diff options
6 files changed, 419 insertions, 0 deletions
diff --git a/net-libs/nDPI/files/nDPI-3.2-0000-Check-NULL-strings-in-ndpi_serialize_string_string.patch b/net-libs/nDPI/files/nDPI-3.2-0000-Check-NULL-strings-in-ndpi_serialize_string_string.patch new file mode 100644 index 000000000000..db26330d699f --- /dev/null +++ b/net-libs/nDPI/files/nDPI-3.2-0000-Check-NULL-strings-in-ndpi_serialize_string_string.patch @@ -0,0 +1,23 @@ +From 15bb7ae4339cc2a4a626a52fcf49abfb1d237d65 Mon Sep 17 00:00:00 2001 +From: Alfredo Cardigliano <alfredo.cardigliano@gmail.com> +Date: Wed, 26 Feb 2020 09:55:24 +0100 +Subject: [PATCH] Check NULL strings in ndpi_serialize_string_string + +--- + src/lib/ndpi_serializer.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/lib/ndpi_serializer.c b/src/lib/ndpi_serializer.c +index 05b346bb..9a3cd0bd 100644 +--- a/src/lib/ndpi_serializer.c ++++ b/src/lib/ndpi_serializer.c +@@ -1270,7 +1270,8 @@ int ndpi_serialize_string_binary(ndpi_serializer *_serializer, + /* Key is a string, value is a string (strlen is used to compute the len) */ + int ndpi_serialize_string_string(ndpi_serializer *_serializer, + const char *key, const char *_value) { +- return(ndpi_serialize_binary_binary(_serializer, key, strlen(key), _value, strlen(_value))); ++ const char *value = _value ? _value : ""; ++ return(ndpi_serialize_binary_binary(_serializer, key, strlen(key), value, strlen(value))); + } + + /* ********************************** */ diff --git a/net-libs/nDPI/files/nDPI-3.2-0001-Added-fix-for-serialization-loop.patch b/net-libs/nDPI/files/nDPI-3.2-0001-Added-fix-for-serialization-loop.patch new file mode 100644 index 000000000000..c2fbf28383fa --- /dev/null +++ b/net-libs/nDPI/files/nDPI-3.2-0001-Added-fix-for-serialization-loop.patch @@ -0,0 +1,28 @@ +From 7b2f89ef25eafdd76e8b540f1d8ba1fdec185ef9 Mon Sep 17 00:00:00 2001 +From: Luca Deri <deri@ntop.org> +Date: Fri, 20 Mar 2020 18:05:52 +0100 +Subject: [PATCH] Added fix for serialization loop + +--- + src/lib/ndpi_serializer.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/lib/ndpi_serializer.c b/src/lib/ndpi_serializer.c +index 9a3cd0bd..80221005 100644 +--- a/src/lib/ndpi_serializer.c ++++ b/src/lib/ndpi_serializer.c +@@ -1054,8 +1054,12 @@ int ndpi_serialize_string_uint32_format(ndpi_serializer *_serializer, + */ + + return(ndpi_serialize_string_uint32(_serializer, key, value)); +- } else +- return(ndpi_serialize_string_uint32_format(_serializer, key, value, format)); ++ } else { ++ char buf[16]; ++ ++ snprintf(buf, sizeof(buf), format, value); ++ return(ndpi_serialize_string_string(_serializer, key, buf)); ++ } + } + + /* ********************************** */ diff --git a/net-libs/nDPI/files/nDPI-3.2-0002-Refresh-of-ndpi_netbios_name_interpret.patch b/net-libs/nDPI/files/nDPI-3.2-0002-Refresh-of-ndpi_netbios_name_interpret.patch new file mode 100644 index 000000000000..69aa892d2d11 --- /dev/null +++ b/net-libs/nDPI/files/nDPI-3.2-0002-Refresh-of-ndpi_netbios_name_interpret.patch @@ -0,0 +1,74 @@ +From