vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-03 09:20:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Fixed buffer overflows with safe str search

Browse source 
1. Detected a lot of memory errors using address sanitizer
and ndpi-scapy tool.

2. Added ndpi_match_prefix function that compares strings
with taking care of payload packet len. Almost drop-in
replacement for match_first_bytes function.

3. Replaced unsafe match_first_bytes usage with a ndpi_match_prefix
and additional length checks.
This commit is contained in:
theirix 2016-04-12 22:08:30 +03:00
parent 5a37ee9976
commit fb3fc0c6de
10 changed files with 309 additions and 279 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/lib/protocols/rtp.c
View file

@ -73,6 +73,8 @@ static void ndpi_rtp_search(struct ndpi_detection_module_struct *ndpi_struct,
struct ndpi_flow_struct *flow,
const u_int8_t * payload, const u_int16_t payload_len)
{
if (payload_len < 2)
return;
//struct ndpi_packet_struct *packet = &flow->packet;
u_int8_t payloadType, payload_type = payload[1] & 0x7F;
u_int32_t *ssid = (u_int32_t*)&payload[8];