Merge pull request #255 from sipcapture/dev

Dev

README.md

@@ -29,6 +29,8 @@ Setup & Configuration instructions are available on the Project [Wiki](https://g
 ### Support
 If you found a bug or issue with the code, please raise an Issue on the project tracker.
 
+If you want to send a PR, please make sure to indent your code using our [format script](https://github.com/sipcapture/captagent/blob/dev/format_code.sh)
+
 If you have specific questions or require professional support please contact us at support@sipcapture.org
 
 ![HomerFlow](http://i.imgur.com/U7UBI.png)

build.sh

@@ -12,12 +12,6 @@ list_of_config_files_pro="./src/modules_pro";
 #     echo "AC_CONFIG_FILES([${list_of_config_files}/${file}])"
 #done  > modules_makefiles.m4
 
-
 autoreconf --force --install
 automake --add-missing
 autoconf
-
-#./configure --enable-pcre --enable-redis
-#FreeBSD has libexpat in /usr/local/lib (ports installation)
-#./configure CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib"
-

conf/captagent.xml.in

@@ -38,10 +38,8 @@
 		<load module="protocol_diameter" register="local"/>
 		<load module="protocol_tls" register="local"/>
 		<load module="output_json" register="local"/>
-		<load module="protocol_rtcp" register="local"/>
 		<load module="interface_http" register="local"/>
 		<load module="database_redis" register="local"/>
-		<load module="socket_pfring" register="local"/>
 	    	-->
 	</modules>
 	</configuration>

conf/socket_pcap.xml

@@ -28,7 +28,7 @@
                 <param name="capture-filter" value="rtcp"/>
                 <param name="capture-plan" value="rtcp_capture_plan.cfg"/>
                 <param name="filter">
-                    <value>portrange 10000-30000 and len >=50 </value>
+                    <value>portrange 8000-30000 and len >=64 </value>
                 </param>
             </settings>
         </profile>

configure.ac

@@ -1,5 +1,5 @@
 AC_PREREQ(2.61)
-AC_INIT(captagent,6.3.1,support@sipcapture.org,,[http://www.sipcapture.org])
+AC_INIT(captagent,6.4.1,support@sipcapture.org,,[http://www.sipcapture.org])
 AC_COPYRIGHT("SIP Capture Solution")
 AC_CONFIG_MACRO_DIR([m4])
 AM_INIT_AUTOMAKE(foreign tar-ustar)
@@ -225,7 +225,7 @@ fi
 dnl
 dnl check for compression library
 dnl
-   
+
 if test "$ZLIB" = "yes"; then
    AC_CHECKING([for zip Library and Header files])
    AC_CHECK_HEADER(zlib.h,,[AC_MSG_ERROR([zlib.h headers not found.])])
@@ -236,7 +236,7 @@ fi
 dnl
 dnl check for epan library
 dnl
-   
+
 if test "$EPAN" = "yes"; then
    AC_CHECKING([for epan Library and Header files])
    AC_CHECK_HEADER(epan.h,,[AC_MSG_ERROR([epan.h headers not found.])])
@@ -251,20 +251,20 @@ dnl
 dnl
 dnl check for MYSQL library
 dnl
- 
+
 if test "$MYSQL" = "yes"; then
     AC_CHECKING([for MYSQL Library and Header files])
     AC_CHECK_HEADER([mysql/mysql.h], ,AC_MSG_ERROR([Could not find mysql headers !]))
     AC_CHECK_LIB(mysqlclient, mysql_init, [ MYSQL_LIBS="-lmysqlclient" ], [AC_MSG_ERROR([$PACKAGE_NAME requires but cannot find mysqlclient])])
     AC_DEFINE(USE_MYSQL, 1, [Use MYSQL library])
     AC_SUBST(MYSQL_LIBS)
 fi
-                   
+
 
