Skip to content

Commit

Permalink
Fix for #249 (not sure is enough)
Browse files Browse the repository at this point in the history
  • Loading branch information
@lucaderi
lucaderi committed Sep 27, 2016
1 parent 1f807a1 commit 67ac0b4
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 7 deletions.
2 changes: 1 addition & 1 deletion example/ndpiReader.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1080,7 +1080,7 @@ static void configurePcapHandle(pcap_t * pcap_handle) {
*/
static pcap_t * openPcapFileOrDevice(u_int16_t thread_id, const u_char * pcap_file) {

u_int snaplen = 65535;
u_int snaplen = 1536;
int promisc = 1;
char pcap_error_buffer[PCAP_ERRBUF_SIZE];
pcap_t * pcap_handle = NULL;
Expand Down
9 changes: 3 additions & 6 deletions src/lib/ndpi_main.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3711,7 +3711,7 @@ void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struc
packet->line[packet->parsed_lines].ptr = packet->payload;
packet->line[packet->parsed_lines].len = 0;

for(a = 0; a < end; a++) {
for(a = 0; a < end-1 /* This because get_u_int16_t(packet->payload, a) reads 2 bytes */; a++) {
if(get_u_int16_t(packet->payload, a) == ntohs(0x0d0a)) {
packet->line[packet->parsed_lines].len = (u_int16_t)(((unsigned long) &packet->payload[a]) - ((unsigned long) packet->line[packet->parsed_lines].ptr));

Expand Down Expand Up @@ -3764,10 +3764,8 @@ void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struc
}

if(packet->line[packet->parsed_lines].len > 14
&&
(memcmp
(packet->line[packet->parsed_lines].ptr, "Content-Type: ",
14) == 0 || memcmp(packet->line[packet->parsed_lines].ptr, "Content-type: ", 14) == 0)) {
&& (memcmp(packet->line[packet->parsed_lines].ptr, "Content-Type: ", 14) == 0
|| memcmp(packet->line[packet->parsed_lines].ptr, "Content-type: ", 14) == 0)) {
packet->content_line.ptr = &packet->line[packet->parsed_lines].ptr[14];
packet->content_line.len = packet->line[packet->parsed_lines].len - 14;
}
Expand Down Expand Up @@ -3845,7 +3843,6 @@ void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struc
packet->line[packet->parsed_lines].len = 0;

if((a + 2) >= packet->payload_packet_len) {

return;
}
a++;
Expand Down

2 comments on commit 67ac0b4

@kYroL01
Copy link
Contributor

@kYroL01 kYroL01 commented on 67ac0b4 Sep 27, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@lucaderi I see that this cause a sigfault for other pcaps (i.e. starcraft).

Why can't we define a as u_int16_t instead u_int32_t ? Because we need to check 2 bytes, and then initialization of packet len is u_int16_t payload_packet_len;

I don't know if the thinking is correct.

@lucaderi
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See a0a8c02 and the crash is gone.

Please sign in to comment.