scottk/nDPId
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/nDPId.git synced 2025-10-29 09:22:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed some SonarCloud issues

Browse Source 
* fixed dependabot werkzeug (3.0.3 to 3.0.6)

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This commit is contained in:
Toni Uhlig
2024-10-26 11:19:05 +02:00
parent 5423797267
commit 25944e2089
6 changed files with 79 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@@ -1,7 +1,9 @@
FROM ubuntu:22.04 AS builder FROM ubuntu:22.04 AS builder
WORKDIR /root WORKDIR /root
RUN apt-get -y update && apt-get install -y --no-install-recommends autoconf automake build-essential ca-certificates wget unzip git make cmake pkg-config libpcap-dev autoconf libtool && apt-get clean RUN apt-get -y update && apt-get install -y --no-install-recommends \
autoconf automake build-essential ca-certificates cmake git \
libpcap-dev libtool make pkg-config unzip wget && apt-get clean
RUN git clone https://github.com/utoni/nDPId.git RUN git clone https://github.com/utoni/nDPId.git
WORKDIR /root/nDPId WORKDIR /root/nDPId

30
examples/c-analysed/c-analysed.c
View File

@@ -23,7 +23,7 @@ typedef char csv_buf_t[(NETWORK_BUFFER_MAX_SIZE / 3) + 1];
static int main_thread_shutdown = 0; static int main_thread_shutdown = 0;
static int analysed_timerfd = -1; static int analysed_timerfd = -1;
static struct nDPIsrvd_socket * sock = NULL; static struct nDPIsrvd_socket * distributor = NULL;
static char * pidfile = NULL; static char * pidfile = NULL;
static char * serv_optarg = NULL; static char * serv_optarg = NULL;
@@ -452,9 +452,9 @@ static void sighandler(int signum)
if (signum == SIGUSR1) if (signum == SIGUSR1)
{ {
nDPIsrvd_flow_info(sock, nDPIsrvd_write_flow_info_cb, NULL); nDPIsrvd_flow_info(distributor, nDPIsrvd_write_flow_info_cb, NULL);
HASH_ITER(hh, sock->instance_table, current_instance, itmp) HASH_ITER(hh, distributor->instance_table, current_instance, itmp)
{ {
if (nDPIsrvd_verify_flows(current_instance, nDPIsrvd_verify_flows_cb, NULL) != 0) if (nDPIsrvd_verify_flows(current_instance, nDPIsrvd_verify_flows_cb, NULL) != 0)
{ {
@@ -794,7 +794,7 @@ static int analysed_map_flow_u8(struct nDPIsrvd_socket * const sock,
} }
ssize_t const map_index = analysed_map_index(str, len, map, map_length); ssize_t const map_index = analysed_map_index(str, len, map, map_length);
if (map_index < 0 || map_index > UCHAR_MAX) if (map_index < 0 || map_index >= UCHAR_MAX)
{ {
return 1; return 1;
} }
@@ -972,6 +972,10 @@ static void process_flow_stats(struct nDPIsrvd_socket * const sock, struct nDPIs
{ {
break; break;
} }
if (numeric_risk_value > UCHAR_MAX)
{
logger(1, "BUG: Numeric risk value > 255");
}
ANALYSED_STATS_GAUGE_INC(flow_risk_count[numeric_risk_value - 1]); ANALYSED_STATS_GAUGE_INC(flow_risk_count[numeric_risk_value - 1]);