 dnl
 dnl check for redis library
 dnl
-   
+
 if test "$REDIS" = "yes"; then
    AC_CHECKING([for redis Library and Header files])
    AC_CHECK_HEADER(hiredis/hiredis.h,,[AC_MSG_ERROR([hiredis/hiredis.h headers not found.])])
@@ -289,7 +289,7 @@ fi
 dnl
 dnl check for extra modules
 dnl
-   
+
 if test "$EXTRAMODULES" = "yes"; then
    AC_CHECKING([for extra modules files])
    AC_DEFINE(HAVE_EXTRA_MODULES, 1, [We have extra modules])
@@ -299,7 +299,7 @@ fi
 dnl
 dnl check for libuv library
 dnl
-   
+
 AC_CHECKING([for LiBUV and Header files])
 AC_CHECK_HEADER(uv.h,,[AC_MSG_ERROR([uv.h headers not found.])])
 AC_CHECK_LIB(uv, uv_now, [ UV_LIBS="-luv" ], [AC_MSG_ERROR([$PACKAGE_NAME requires but cannot find libuv])])
@@ -314,7 +314,7 @@ dnl
 
 if test "$SSL" = "yes"; then
    AC_CHECKING([for OpenSSL SSL Library and Header files])
-   AC_CHECK_HEADER(openssl/ssl.h,, [AC_MSG_ERROR([OpenSSL SSL headers not found.])])	
+   AC_CHECK_HEADER(openssl/ssl.h,, [AC_MSG_ERROR([OpenSSL SSL headers not found.])])
    AC_CHECK_LIB(ssl, SSL_accept, [ LIBS="${LIBS} -lssl" ], [AC_MSG_ERROR([$PACKAGE_NAME requires but cannot find ssl])])
    AC_DEFINE(USE_SSL, 1, [Use OpenSSL SSL library])
 fi
@@ -389,4 +389,3 @@ echo Build with LibUV............ : $useLIBUV
 echo Build with EPAN............. : $useEpan
 echo Build with TLS.............. : $useTLS
 echo
-

format_code.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+### You need to install indent
+echo "indent file $1..."
+indent -linux -l200 -i4 -nut "$1"
+echo "format done"

fuzzing/build-captagent-clang-address.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+#mkdir -p work
+#cd work
+#rm -rf captagent
+#cp ../src/captagent.zip .
+#unzip -P 'XXX' captagent.zip
+#rm captagent.zip
+cd ../../
+./build.sh
+
+export CFLAGS="-g -O0 -fsanitize=address -fprofile-instr-generate -fcoverage-mapping"
+export CC="clang"
+CC=clang CFLAGS="-g -O0 -fsanitize=address -fprofile-instr-generate -fcoverage-mapping" ./configure \
+		--enable-tls --enable-ssl
+
+find . -type f -print0 | xargs -0 sed -i 's/static volatile/static volatile/g'
+
+make CFLAGS="-g -O0 -fsanitize=address -fprofile-instr-generate -fcoverage-mapping"
+
+#export DESTDIR="`pwd`/debug-build"
+make install

fuzzing/build-captagent-clang.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+mkdir -p work
+cd work
+rm -rf captagent
+cp ../src/captagent.zip .
+unzip -P 'XXX' captagent.zip
+rm captagent.zip
+cd captagent
+./build.sh
+
+export CFLAGS="-g -O0 -fprofile-instr-generate -fcoverage-mapping"
+export CC="clang"
+CC=clang CFLAGS="-g -O0 -fprofile-instr-generate -fcoverage-mapping" ./configure \
+     		--enable-tls --enable-ssl
+
+find . -type f -print0 | xargs -0 sed -i 's/static volatile/static volatile/g'
+
+make CFLAGS="-g -O0 -fprofile-instr-generate -fcoverage-mapping"
+
+export DESTDIR="`pwd`/debug-build"
+make install

fuzzing/build-captagent-gcc.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+mkdir -p work
+cd work
+rm -rf captagent
+cp ../src/captagent.zip .
+unzip -P 'XXX' captagent.zip
+cd captagent
+./build.sh
+./configure --enable-ssl --enable-tls
+make
+
+export DESTDIR="`pwd`/debug-build"
+make install

fuzzing/fuzz_test/RTCP_CRASH/rtcp_cr.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+CAPTAGENT="../../../../captagent"
+
+clang -fsanitize=address \
+	-o $CAPTAGENT/test/fuzzing/fuzz_test/RTCP_CRASH/rtcp_crash \
+        -g -O0 -w -I$CAPAGENT/include \
+        -I$CAPTAGENT/src \
+        -I$CAPTAGENT/src/modules/protocol/rtcp \
+        `find $CAPTAGENT/src/ -maxdepth 1 -name "*.c" ! -name 'captagent.c'` \
+        `find $CAPTAGENT/src/modules/protocol/rtcp -maxdepth 1 -name "*.c"` \
+        -ljson-c -lpcap -lexpat -ldl -lpthread -lfl -luv -lm -lcrypto -lpcre

