Loading src/pixie-timer.c +1 −1 Original line number Diff line number Diff line Loading @@ -142,7 +142,7 @@ pixie_usleep(uint64_t waitTime) start = pixie_gettime(); if (waitTime > 1000) Sleep(waitTime/1000); Sleep((DWORD)(waitTime/1000)); while (pixie_gettime() - start < waitTime) ; Loading src/proto-banner1.c +2 −2 Original line number Diff line number Diff line Loading @@ -247,7 +247,7 @@ int banner1_selftest() px+i, 1, banner, &banner_offset, sizeof(banner) ); if (memcmp(banner, "YTS/1.20.13", 11) != 0) { if (memcmp(banner, "Via:HTTP/1.1", 11) != 0) { printf("banner1: test failed\n"); return 1; } Loading @@ -268,7 +268,7 @@ int banner1_selftest() px, length, banner, &banner_offset, sizeof(banner) ); if (memcmp(banner, "YTS/1.20.13", 11) != 0) { if (memcmp(banner, "Via:HTTP/1.1", 11) != 0) { printf("banner1: test failed\n"); return 1; } Loading src/proto-dns.c +30 −12 Original line number Diff line number Diff line Loading @@ -9,6 +9,7 @@ #include "unusedparm.h" struct DomainPointer { const unsigned char *name; Loading Loading @@ -324,34 +325,52 @@ proto_dns_parse(struct DNS_Incoming *dns, const unsigned char px[], unsigned off return; } void handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed) unsigned dns_set_cookie(unsigned char *px, size_t length, uint64_t seqno) { if (length > 2) { px[0] = (unsigned char)(seqno >> 8); px[1] = (unsigned char)(seqno >> 0); return seqno & 0xFFFF; } else return 0; } unsigned handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed) { unsigned ip_them; unsigned port_them = parsed->port_src; struct DNS_Incoming dns[1]; unsigned offset; unsigned seqno; ip_them = parsed->ip_src[0]<<24 | parsed->ip_src[1]<<16 | parsed->ip_src[2]<< 8 | parsed->ip_src[3]<<0; seqno = syn_hash(ip_them, port_them | 0x10000); proto_dns_parse(dns, px, parsed->app_offset, parsed->app_offset + parsed->app_length); if ((seqno & 0xFFFF) != dns->id) return 1; if (dns->qr != 1) return; return 0; if (dns->rcode != 0) return; return 0; if (dns->qdcount != 1) return; return 0; if (dns->ancount < 1) return; return 0; if (dns->rr_count < 2) return; return 0; offset = dns->rr_offset[1]; offset = dns_name_skip(px, offset, length); if (offset + 10 >= length) return; return 0; { unsigned type = px[offset+0]<<8 | px[offset+1]; Loading @@ -360,9 +379,9 @@ void handle_dns(struct Output *out, const unsigned char *px, unsigned length, st unsigned txtlen = px[offset+10]; if (rrlen == 0 || txtlen > rrlen-1) return; return 0; if (type != 0x10 || xclass != 3) return; return 0; offset += 11; Loading @@ -371,8 +390,7 @@ void handle_dns(struct Output *out, const unsigned char *px, unsigned length, st ip_them, port_them, PROTO_DNS_VERSIONBIND, px + offset, txtlen); } return 0; } src/proto-dns.h +1 −1 Original line number Diff line number Diff line Loading @@ -3,6 +3,6 @@ struct PreprocessedInfo; struct Output; void handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed); unsigned handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed); #endif src/proto-http.c +1 −1 Original line number Diff line number Diff line Loading @@ -38,7 +38,7 @@ struct Patterns html_fields[] = { /***************************************************************************** *****************************************************************************/ static void field_name(void *banner, unsigned *banner_offset, size_t banner_max, unsigned id, struct Patterns *http_fields) field_name(void *banner, unsigned *banner_offset, size_t banner_max, size_t id, struct Patterns *http_fields) { unsigned i; if (id == HTTPFIELD_INCOMPLETE) Loading Loading