e4512dbcb9e1db0500290b712257e501d1440d71 Mon Sep 17 00:00:00 2001 +From: Luca Deri <deri@ntop.org> +Date: Tue, 24 Mar 2020 12:18:15 +0100 +Subject: [PATCH] Refresh of ndpi_netbios_name_interpret + +--- + src/include/ndpi_main.h | 2 +- + src/lib/protocols/netbios.c | 15 +++++++-------- + 2 files changed, 8 insertions(+), 9 deletions(-) + +diff --git a/src/include/ndpi_main.h b/src/include/ndpi_main.h +index c909adc7..9335f215 100644 +--- a/src/include/ndpi_main.h ++++ b/src/include/ndpi_main.h +@@ -132,7 +132,7 @@ extern "C" { + u_int16_t** tcp_master_proto, + u_int16_t** udp_master_proto); + #/* NDPI_PROTOCOL_NETBIOS */ +- int ndpi_netbios_name_interpret(char *in, char *out, u_int out_len); ++ int ndpi_netbios_name_interpret(char *in, size_t inlen, char *out, u_int out_len); + + #ifdef NDPI_ENABLE_DEBUG_MESSAGES + void ndpi_debug_get_last_log_function_line(struct ndpi_detection_module_struct *ndpi_struct, +diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c +index 19cffeb8..1c65b185 100644 +--- a/src/lib/protocols/netbios.c ++++ b/src/lib/protocols/netbios.c +@@ -35,17 +35,17 @@ struct netbios_header { + }; + + /* The function below has been inherited by tcpdump */ +-int ndpi_netbios_name_interpret(char *in, char *out, u_int out_len) { ++int ndpi_netbios_name_interpret(char *in, size_t inlen, char *out, u_int out_len) { + int ret = 0, len; + char *b; +- ++ + len = (*in++)/2; + b = out; + *out = 0; + +- if(len > (out_len-1) || len < 1) +- return(-1); +- ++ if(len > (out_len-1) || len < 1 || 2*len > inlen) ++ return(-1); ++ + while (len--) { + if(in[0] < 'A' || in[0] > 'P' || in[1] < 'A' || in[1] > 'P') { + *out = 0; +@@ -53,7 +53,7 @@ int ndpi_netbios_name_interpret(char *in, char *out, u_int out_len) { + } + + *out = ((in[0]-'A')<<4) + (in[1]-'A'); +- ++ + in += 2; + + if(isprint(*out)) +@@ -69,13 +69,12 @@ int ndpi_netbios_name_interpret(char *in, char *out, u_int out_len) { + return(ret); + } + +- + static void ndpi_int_netbios_add_connection(struct ndpi_detection_module_struct + *ndpi_struct, struct ndpi_flow_struct *flow) { + char name[64]; + u_int off = flow->packet.payload[12] == 0x20 ? 12 : 14; + +- if(ndpi_netbios_name_interpret((char*)&flow->packet.payload[off], name, sizeof(name)) > 0) ++ if(ndpi_netbios_name_interpret((char*)&flow->packet.payload[off], flow->packet.payload_packet_len - off, name, sizeof(name)) > 0) + snprintf((char*)flow->host_server_name, sizeof(flow->host_server_name)-1, "%s", name); + + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_NETBIOS, NDPI_PROTOCOL_UNKNOWN); diff --git a/net-libs/nDPI/files/nDPI-3.2-0003-Fixed-invalid-allocation.patch b/net-libs/nDPI/files/nDPI-3.2-0003-Fixed-invalid-allocation.patch new file mode 100644 index 000000000000..ba8353eef98f --- /dev/null +++ b/net-libs/nDPI/files/nDPI-3.2-0003-Fixed-invalid-allocation.patch @@ -0,0 +1,22 @@ +From cd4f8051ddfd1bae53393174462c823cf5e15ec0 Mon Sep 17 00:00:00 2001 +From: Luca Deri <deri@ntop.org> +Date: Tue, 24 Mar 2020 13:39:12 +0100 +Subject: [PATCH] Fixed invalid allocation + +--- + src/lib/protocols/ssh.