fuzzing/fuzz_test/RTCP_CRASH/rtcp_crash.c

@@ -0,0 +1,73 @@
+#include <captagent/api.h>
+#include <captagent/proto_sip.h>
+#include <captagent/structure.h>
+#include <captagent/capture.h>
+#include <captagent/xmlread.h>
+#include <captagent/modules_api.h>
+#include <captagent/modules.h>
+#include <captagent/log.h>
+#include <dirent.h>
+#include "md5.h"
+#include <captagent/globals.h>
+#include "captagent.h"
+#include "config.h"
+#include "modules/protocol/rtcp/parser_rtcp.h"
+
+int cfg_errors = 0;
+int debug = 0;
+struct capture_list main_ct;
+char *module_name_p = "";
+char *global_node_name = NULL;
+char *global_config_path = NULL;
+int print_lic_exit = 0;
+char *global_license = NULL;
+int not_send = 0;
+int flag_Lic = -1;      // License: 1 = activate; 0 = deactivate
+int type_Lic = 1;
+int count_big_down_jump = 0;
+char *usefile = NULL;
+unsigned long expireLicTime = 0;
+int flag_is_lic_count_wrong = 0;
+char hwk[33];
+int flag_is_expire = 0;
+int flag_is_invalid = 0;
+int bytes_parsed = 0;
+
+int main()
+{
+    /* MALFORMED RTCP RR PKT */
+    // Correct pkt is 4 byte header + 4 bytes SSRC + 24 byte for every Report count (if exist)
+    // in this case count == 1 (first byte 0x81)
+    char rr[29] = {
+        0x81, 0xc9, 0x00, 0x07, 0x54, 0xf2, 0x00, 0x01,
+        0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x81,
+        0xc9, 0x00, 0x07, 0x00, 0x00, 0x00, 0x01, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+    };
+
+    /* MALFORMED RTCP SR PKT */
+    // Correct pkt is 4 byte header + 4 byte SSRC + 20 byte for sender info + 24 byte for every Report count (if exist)
+    char sr[25] = {
+        0x80, 0xc8, 0x00, 0x06, 0x22, 0xa1, 0x04, 0x02,
+        0x83, 0xab, 0x11, 0x03, 0xeb, 0x00, 0x01, 0x3a,
+        0x00, 0x00, 0x94, 0x20, 0x00, 0x00, 0x00, 0xfb,
+        0x10,
+    };
+
+
+    char *json_rtcp_buffer;
+    int ret, len;
+
+    len = sizeof(sr);
+    json_rtcp_buffer = calloc(5000, sizeof(char));
+    ret = capt_parse_rtcp(&sr, len, json_rtcp_buffer, 5000);
+    if(ret == -1 || ret == -2) {
+        printf("capt_parse_rtcp :: error!\n");
+    } else {
+        printf("capt_parse_rtcp :: parsing correct\n");
+    }
+    if(json_rtcp_buffer) free(json_rtcp_buffer);
+
+    printf("!!! IF WE ARE HERE NO CRASH DETECTED IN MEMORY !!!")
+    return 0;
+}

fuzzing/fuzz_test/RTCP_TO_JSON_CRASH/rtcp_capture_plan.cfg

@@ -0,0 +1,17 @@
+capture[pcap] {
+        if(msg_check("size","4")) {
+                if(is_rtcp_or_rtp()) {
+                        if(is_flag_set("1","1")) {
+                                drop;
+                        } else {
+                                parse_rtcp_to_json();
+                                check_rtcp_session("hep","rtpsocket");
+                                drop;
+                        }
+                        drop;
+                }
+                drop;
+        }
+        drop;
+}
+

fuzzing/fuzz_test/RTCP_TO_JSON_CRASH/rtcp_crash.go

@@ -0,0 +1,19 @@
+package main
+
+import(
+	"net"
+)
+
+func main() {
+	dat := []byte{
+		0x81,0xc9,0x00,0x07,0x00,0x00,0x00,0x01,0x00,
+		0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,
+		0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+		0x00,0x00,0x00,0x00,0x00}
+
+	conn, _ := net.Dial("udp","127.0.0.1:9000")
+
+	for i := 1; i < 50; i++ {
+		conn.Write(dat)
+	}
+}