src/pixie-timer.c +1 −1 Original line number Diff line number Diff line Loading @@ -142,7 +142,7 @@ pixie_usleep(uint64_t waitTime) start = pixie_gettime(); if (waitTime > 1000) Sleep(waitTime/1000); Sleep((DWORD)(waitTime/1000)); while (pixie_gettime() - start < waitTime) ; Loading
src/proto-banner1.c +2 −2 Original line number Diff line number Diff line Loading @@ -247,7 +247,7 @@ int banner1_selftest() px+i, 1, banner, &banner_offset, sizeof(banner) ); if (memcmp(banner, "YTS/1.20.13", 11) != 0) { if (memcmp(banner, "Via:HTTP/1.1", 11) != 0) { printf("banner1: test failed\n"); return 1; } Loading @@ -268,7 +268,7 @@ int banner1_selftest() px, length, banner, &banner_offset, sizeof(banner) ); if (memcmp(banner, "YTS/1.20.13", 11) != 0) { if (memcmp(banner, "Via:HTTP/1.1", 11) != 0) { printf("banner1: test failed\n"); return 1; } Loading
src/proto-dns.c +30 −12 Original line number Diff line number Diff line Loading @@ -9,6 +9,7 @@ #include "unusedparm.h" struct DomainPointer { const unsigned char *name; Loading Loading @@ -324,34 +325,52 @@ proto_dns_parse(struct DNS_Incoming *dns, const unsigned char px[], unsigned off return; } void handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed) unsigned dns_set_cookie(unsigned char *px, size_t length, uint64_t seqno) { if (length > 2) { px[0] = (unsigned char)(seqno >> 8); px[1] = (unsigned char)(seqno >> 0); return seqno & 0xFFFF; } else return 0; } unsigned handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed) { unsigned ip_them; unsigned port_them = parsed->port_src; struct DNS_Incoming dns[1]; unsigned offset; unsigned seqno; ip_them = parsed->ip_src[0]<<24 | parsed->ip_src[1]<<16 | parsed->ip_src[2]<< 8 | parsed->ip_src[3]<<0; seqno = syn_hash(ip_them, port_them | 0x10000); proto_dns_parse(dns, px, parsed->app_offset, parsed->app_offset + parsed->app_length); if ((seqno & 0xFFFF) != dns->id) return 1; if (dns->qr != 1) return; return 0; if (dns->rcode != 0) return; return 0; if (dns->qdcount != 1) return; return 0; if (dns->ancount < 1) return; return 0; if (dns->rr_count < 2) return; return 0; offset = dns->rr_offset[1]; offset = dns_name_skip(px, offset, length); if (offset + 10 >= length) return; return 0; { unsigned type = px[offset+0]<<8 | px[offset+1]; Loading @@ -360,9 +379,9 @@ void handle_dns(struct Output *out, const unsigned char *px, unsigned length, st unsigned txtlen = px[offset+10]; if (rrlen == 0 || txtlen > rrlen-1) return; return 0; if (type != 0x10 || xclass != 3) return; return 0; offset += 11; Loading @@ -371,8 +390,7 @@ void handle_dns(struct Output *out, const unsigned char *px, unsigned length, st ip_them, port_them, PROTO_DNS_VERSIONBIND, px + offset, txtlen); } return 0; }
src/proto-dns.h +1 −1 Original line number Diff line number Diff line Loading @@ -3,6 +3,6 @@ struct PreprocessedInfo; struct Output; void handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed); unsigned handle_dns(struct Output *out, const unsigned char *px, unsigned length, struct PreprocessedInfo *parsed); #endif
src/proto-http.c +1 −1 Original line number Diff line number Diff line Loading @@ -38,7 +38,7 @@ struct Patterns html_fields[] = { /***************************************************************************** *****************************************************************************/ static void field_name(void *banner, unsigned *banner_offset, size_t banner_max, unsigned id, struct Patterns *http_fields) field_name(void *banner, unsigned *banner_offset, size_t banner_max, size_t id, struct Patterns *http_fields) { unsigned i; if (id == HTTPFIELD_INCOMPLETE) Loading