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/lib/protocols/ssh.c b/src/lib/protocols/ssh.c +index f3b50b60..6813b2a9 100644 +--- a/src/lib/protocols/ssh.c ++++ b/src/lib/protocols/ssh.c +@@ -294,7 +294,7 @@ static void ndpi_search_ssh_tcp(struct ndpi_detection_module_struct *ndpi_struct + ndpi_MD5_CTX ctx; + + if(msgcode == 20 /* key exchange init */) { +- char *hassh_buf = calloc(packet->payload_packet_len, sizeof(char)); ++ char *hassh_buf = ndpi_calloc(packet->payload_packet_len, sizeof(char)); + u_int i, len; + + #ifdef SSH_DEBUG diff --git a/net-libs/nDPI/files/nDPI-3.2-0004-Fix-for-serialization-of-strings-where-the-first-element-is-a-zero-le.patch b/net-libs/nDPI/files/nDPI-3.2-0004-Fix-for-serialization-of-strings-where-the-first-element-is-a-zero-le.patch new file mode 100644 index 000000000000..04f264d52ddd --- /dev/null +++ b/net-libs/nDPI/files/nDPI-3.2-0004-Fix-for-serialization-of-strings-where-the-first-element-is-a-zero-le.patch @@ -0,0 +1,208 @@ +From 60e3ac6b39cb25c974785b8ccc49edaae458a891 Mon Sep 17 00:00:00 2001 +From: Luca Deri <deri@ntop.org> +Date: Fri, 3 Apr 2020 15:31:23 +0200 +Subject: [PATCH] Fix for serialization of strings where the first element is a + zero len string + +--- + src/include/ndpi_typedefs.h | 10 ++++++---- + src/lib/ndpi_serializer.c | 36 +++++++++++++++++++++++++++++++----- + 2 files changed, 37 insertions(+), 9 deletions(-) + +diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h +index 98b8ccf8..2c513e26 100644 +--- a/src/include/ndpi_typedefs.h ++++ b/src/include/ndpi_typedefs.h +@@ -1446,10 +1446,12 @@ typedef enum { + #define NDPI_SERIALIZER_DEFAULT_BUFFER_SIZE 8192 + #define NDPI_SERIALIZER_DEFAULT_BUFFER_INCR 1024 + +-#define NDPI_SERIALIZER_STATUS_COMMA (1 << 0) +-#define NDPI_SERIALIZER_STATUS_ARRAY (1 << 1) +-#define NDPI_SERIALIZER_STATUS_EOR (1 << 2) +-#define NDPI_SERIALIZER_STATUS_SOB (1 << 3) ++#define NDPI_SERIALIZER_STATUS_COMMA (1 << 0) ++#define NDPI_SERIALIZER_STATUS_ARRAY (1 << 1) ++#define NDPI_SERIALIZER_STATUS_EOR (1 << 2) ++#define NDPI_SERIALIZER_STATUS_SOB (1 << 3) ++#define NDPI_SERIALIZER_STATUS_NOT_EMPTY (1 << 4) ++ + + typedef struct { + u_int32_t flags; +diff --git a/src/lib/ndpi_serializer.c b/src/lib/ndpi_serializer.c +index 80221005..57c61604 100644 +--- a/src/lib/ndpi_serializer.c ++++ b/src/lib/ndpi_serializer.c +@@ -43,6 +43,14 @@ + + /* ********************************** */ + ++static u_int8_t ndpi_serialize_is_not_empty(ndpi_serializer *_serializer) { ++ ndpi_private_serializer *serializer = (ndpi_private_serializer*)_serializer; ++ ++ return(((serializer->status.flags & NDPI_SERIALIZER_STATUS_NOT_EMPTY) == NDPI_SERIALIZER_STATUS_NOT_EMPTY) ? 1 : 0); ++} ++ ++/* ********************************** */ ++ + static u_int64_t ndpi_htonll(u_int64_t v) { + union { u_int32_t lv[2]; u_int64_t llv; } u; + +@@ -442,14 +450,17 @@ int ndpi_serialize_end_of_record(ndpi_serializer *_serializer) { + if(!