flow_user_data->risks[i] = numeric_risk_value - 1; flow_user_data->risks[i] = numeric_risk_value - 1;
@@ -1974,15 +1978,15 @@ int main(int argc, char ** argv)
goto failure; goto failure;
} }
sock = nDPIsrvd_socket_init( distributor = nDPIsrvd_socket_init(
0, 0, 0, (stats_csv_outfile != NULL ? sizeof(struct flow_user_data) : 0), analysed_json_callback, NULL, NULL); 0, 0, 0, (stats_csv_outfile != NULL ? sizeof(struct flow_user_data) : 0), analysed_json_callback, NULL, NULL);
if (sock == NULL) if (distributor == NULL)
{ {
logger_early(1, "%s", "nDPIsrvd socket memory allocation failed!"); logger_early(1, "%s", "nDPIsrvd socket memory allocation failed!");
goto failure; goto failure;
} }
if (nDPIsrvd_setup_address(&sock->address, serv_optarg) != 0) if (nDPIsrvd_setup_address(&distributor->address, serv_optarg) != 0)
{ {
fprintf(stderr, "%s: Could not parse address `%s'\n", argv[0], serv_optarg); fprintf(stderr, "%s: Could not parse address `%s'\n", argv[0], serv_optarg);
goto failure; goto failure;
@@ -1991,13 +1995,13 @@ int main(int argc, char ** argv)
printf("Recv buffer size: %u\n", NETWORK_BUFFER_MAX_SIZE); printf("Recv buffer size: %u\n", NETWORK_BUFFER_MAX_SIZE);
printf("Connecting to `%s'..\n", serv_optarg); printf("Connecting to `%s'..\n", serv_optarg);
if (nDPIsrvd_connect(sock) != CONNECT_OK) if (nDPIsrvd_connect(distributor) != CONNECT_OK)
{ {
logger_early(1, "nDPIsrvd socket connect to %s failed!", serv_optarg); logger_early(1, "nDPIsrvd socket connect to %s failed!", serv_optarg);
goto failure; goto failure;
} }
if (nDPIsrvd_set_nonblock(sock) != 0) if (nDPIsrvd_set_nonblock(distributor) != 0)
{ {
logger_early(1, "nDPIsrvd set nonblock failed: %s", strerror(errno)); logger_early(1, "nDPIsrvd set nonblock failed: %s", strerror(errno));
goto failure; goto failure;
@@ -2099,8 +2103,8 @@ int main(int argc, char ** argv)
} }
{ {
struct epoll_event socket_event = {.data.fd = sock->fd, .events = EPOLLIN}; struct epoll_event socket_event = {.data.fd = distributor->fd, .events = EPOLLIN};
if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock->fd, &socket_event) < 0) if (epoll_ctl(epollfd, EPOLL_CTL_ADD, distributor->fd, &socket_event) < 0)
{ {
logger_early(1, "Error adding nDPIsrvd socket fd to epoll: %s", strerror(errno)); logger_early(1, "Error adding nDPIsrvd socket fd to epoll: %s", strerror(errno));
goto failure; goto failure;
@@ -2108,9 +2112,9 @@ int main(int argc, char ** argv)
} }
logger(0, "%s", "Initialization succeeded."); logger(0, "%s", "Initialization succeeded.");
retval = mainloop(epollfd, sock); retval = mainloop(epollfd, distributor);
failure: failure:
nDPIsrvd_socket_free(&sock); nDPIsrvd_socket_free(&distributor);
daemonize_shutdown(pidfile); daemonize_shutdown(pidfile);
shutdown_logging(); shutdown_logging();

