Added check to avoid crash when dissecing DNS packets (#5101)

src/Flow.cpp

@@ -714,16 +714,14 @@ void Flow::processDNSPacket(const u_char *ip_packet, u_int16_t ip_len, u_int64_t
   ndpi_protocol proto_id;
 
   /* Exits if the flow isn't DNS or it the interface is not a packet-interface */
-  if(!isDNS() || !getInterface()->isPacketInterface())
+  if((!isDNS()) || (!getInterface()->isPacketInterface()) || (ndpiFlow == NULL))
     return;
 
   /* Instruct nDPI to continue the dissection
      See https://github.com/ntop/ntopng/commit/30f52179d9f7a1eb774534def93d55c77d6070bc#diff-20b1df29540b6de59ceb6c6d2f3afdb5R387
   */
-  // ndpiFlow->protos.dns.num_answers = 0;
-  // ndpiFlow->host_server_name[0] = '\0';
   ndpiFlow->check_extra_packets = 1, ndpiFlow->max_extra_packets_to_check = 10;
-
+  
   proto_id = ndpi_detection_process_packet(iface->get_ndpi_struct(), ndpiFlow,
 					   ip_packet, ip_len, packet_time,
 					   (struct ndpi_id_struct*) cli_id, (struct ndpi_id_struct*) srv_id);

src/NetworkInterface.cpp

@@ -1531,13 +1531,15 @@ bool NetworkInterface::processPacket(u_int32_t bridge_iface_idx,
     }
   }
 
-  if(flow->isDNS())
-    flow->processDNSPacket(ip, trusted_ip_len, packet_time);
-  else if(flow->isIEC60870())
-    flow->processIEC60870Packet((htons(src_port) == 2404) ? true : false,
-				ip, trusted_ip_len, payload, trusted_payload_len,
-				(struct timeval *)&h->ts);
-
+  if(isPacketInterface()) {
+    if(flow->isDNS())
+      flow->processDNSPacket(ip, trusted_ip_len, packet_time);
+    else if(flow->isIEC60870())
+      flow->processIEC60870Packet((htons(src_port) == 2404) ? true : false,
+				  ip, trusted_ip_len, payload, trusted_payload_len,
+				  (struct timeval *)&h->ts);
+  }
+
   if(flow->isDetectionCompleted()
      && (!isSampledTraffic())) {
     switch(ndpi_get_lower_proto(flow->get_detected_protocol())) {