Fixed buffer overflows with safe str search

1. Detected a lot of memory errors using address sanitizer
and ndpi-scapy tool.

2. Added ndpi_match_prefix function that compares strings
with taking care of payload packet len. Almost drop-in
replacement for match_first_bytes function.

3. Replaced unsafe match_first_bytes usage with a ndpi_match_prefix
and additional length checks.

src/include/ndpi_main.h

@@ -32,6 +32,9 @@
 #include "ndpi_protocols.h"
 #include "ndpi_api.h"
 
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 void *ndpi_tdelete(const void * __restrict, void ** __restrict,
 		   int (*)(const void *, const void *));
@@ -107,4 +110,19 @@ void ndpi_debug_get_last_log_function_line(struct ndpi_detection_module_struct *
 					   const char **file, const char **func, u_int32_t * line);
 #endif
 
+/** Checks when the @p payload starts with the string literal @p str.
+* When the string is larger than the payload, check fails.
+* @return non-zero if check succeeded
+*/
+int ndpi_match_prefix(const u_int8_t *payload, size_t payload_len,
+                           const char *str, size_t str_len);
+
+/* version of ndpi_match_prefix with string literal */
+#define ndpi_match_strprefix(payload, payload_len, str) \
+  ndpi_match_prefix((payload), (payload_len), (str), (sizeof(str)-1))
+
+#ifdef __cplusplus
+}
+#endif
+
 #endif	/* __NDPI_MAIN_H__ */