7
examples/c-collectd/c-collectd.c
View File

@@ -29,7 +29,7 @@
logger(is_error, fmt, __VA_ARGS__); \ logger(is_error, fmt, __VA_ARGS__); \
} \ } \
} while (0) } while (0)
//#define GENERATE_TIMESTAMP 1 // #define GENERATE_TIMESTAMP 1
struct flow_user_data struct flow_user_data
{ {
@@ -836,7 +836,7 @@ static void print_collectd_exec_output(void)
COLLECTD_STATS_GAUGE_SUB(flow_guessed_count); COLLECTD_STATS_GAUGE_SUB(flow_guessed_count);
COLLECTD_STATS_GAUGE_SUB(flow_not_detected_count); COLLECTD_STATS_GAUGE_SUB(flow_not_detected_count);
for (size_t i = 0; i < NDPI_MAX_RISK - 1 /* NDPI_NO_RISK */; ++i) for (i = 0; i < NDPI_MAX_RISK - 1 /* NDPI_NO_RISK */; ++i)
{ {
COLLECTD_STATS_GAUGE_SUB(flow_risk_count[i]); COLLECTD_STATS_GAUGE_SUB(flow_risk_count[i]);
} }
@@ -1358,9 +1358,8 @@ static void process_flow_stats(struct nDPIsrvd_socket * const sock, struct nDPIs
if (flow_user_data->confidence == 0 && flow_user_data->confidence_ndpid_invalid == 0) if (flow_user_data->confidence == 0 && flow_user_data->confidence_ndpid_invalid == 0)
{ {
struct nDPIsrvd_json_token const * const token = TOKEN_GET_SZ(sock, "ndpi", "confidence"); struct nDPIsrvd_json_token const * const token = TOKEN_GET_SZ(sock, "ndpi", "confidence");
struct nDPIsrvd_json_token const * current = NULL;
int next_child_index = -1;
next_child_index = -1;
if ((current = nDPIsrvd_get_next_token(sock, token, &next_child_index)) == NULL) if ((current = nDPIsrvd_get_next_token(sock, token, &next_child_index)) == NULL)
{ {
flow_user_data->confidence_ndpid_invalid = 1; flow_user_data->confidence_ndpid_invalid = 1;

2
examples/py-flow-dashboard/requirements.txt
View File

@@ -1,3 +1,3 @@
dash dash
dash_daq dash_daq
Werkzeug==3.0.3 Werkzeug==3.0.6

9
nDPId.c
View File

@@ -5551,6 +5551,15 @@ static int validate_options(void)
} }
} }
} }
if (GET_CMDARG_ULL(nDPId_options.max_packets_per_flow_to_analyse) < 2 ||
GET_CMDARG_ULL(nDPId_options.max_packets_per_flow_to_analyse) > USHRT_MAX)
{
logger_early(1,
"Value not in range: 2 < max-packets-per-flow-to-analyse[%llu] < %d",
GET_CMDARG_ULL(nDPId_options.max_packets_per_flow_to_analyse),
USHRT_MAX);
retval = 1;
}
if (GET_CMDARG_ULL(nDPId_options.max_flows_per_thread) < 128 || if (GET_CMDARG_ULL(nDPId_options.max_flows_per_thread) < 128 ||
GET_CMDARG_ULL(nDPId_options.max_flows_per_thread) > nDPId_MAX_FLOWS_PER_THREAD) GET_CMDARG_ULL(nDPId_options.max_flows_per_thread) > nDPId_MAX_FLOWS_PER_THREAD)
{ {

