Ludovico thanks for your work. I have already made some patches to the SVN code since I released rc0, so some issues are solved already
I have looked at your patches and honestly I am not sure they address the issues you reported - u_char *tcp_data = (u_char *)(tcp + tp.th_off * 4); + u_char *tcp_data = ((u_char *) tcp) + tp.th_off * 4; The above does not seem to change much the meaning; can you please explain why you believe it's better this way? - theSession->l7.major_proto = IPOQUE_MAX_SUPPORTED_PROTOCOLS + rc; + theSession->l7.major_proto = rc; As for the second patch, as soon as I have some time, I believe I should completely remove from ntop the support of extra protocols based on ports, and move it to nDPI. The license is kind of hard for me as I am not an expert. Highcharts are distributed with http://creativecommons.org/licenses/by-nc/3.0/ that I believe it's good. If you don't like it for Debian packages, then I need to find an alternative as ntop without charts is not a good idea. What other alternatives shall I look at, that are compatible with Debian packages? Thanks Luca On Mar 4, 2012, at 6:13 AM, Ludovico Cavedon wrote: > Hi, > > On Mon, Feb 20, 2012 at 4:47 AM, Luca Deri <[email protected]> wrote: >> http://sourceforge.net/projects/ntop/files/ntop/Stable/ntop-4.1.99-rc0.tar.gz/download >> you can find the first release candidate code for ntop. I would like you to > > I have been working on packaging it for Debian/Ubuntu. > However, it was consistently crashing a few seconds after startup on my > system. > I was able to find two out-of-bound memory access using valgrind. > I am attaching 2 patches, which fix such accesses and seem to prevent > the crash. The one for ip.c is pretty obvious. > For the one on session.c, I am not 100% sure that is the right fix, > however it looks to me that major_proto should not be bigger than > IPOQUE_MAX_SUPPORTED_PROTOCOLS. > > Moreover, port 443 is mapped to POP rather than HTTPS (but maybe is a > wrong side effect of my fix). > > Also, valgrind still generates a lot of warnings about invalid reads. > They are mostly in 3rd party libs (rrd, fontconfig, pcap, gdbm), > however they can be caused by ntop passing uninitialized data to such > libs. > > Last issue, specific about the Debian packaging: > html/exporting.js and html/highcharts.js are not free for commercial > purposes, therefore cannot be included in Debian. > Do you know if there is some other (maybe less fancy) API-compatible > library? Otherwise I can package ntop without such files. It seems to > work fine apart from the missing graphs. I can then prepare a > ntop-charts package uploaded in the non-free section containing such 2 > files. > > What do you think? > > Thanks, > Ludovico > <tcp-option-parsing.patch><l7_major_proto-fix.patch>_______________________________________________ > Ntop-dev mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-dev --- "Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. - Brian W. Kernighan _______________________________________________ Ntop-dev mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
