Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix some errors found by fuzzers #2078

Merged
merged 1 commit into from
Sep 10, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ EXTRA_DIST = README.md README.fuzzer.md CHANGELOG.md CONTRIBUTING.md \
python/requirements.txt python/setup.py python/tests.py \
lists/107_gambling.list \
lists/107_gambling_custom.list \
lists/README.md
lists/README.md \
sonar-project.properties .github .ci-ignore

doc:
Expand Down
26 changes: 13 additions & 13 deletions src/include/ndpi_typedefs.h
Original file line number Diff line number Diff line change
Expand Up @@ -625,6 +625,19 @@ struct ndpi_flow_input_info {
unsigned char seen_flow_beginning;
};

/* Save memory limiting the key to 56 bit */
//#define SAVE_BINARY_BITMAP_MEMORY

PACK_ON
struct ndpi_binary_bitmap_entry {
#ifdef SAVE_BINARY_BITMAP_MEMORY
u_int64_t value:56, category:8;
#else
u_int64_t value;
u_int8_t category;
#endif
} PACK_OFF;

/* ******************* ********************* ****************** */
/* ************************************************************ */

Expand Down Expand Up @@ -1180,19 +1193,6 @@ typedef void ndpi_bitmap;
typedef void ndpi_bitmap64;
typedef void ndpi_bitmap_iterator;
typedef void ndpi_filter;

/* Save memory limiting the key to 56 bit */
//#define SAVE_BINARY_BITMAP_MEMORY

PACK_ON
struct ndpi_binary_bitmap_entry {
#ifdef SAVE_BINARY_BITMAP_MEMORY
u_int64_t value:56, category:8;
#else
u_int64_t value;
u_int8_t category;
#endif
} PACK_OFF;

typedef struct {
u_int32_t num_allocated_entries, num_used_entries;
Expand Down
15 changes: 15 additions & 0 deletions src/lib/ndpi_bitmap64.c
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,9 @@ bool ndpi_bitmap64_compress(ndpi_bitmap64 *_b) {
ndpi_bitmap64_t *b = (ndpi_bitmap64_t*)_b;
u_int32_t i;

if(!b)
return(false);

if(b->num_used_entries > 0) {
if(b->num_used_entries > 1)
qsort(b->entries, b->num_used_entries,
Expand Down Expand Up @@ -122,6 +125,9 @@ bool ndpi_bitmap64_compress(ndpi_bitmap64 *_b) {
bool ndpi_bitmap64_set(ndpi_bitmap64 *_b, u_int64_t value) {
ndpi_bitmap64_t *b = (ndpi_bitmap64_t*)_b;

if(!b)
return(false);

if(b->is_compressed) {
/*
We need to discard the filter and start over as this
Expand Down Expand Up @@ -155,6 +161,9 @@ bool ndpi_bitmap64_set(ndpi_bitmap64 *_b, u_int64_t value) {
bool ndpi_bitmap64_isset(ndpi_bitmap64 *_b, u_int64_t value) {
ndpi_bitmap64_t *b = (ndpi_bitmap64_t*)_b;

if(!b)
return(false);

if(!b->is_compressed) ndpi_bitmap64_compress(b);

return(binary_fuse16_contain(value, &b->bitmap));
Expand All @@ -165,6 +174,9 @@ bool ndpi_bitmap64_isset(ndpi_bitmap64 *_b, u_int64_t value) {
void ndpi_bitmap64_free(ndpi_bitmap64 *_b) {
ndpi_bitmap64_t *b = (ndpi_bitmap64_t*)_b;

if(!b)
return;

if(b->entries) ndpi_free(b->entries);

if(b->is_compressed)
Expand All @@ -178,5 +190,8 @@ void ndpi_bitmap64_free(ndpi_bitmap64 *_b) {
u_int32_t ndpi_bitmap64_size(ndpi_bitmap64 *_b) {
ndpi_bitmap64_t *b = (ndpi_bitmap64_t*)_b;

if(!b)
return(0);

return(sizeof(ndpi_bitmap64) + binary_fuse16_size_in_bytes(&b->bitmap));
}
7 changes: 7 additions & 0 deletions src/lib/ndpi_domain_classify.c
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,9 @@ ndpi_domain_classify* ndpi_domain_classify_alloc() {
void ndpi_domain_classify_free(ndpi_domain_classify *s) {
u_int32_t i;

if(!s)
return;

