rpm/ndpi
SHA256
1
0
Fork 0
forked from pool/ndpi
Code Pull Requests Activity
factory
ndpi/0003-Firs-crash-on-ARM-during-steam-protocol-dissection.patch
Dirk Stoecker 85c6ff090c Accepting request 913748 from home:mnhauke:monitoring 
- Update to version 4.0
  New Features
  * Add API for computing RSI (Relative Strenght Index)
  * Add GeoIP support
  * Add fragments management
  * Add API for jitter calculation
  * Add single exponential smoothing API
  * Add timeseries forecasting support implementing Holt-Winters
    with confidence interval
  * Add support for MAC to radi tree and expose the full API to
    applications
  * Add JA3+, with ALPN and elliptic curve
  * Add double exponential smoothing implementation
  * Extended API for managing flow risks
  * Add flow risk score
  * New flow risks:
    + Desktop or File Sharing Session
    + HTTP suspicious content (useful for tracking trickbot)
    + Malicious JA3
    + Malicious SHA1
    + Risky domain
    + Risky AS
    + TLS Certificate Validity Too Long
    + TLS Suspicious Extension
  New Supported Protocols and Services
  * New protocols:
    + AmongUs
    + AVAST SecureDNS
    + CPHA (CheckPoint High Availability Protocol)
    + DisneyPlus

OBS-URL: https://build.opensuse.org/request/show/913748
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/ndpi?expand=0&rev=23
2021-08-24 12:10:43 +00:00

44 lines
1.5 KiB
Diff
Raw Permalink Blame History

From 817c00b65ab4d0bf78927e494227ac5308417f91 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Wed, 18 Aug 2021 11:33:33 +0200
Subject: [PATCH 3/3] Firs crash on ARM during steam protocol dissection
---
src/lib/protocols/steam.c | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
diff --git a/src/lib/protocols/steam.c b/src/lib/protocols/steam.c
index 8cd3ec41..53bbfc6a 100644
--- a/src/lib/protocols/steam.c
+++ b/src/lib/protocols/steam.c
@@ -114,14 +114,19 @@ static void ndpi_check_steam_udp1(struct ndpi_detection_module_struct *ndpi_stru
}
/* Check for Steam Datagram Relay (SDR) packets. */
- if (payload_len > 8 &&
- ndpi_ntohll(get_u_int64_t(packet->payload, 0)) == 0x0101736470696e67 /* "\x01\x01sdping" */)
- {
- NDPI_LOG_INFO(ndpi_struct, "found STEAM (Steam Datagram Relay)\n");
- ndpi_int_steam_add_connection(ndpi_struct, flow);
- return;
- }
+ if (payload_len > 8) {
+ u_int64_t n;
+ /* Necessary as simple cast crashes on ARM */
+ memcpy(&n, packet->payload, sizeof(u_int64_t));
+
+ if(ndpi_ntohll(n) == 0x0101736470696e67 /* "\x01\x01sdping" */) {
+ NDPI_LOG_INFO(ndpi_struct, "found STEAM (Steam Datagram Relay)\n");
+ ndpi_int_steam_add_connection(ndpi_struct, flow);
+ return;
+ }
+ }
+
/* Check if we so far detected the protocol in the request or not. */
if (flow->steam_stage1 == 0) {
NDPI_LOG_DBG2(ndpi_struct, "STEAM stage 0: \n");
--
2.32.0
View Git Blame Copy Permalink