(serializer->status.flags & NDPI_SERIALIZER_STATUS_ARRAY)) { + serializer->buffer[0] = '['; + serializer->status.size_used += snprintf((char *) &serializer->buffer[serializer->status.size_used], +- buff_diff, "]"); ++ buff_diff, "]"); + } ++ + serializer->status.flags |= NDPI_SERIALIZER_STATUS_ARRAY | NDPI_SERIALIZER_STATUS_EOR; + serializer->status.flags &= ~NDPI_SERIALIZER_STATUS_COMMA; + } else { + serializer->buffer[serializer->status.size_used++] = ndpi_serialization_end_of_record; + } + ++ serializer->status.flags &= ~NDPI_SERIALIZER_STATUS_NOT_EMPTY; ++ + return(0); + } + +@@ -556,6 +567,7 @@ int ndpi_serialize_uint32_uint32(ndpi_serializer *_serializer, + serializer->buffer[type_offset] = type; + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -607,6 +619,7 @@ int ndpi_serialize_uint32_uint64(ndpi_serializer *_serializer, + } + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -660,6 +673,7 @@ int ndpi_serialize_uint32_int32(ndpi_serializer *_serializer, + serializer->buffer[type_offset] = type; + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -713,6 +727,7 @@ int ndpi_serialize_uint32_int64(ndpi_serializer *_serializer, + } + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -761,6 +776,7 @@ int ndpi_serialize_uint32_float(ndpi_serializer *_serializer, + serializer->buffer[type_offset] = type; + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -811,6 +827,7 @@ static int ndpi_serialize_uint32_binary(ndpi_serializer *_serializer, + serializer->buffer[type_offset] = type; + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -851,6 +868,7 @@ int ndpi_serialize_uint32_boolean(ndpi_serializer *_serializer, + value ? "true" : "false"); + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -908,6 +926,8 @@ static int ndpi_serialize_binary_int32(ndpi_serializer *_serializer, + } + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; ++ + return(0); + } + +@@ -967,6 +987,7 @@ int ndpi_serialize_binary_int64(ndpi_serializer *_serializer, + } + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -1030,6 +1051,7 @@ static int ndpi_serialize_binary_uint32(ndpi_serializer *_serializer, + } + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -1056,7 +1078,7 @@ int ndpi_serialize_string_uint32_format(ndpi_serializer *_serializer, + return(ndpi_serialize_string_uint32(_serializer, key, value)); + } else { + char buf[16]; +- ++ + snprintf(buf, sizeof(buf), format, value); + return(ndpi_serialize_string_string(_serializer, key, buf)); + } +@@ -1111,6 +1133,7 @@ static int ndpi_serialize_binary_uint64(ndpi_serializer *_serializer, + } + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -1174,6 +1197,7 @@ static int ndpi_serialize_binary_float(ndpi_serializer *_serializer, + ndpi_serialize_single_float(serializer, value); + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -1232,8 +1256,8 @@ static int ndpi_serialize_binary_raw(ndpi_serializer *_serializer, + ndpi_serialize_json_post(_serializer); + } else if(serializer->fmt == ndpi_serialization_format_csv) { + serializer->status.size_used += snprintf((char *) &serializer->buffer[serializer->status.size_used], buff_diff, +- "%s%s", (serializer->status.size_used > 0) ? serializer->csv_separator : "", +- value); ++ "%s%s", ndpi_serialize_is_not_empty(_serializer) ? serializer->csv_separator : "", ++ value); + } else { + serializer->buffer[serializer->status.size_used++] = (ndpi_serialization_string << 4) | ndpi_serialization_string; + +@@ -1241,6 +1265,7 @@ static int ndpi_serialize_binary_raw(ndpi_serializer *_serializer, + ndpi_serialize_single_string(serializer, value, vlen); + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + +@@ -1320,10 +1345,11 @@ int ndpi_serialize_string_boolean(ndpi_serializer *_serializer, + ndpi_serialize_json_post(_serializer); + } else if(serializer->fmt == ndpi_serialization_format_csv) { + serializer->status.size_used += snprintf((char *) &serializer->buffer[serializer->status.size_used], buff_diff, +- "%s%s", (serializer->status.size_used > 0) ? serializer->csv_separator : "", ++ "%s%s", ndpi_serialize_is_not_empty(_serializer) ? serializer->csv_separator : "", + value ? "true" : "false"); + } + ++ serializer->status.flags |= NDPI_SERIALIZER_STATUS_NOT_EMPTY; + return(0); + } + diff --git a/net-libs/nDPI/nDPI-3.2-r1.ebuild b/net-libs/nDPI/nDPI-3.2-r1.ebuild new file mode 100644 index 000000000000..a83b9c1dce9c --- /dev/null +++ b/net-libs/nDPI/nDPI-3.2-r1.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit autotools multilib + +DESCRIPTION="Open Source Deep Packet Inspection Software Toolkit" +HOMEPAGE="https://www.ntop.org/" +SRC_URI="https://github.com/ntop/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0/$(ver_cut 1)" +KEYWORDS="~amd64 ~x86" +IUSE="static-libs" + +DEPEND=" + dev-libs/json-c:= + net-libs/libpcap +" +RDEPEND=" + ${DEPEND} +" +PATCHES=( + "${FILESDIR}"/${PN}-3.2-0000-Check-NULL-strings-in-ndpi_serialize_string_string.patch + "${FILESDIR}"/${PN}-3.2-0001-Added-fix-for-serialization-loop.patch + "${FILESDIR}"/${PN}-3.2-0002-Refresh-of-ndpi_netbios_name_interpret.patch + "${FILESDIR}"/${PN}-3.2-0003-Fixed-invalid-allocation.patch + "${FILESDIR}"/${PN}-3.2-0004-Fix-for-serialization-of-strings-where-the-first-element-is-a-zero-le.patch +) + +src_prepare() { + eval $(grep '^NDPI_MAJOR=' autogen.sh) + eval $(grep '^NDPI_MINOR=' autogen.sh) + eval $(grep '^NDPI_PATCH=' autogen.sh) + NDPI_VERSION_SHORT="${NDPI_MAJOR}.${NDPI_MINOR}.${NDPI_PATCH}" + + sed \ + -e "s/@NDPI_MAJOR@/${NDPI_MAJOR}/g" \ + -e "s/@NDPI_MINOR@/${NDPI_MINOR}/g" \ + -e "s/@NDPI_PATCH@/${NDPI_PATCH}/g" \ + -e "s/@NDPI_VERSION_SHORT@/${NDPI_VERSION_SHORT}/g" \ + < "${S}/configure.seed" \ + > "${S}/configure.ac" || die + + sed -i \ + -e "s%^libdir\s*=\s*\${prefix}/lib\s*$%libdir = \${prefix}/$(get_libdir)%" \ + src/lib/Makefile.in || die + + default + eautoreconf + + # Taken from autogen.sh (bug #704074): + sed -i \ + -e "s/#define PACKAGE/#define NDPI_PACKAGE/g" \ + -e "s/#define VERSION/#define NDPI_VERSION/g" \ + configure || die +} + +src_install() { + default + if ! use static-libs; then + rm "${D}"/usr/$(get_libdir)/lib${PN,,}.a || die + fi +} |