for(i=0; i<MAX_NUM_NDPI_DOMAIN_CLASSIFICATIONS; i++) {
if(s->classes[i].domains != NULL) {
ndpi_bitmap64_free(s->classes[i].domains);
Expand Down Expand Up @@ -86,6 +89,8 @@ bool ndpi_domain_classify_add(ndpi_domain_classify *s,
} else if(s->classes[i].class_id == 0) {
s->classes[i].class_id = class_id;
s->classes[i].domains = ndpi_bitmap64_alloc();
if(!s->classes[i].domains)
s->classes[i].class_id = 0;
break;
}
}
Expand Down Expand Up @@ -113,6 +118,8 @@ u_int32_t ndpi_domain_classify_add_domains(ndpi_domain_classify *s,
} else if(s->classes[i].class_id == 0) {
s->classes[i].class_id = class_id;
s->classes[i].domains = ndpi_bitmap64_alloc();
if(!s->classes[i].domains)
s->classes[i].class_id = 0;
break;
}
}
Expand Down
16 changes: 14 additions & 2 deletions src/lib/ndpi_main.c
Original file line number Diff line number Diff line change
Expand Up @@ -2669,7 +2669,8 @@ void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct *

void set_ndpi_debug_function(struct ndpi_detection_module_struct *ndpi_str, ndpi_debug_function_ptr ndpi_debug_printf) {
#ifdef NDPI_ENABLE_DEBUG_MESSAGES
ndpi_str->ndpi_debug_printf = ndpi_debug_printf;
if(ndpi_str)
ndpi_str->ndpi_debug_printf = ndpi_debug_printf;
#endif
}

Expand Down Expand Up @@ -3002,7 +3003,15 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs
ac_automata_name(ndpi_str->custom_categories.hostnames_shadow.ac_automa, "ccat_sh", 0);
#else
ndpi_str->custom_categories.sc_hostnames = ndpi_domain_classify_alloc();
if(!ndpi_str->custom_categories.sc_hostnames) {
ndpi_exit_detection_module(ndpi_str);
return(NULL);
}
ndpi_str->custom_categories.sc_hostnames_shadow = ndpi_domain_classify_alloc();
if(!ndpi_str->custom_categories.sc_hostnames_shadow) {
ndpi_exit_detection_module(ndpi_str);
return(NULL);
}
#endif

ndpi_str->custom_categories.ipAddresses = ndpi_patricia_new(32 /* IPv4 */);
Expand Down Expand Up @@ -3407,7 +3416,7 @@ int ndpi_match_custom_category(struct ndpi_detection_module_struct *ndpi_str,
u_int max_len = sizeof(buf)-1;

if(name_len > max_len) name_len = max_len;
strncpy(buf, name, name_len);
memcpy(buf, name, name_len);
buf[name_len] = '\0';

if(ndpi_domain_classify_contains(ndpi_str->custom_categories.sc_hostnames,
Expand Down Expand Up @@ -6887,6 +6896,9 @@ int ndpi_load_hostname_category(struct ndpi_detection_module_struct *ndpi_str,
(AC_AUTOMATA_t *)ndpi_str->custom_categories.hostnames_shadow.ac_automa,
name_to_add,category,category, 0, 0, 1); /* at_end */
#else
if(ndpi_str->custom_categories.sc_hostnames_shadow == NULL)
return(-1);

return(ndpi_domain_classify_add(ndpi_str->custom_categories.sc_hostnames_shadow,
(u_int16_t)category, (char*)name_to_add) ? 0 : -1);
#endif
Expand Down
2 changes: 1 addition & 1 deletion src/lib/protocols/dns.c
Original file line number Diff line number Diff line change
Expand Up @@ -772,7 +772,7 @@ static void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, st

dot = strchr(_hostname, '.');
if(dot) {
unsigned long first_element_len = (unsigned long)dot - (unsigned long)_hostname;
uintptr_t first_element_len = dot - _hostname;

if(first_element_len > 32) {
/*
Expand Down
6 changes: 3 additions & 3 deletions src/lib/third_party/include/binaryfusefilter.h
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ static inline uint32_t binary_fuse8_hash(int index, uint64_t hash,
uint64_t h = binary_fuse_mulhi(hash, filter->SegmentCountLength);
h += index * filter->SegmentLength;
// keep the lower 36 bits
uint64_t hh = hash & ((1UL << 36) - 1);
uint64_t hh = hash & ((1ULL << 36) - 1);
// index 0: right shift by 36; index 1: right shift by 18; index 2: no shift
h ^= (size_t)((hh >> (36 - 18 * index)) & filter->SegmentLengthMask);
return h;
Expand Down Expand Up @@ -477,7 +477,7 @@ static inline uint32_t binary_fuse16_hash(int index, uint64_t hash,
uint64_t h = binary_fuse_mulhi(hash, filter->SegmentCountLength);
h += index * filter->SegmentLength;
// keep the lower 36 bits
uint64_t hh = hash & ((1UL << 36) - 1);
uint64_t hh = hash & ((1ULL << 36) - 1);
// index 0: right shift by 36; index 1: right shift by 18; index 2: no shift
h ^= (size_t)((hh >> (36 - 18 * index)) & filter->SegmentLengthMask);
return h;
Expand Down Expand Up @@ -522,7 +522,7 @@ static inline bool binary_fuse16_allocate(uint32_t size,
filter->ArrayLength =
(filter->SegmentCount + arity - 1) * filter->SegmentLength;
filter->SegmentCountLength = filter->SegmentCount * filter->SegmentLength;
filter->Fingerprints = (uint16_t*)ndpi_malloc(filter->ArrayLength * sizeof(uint16_t));
filter->Fingerprints = (uint16_t*)ndpi_calloc(filter->ArrayLength, sizeof(uint16_t));
return filter->Fingerprints != NULL;
}

