vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-22 02:38:59 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fixes broken DNS qry/rsp dissection

Browse source
This commit is contained in:
Simone Mainardi 2019-12-20 14:56:41 +01:00
parent c6c6c46132
commit 77960010fe
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/Flow.cpp
View file

@ -2901,9 +2901,17 @@ void Flow::dissectBittorrent(char *payload, u_int16_t payload_len) {
/* *************************************** */
void Flow::dissectDNS(bool src2dst_direction, char *payload, u_int16_t payload_len) {
if(isDNSQuery())
struct ndpi_dns_packet_header dns_header;
u_int8_t payload_offset = get_protocol() == IPPROTO_UDP ? 0 : 2;
if(payload_len + payload_offset < sizeof(dns_header))
return;
memcpy(&dns_header, &payload[payload_offset], sizeof(dns_header));
if((dns_header.flags & 0x8000) == 0x0000)
stats.incDNSQuery(getLastQueryType());
else
else if((dns_header.flags & 0x8000) == 0x8000)
stats.incDNSResp(getDNSRetCode());
}