fuzzing/run-captagent.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+rm -f *.profraw
+rm -f *.profdata
+
+coverage="coverage/"
+if [ "$2" != "" ]; then
+    coverage="$2"
+fi
+
+rm -rf $coverage
+mkdir -p $coverage
+mkdir -p $coverage/line
+mkdir -p $coverage/source
+mkdir -p $coverage/functions
+LLVM_PROFILE_FILE="prof%p.profraw" \
+    work/captagent/debug-build/usr/local/captagent/sbin/captagent \
+    -f captagent-config/$1/captagent.xml
+llvm-profdata merge -sparse *.profraw -o captagent.profdata
+
+llvm-cov show work/captagent/debug-build/usr/local/captagent/sbin/captagent -instr-profile=captagent.profdata > $coverage/line/captagent-lines.txt
+for f in work/captagent/debug-build/usr/local/captagent/lib/captpagent/modules/*.so;
+do
+    llvm-cov show $f -instr-profile=captagent.profdata > $coverage/line/`basename $f`-lines.txt
+done
+
+llvm-cov report work/captagent/debug-build/usr/local/captagent/sbin/captagent -instr-profile=captagent.profdata > $coverage/source/captagent-source.txt
+for f in work/captagent/debug-build/usr/local/captagent/lib/captagent/modules/*.so;
+do
+    llvm-cov report $f -instr-profile=captagent.profdata > $coverage/source/`basename $f`-source.txt
+done
+
+llvm-cov report work/captagent/debug-build/usr/local/captagent/sbin/captagent -show-functions=true --instr-profile=captagent.profdata work/captagent
+for f in work/captagent/debug-build/usr/local/captagent/lib/captagent/modules/*.so; 
+do
+    llvm-cov report $f -show-functions=true -instr-profile=captagent.profdata work/captagent/ > $coverage/functions/`basename $f`-functions.txt
+done
+
+# rm -f *.profraw *.profdata
+chown root.root coverage
+chown root.root $coverage/*

include/captagent/api.h

@@ -5,7 +5,7 @@
  *  Duplicate SIP messages in Homer Encapulate Protocol [HEP] [ipv6 version]
  *
  *  Author: Alexandr Dubovikov <alexandr.dubovikov@gmail.com>
- *  (C) Homer Project 2012-2015 (http://www.sipcapture.org)
+ *  (C) Homer Project 2012-2023 (http://www.sipcapture.org)
  *
  * Homer capture agent is free software; you can redistribute it and/or
  * modify

include/captagent/capture.h

@@ -5,7 +5,7 @@
  *  Duplicate SIP messages in Homer Encapulate Protocol [HEP] [ipv6 version]
  *
  *  Author: Alexandr Dubovikov <alexandr.dubovikov@gmail.com>
- *  (C) Homer Project 2012-2015 (http://www.sipcapture.org)
+ *  (C) Homer Project 2012-2023 (http://www.sipcapture.org)
  *
  * Homer capture agent is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by

include/captagent/export_function.h

@@ -5,7 +5,7 @@
  *  Duplicate SIP messages in Homer Encapulate Protocol [HEP] [ipv6 version]
  *
  *  Author: Alexandr Dubovikov <alexandr.dubovikov@gmail.com>
- *  (C) Homer Project 2012-2015 (http://www.sipcapture.org)
+ *  (C) Homer Project 2012-2023 (http://www.sipcapture.org)
  *
  * Homer capture agent is free software; you can redistribute it and/or
  * modify

include/captagent/globals.h

@@ -5,7 +5,7 @@
  *  Duplicate SIP messages in Homer Encapulate Protocol [HEP] [ipv6 version]
  *
  *  Author: Alexandr Dubovikov <alexandr.dubovikov@gmail.com>
- *  (C) Homer Project 2012-2015 (http://www.sipcapture.org)
+ *  (C) Homer Project 2012-2023 (http://www.sipcapture.org)
  *
  * Homer capture agent is free software; you can redistribute it and/or
  * modify