/