76
utils.c
View File

@@ -340,8 +340,7 @@ int daemonize_shutdown(char const * const pidfile)
int change_user_group(char const * const user, char const * const group, char const * const pidfile) int change_user_group(char const * const user, char const * const group, char const * const pidfile)
{ {
struct passwd * pwd; struct passwd pwd;
struct group * grp;
gid_t gid; gid_t gid;
if (user == NULL) if (user == NULL)
@@ -349,37 +348,46 @@ int change_user_group(char const * const user, char const * const group, char co
return 1; return 1;
} }
errno = 0;
pwd = getpwnam(user);
if (pwd == NULL)
{ {
return (errno != 0 ? -errno : -ENOENT); struct passwd * result;
char buf[BUFSIZ];
int retval;
retval = getpwnam_r(user, &pwd, buf, sizeof(buf), &result);
if (result == NULL)
{
return (retval != 0 ? -retval : -ENOENT);
}
} }
if (group != NULL) if (group != NULL)
{ {
errno = 0; struct group grp;
grp = getgrnam(group); struct group * result;
if (grp == NULL) char buf[BUFSIZ];
int retval;
retval = getgrnam_r(group, &grp, buf, sizeof(buf), &result);
if (result == NULL)
{ {
return (errno != 0 ? -errno : -ENOENT); return (retval != 0 ? -retval : -ENOENT);
} }
gid = grp->gr_gid; gid = grp.gr_gid;
} }
else else
{ {
gid = pwd->pw_gid; gid = pwd.pw_gid;
} }
if (daemonize != 0 && pidfile != NULL) if (daemonize != 0 && pidfile != NULL)
{ {
errno = 0; errno = 0;
if (chown(pidfile, pwd->pw_uid, gid) != 0) if (chown(pidfile, pwd.pw_uid, gid) != 0)
{ {
return -errno; return -errno;
} }
} }
return setregid(gid, gid) != 0 || setreuid(pwd->pw_uid, pwd->pw_uid); return setregid(gid, gid) != 0 || setreuid(pwd.pw_uid, pwd.pw_uid);
} }
WARN_UNUSED WARN_UNUSED
@@ -398,27 +406,35 @@ int chmod_chown(char const * const path, mode_t mode, char const * const user, c
if (user != NULL) if (user != NULL)
{ {
errno = 0;
struct passwd * const pwd = getpwnam(user);
if (pwd == NULL)
{ {
return (errno != 0 ? -errno : -ENOENT); struct passwd pwd;
struct passwd * result;
char buf[BUFSIZ];
int retval;
retval = getpwnam_r(user, &pwd, buf, sizeof(buf), &result);
if (result == NULL)
{
return (retval != 0 ? -retval : -ENOENT);
}
path_uid = pwd.pw_uid;
path_gid = pwd.pw_gid;
} }
path_uid = pwd->pw_uid;
path_gid = pwd->pw_gid;
} }
if (group != NULL) if (group != NULL)
{ {
errno = 0; struct group grp;
struct group * result;
char buf[BUFSIZ];
int retval;
struct group * const grp = getgrnam(group); retval = getgrnam_r(group, &grp, buf, sizeof(buf), &result);
if (grp == NULL) if (result == NULL)
{ {
return (errno != 0 ? -errno : -ENOENT); return (retval != 0 ? -retval : -ENOENT);
} }
path_gid = grp->gr_gid; path_gid = grp.gr_gid;
} }
if (path_uid != (uid_t)-1 || path_gid != (gid_t)-1) if (path_uid != (uid_t)-1 || path_gid != (gid_t)-1)
@@ -617,17 +633,17 @@ static char * ini_rstrip(char * s)
} }
/* Return pointer to first non-whitespace char in given string. */ /* Return pointer to first non-whitespace char in given string. */
static char * ini_lskip(const char * s) static char * ini_lskip(char * s)
{ {
while (*s && isspace((unsigned char)(*s))) while (*s && isspace((unsigned char)(*s)))
s++; s++;
return (char *)s; return s;
} }
/* Return pointer to first char (of chars) or inline comment in given string, /* Return pointer to first char (of chars) or inline comment in given string,
or pointer to NUL at end of string if neither found. Inline comment must or pointer to NUL at end of string if neither found. Inline comment must
be prefixed by a whitespace character to register as a comment. */ be prefixed by a whitespace character to register as a comment. */
static char * ini_find_chars_or_comment(const char * s, const char * chars) static char * ini_find_chars_or_comment(char * s, const char * chars)
{ {
int was_space = 0; int was_space = 0;
while (*s && (!chars || !strchr(chars, *s)) && !(was_space && strchr(INI_INLINE_COMMENT_PREFIXES, *s))) while (*s && (!chars || !strchr(chars, *s)) && !(was_space && strchr(INI_INLINE_COMMENT_PREFIXES, *s)))
@@ -635,7 +651,7 @@ static char * ini_find_chars_or_comment(const char * s, const char * chars)
was_space = isspace((unsigned char)(*s)); was_space = isspace((unsigned char)(*s));
s++; s++;
} }
return (char *)s; return s;
} }
/* See: https://github.com/benhoyt/inih/blob/master/ini.c#L97C67-L97C74 */ /* See: https://github.com/benhoyt/inih/blob/master/ini.c#L97C67-L97C74 */