Expand Down
Binary file modified tests/cfgs/default/pcap/bets.pcapng
Binary file not shown.
Binary file modified tests/cfgs/default/pcap/opera-vpn.pcapng
Binary file not shown.
30 changes: 30 additions & 0 deletions tests/cfgs/default/result/dns2tcp_tunnel.pcap.out
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
Guessed flow protos: 0

DPI Packets (TCP): 6 (6.00 pkts/flow)
Confidence DPI : 1 (flows)
Num dissector calls: 1 (1.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache zoom: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/2/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache stun_zoom: 0/0/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 2/2 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia protocols: 2/0 (search/found)

TLS 50 8960 1

JA3 Host Stats:
IP Address # JA3C
1 192.168.20.211 1


1 TCP 192.168.20.211:44404 <-> 1.1.1.1:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][22 pkts/2595 bytes <-> 28 pkts/6365 bytes][Goodput ratio: 52/74][8.11 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.421 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 289/346 3093/3078 792/900][Pkt Len c2s/s2c min/avg/max/stddev: 56/62 118/227 317/1644 68/386][Risk: ** Missing SNI TLS Extn **** ALPN/SNI Mismatch **][Risk Score: 100][TLSv1.3][JA3C: 547df21d727c7b3a5dcb59aa0fd97c2c][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 26,0,11,26,0,3,14,0,7,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,3]
6 changes: 5 additions & 1 deletion windows/nDPI.vcxproj
Original file line number Diff line number Diff line change
Expand Up @@ -126,13 +126,16 @@
<ClCompile Include="..\src\lib\ndpi_bitmap.c" />
<ClCompile Include="..\src\lib\ndpi_classify.c" />
<ClCompile Include="..\src\lib\ndpi_community_id.c" />
<ClCompile Include="..\src\lib\ndpi_domain_classify.c" />
<ClCompile Include="..\src\lib\ndpi_geoip.c" />
<ClCompile Include="..\src\lib\ndpi_main.c" />
<ClCompile Include="..\src\lib\ndpi_filter.c" />
<ClCompile Include="..\src\lib\ndpi_memory.c" />
<ClCompile Include="..\src\lib\ndpi_serializer.c" />
<ClCompile Include="..\src\lib\ndpi_utils.c" />
<ClCompile Include="..\src\lib\ndpi_binary_bitmap.c" />
<ClCompile Include="..\src\lib\ndpi_hash.c" />
<ClCompile Include="..\src\lib\ndpi_domain_classify.c" />
<ClCompile Include="..\src\lib\ndpi_bitmap64.c" />
<ClCompile Include="..\src\lib\protocols\activision.c" />
<ClCompile Include="..\src\lib\protocols\afp.c" />
<ClCompile Include="..\src\lib\protocols\ajp.c" />
Expand Down Expand Up @@ -377,6 +380,7 @@
</ClInclude>
<ClInclude Include="src\ndpi_config.h" />
<ClInclude Include="src\ndpi_define.h" />
<ClInclude Include="src\dirent.h" />
</ItemGroup>
<ItemGroup>
<None Include="..\.github\workflows\build-msbuild.yml" />
Expand Down
5 changes: 5 additions & 0 deletions windows/nDPI.vcxproj.filters
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,10 @@
<ClCompile Include="..\src\lib\ndpi_memory.c" />
<ClCompile Include="..\src\lib\ndpi_serializer.c" />
<ClCompile Include="..\src\lib\ndpi_utils.c" />
<ClCompile Include="..\src\lib\ndpi_binary_bitmap.c" />
<ClCompile Include="..\src\lib\ndpi_hash.c" />
<ClCompile Include="..\src\lib\ndpi_domain_classify.c" />
<ClCompile Include="..\src\lib\ndpi_bitmap64.c" />
<ClCompile Include="..\src\lib\protocols\ajp.c" />
<ClCompile Include="..\src\lib\protocols\amazon_video.c" />
<ClCompile Include="..\src\lib\protocols\among_us.c" />
Expand Down Expand Up @@ -245,6 +249,7 @@
<ClInclude Include="..\src\include\ndpi_win32.h" />
<ClInclude Include="arpa\inet.h" />
<ClInclude Include="src\getopt.h" />
<ClInclude Include="src\dirent.h" />
<ClInclude Include="..\src\include\ndpi_encryption.h" />
<ClInclude Include="..\src\include\ndpi_main.h" />
<ClInclude Include="..\src\include\ndpi_utils.h" />
Expand Down
Loading
Loading