BlackArch/blackarch

Xplico - build process failure - too many arguments to function ‘ndpi_detection_process_packet’

D3vil0p3r opened this issue · 5 comments

D3vil0p3r commented
  • I have searched open and closed issues for duplicates
  • I am submitting a bug report for existing functionality that does not work as intended

Bug description

By compiling the xplico package in BlackArch by makepkg -si, the following error during the building is produced:

<SNIP>
cc -rdynamic -I/tmp/makepkg/xplico/src/xplico-v.1.2.2/include -I/tmp/makepkg/xplico/src/xplico-v.1.2.2/common/include -I/tmp/makepkg/xplico/src/xplico-v.1.2.2/dissectors/include -I/tmp/makepkg/xplico/src/xplico-v.1.2.2/capt_dissectors/include -I/tmp/makepkg/xplico/src/xplico-v.1.2.2/dispatch/include  -Wall -fPIC -D_FILE_OFFSET_BITS=64 -U_FORTIFY_SOURCE -DXPL_PEDANTIC_STATISTICS=1 -g -ggdb -O0 -DFTBL_SORT=1 -DXPL_CHECK_CODE=1 -DXPL_X86=1 -DGEOIP_LIBRARY=1 -I/usr/include/ndpi  -DLOG_DIS_VAR_NAME=dis_tcp_grb_log_id   -c -o tcp_garbage.o tcp_garbage.c
tcp_garbage.c:101:86: warning: ‘struct ndpi_id_struct’ declared inside parameter list will not be visible outside of this definition or declaration
  101 | static ndpi_protocol nDPIPacket(packet *pkt, struct ndpi_flow_struct *l7flow, struct ndpi_id_struct *l7src, struct ndpi_id_struct *l7dst, bool ipv4)
      |                                                                                      ^~~~~~~~~~~~~~
tcp_garbage.c: In function ‘nDPIPacket’:
tcp_garbage.c:128:17: error: too many arguments to function ‘ndpi_detection_process_packet’
  128 |     l7prot_id = ndpi_detection_process_packet(ndpi, l7flow, data, size, when, l7src, l7dst);
<SNIP>
tcp_garbage.c: In function ‘DissecRegist’:
tcp_garbage.c:1136:20: warning: assignment to ‘ProtVerify’ {aka ‘unsigned char (*)(int)’} from incompatible pointer type ‘_Bool (*)(int)’ [-Wincompatible-pointer-types]
 1136 |     hdep.ProtCheck = TcpGrbCheck;
      |                    ^
tcp_garbage.c: In function ‘DissectInit’:
tcp_garbage.c:1253:12: error: too few arguments to function ‘ndpi_init_detection_module’
 1253 |     ndpi = ndpi_init_detection_module();
      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/ndpi/ndpi_api.h:198:40: note: declared here
  198 |   struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs prefs);
      |                                        ^~~~~~~~~~~~~~~~~~~~~~~~~~
tcp_garbage.c:1262:23: warning: implicit declaration of function ‘ndpi_detection_get_sizeof_ndpi_id_struct’; did you mean ‘ndpi_detection_get_sizeof_ndpi_flow_struct’? [-Wimplicit-function-declaration]
 1262 |     ndpi_proto_size = ndpi_detection_get_sizeof_ndpi_id_struct();
      |                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      |                       ndpi_detection_get_sizeof_ndpi_flow_struct
make[2]: *** [<builtin>: tcp_garbage.o] Error 1
make[2]: Leaving directory '/tmp/makepkg/xplico/src/xplico-v.1.2.2/dissectors/tcp_grbg'
make[1]: *** [Makefile:52: subdir] Error 1
make[1]: Leaving directory '/tmp/makepkg/xplico/src/xplico-v.1.2.2/dissectors'
make: *** [Makefile:149: subdir] Error 1
==> ERROR: A failure occurred in build().
    Aborting...

It could be probably related to the ndpi package version on BlackArch repo.

noraj commented

Here is what I did,

  1. update ndpi to 4.4
  2. build ndpi (ba-dev -b in packages/ndpi/)
  3. build xplico using the updated ndpi (ba-dev -I ../ndpi/ndpi-1:4.4-1-x86_64.pkg.tar.zst in packages/xplico/)

But unfortunately, it still fails with the same error:

tcp_garbage.c: In function ‘DissecRegist’:
tcp_garbage.c:1136:20: warning: assignment to ‘ProtVerify’ {aka ‘unsigned char (*)(int)’} from incompatible pointer type ‘_Bool (*)(int)’ [-Wincompatible-pointer-types]
 1136 |     hdep.ProtCheck = TcpGrbCheck;
      |                    ^
tcp_garbage.c: In function ‘DissectInit’:
tcp_garbage.c:1253:12: error: too few arguments to function ‘ndpi_init_detection_module’
 1253 |     ndpi = ndpi_init_detection_module();
      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/libndpi/ndpi_api.h:198:40: note: declared here
  198 |   struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs prefs);
      |                                        ^~~~~~~~~~~~~~~~~~~~~~~~~~
tcp_garbage.c:1262:23: warning: implicit declaration of function ‘ndpi_detection_get_sizeof_ndpi_id_struct’; did you mean ‘ndpi_detection_get_sizeof_ndpi_flow_struct’? [-Wimplicit-function-declaration]
 1262 |     ndpi_proto_size = ndpi_detection_get_sizeof_ndpi_id_struct();
      |                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      |                       ndpi_detection_get_sizeof_ndpi_flow_struct
make[2]: *** [<builtin>: tcp_garbage.o] Error 1
make[2]: Leaving directory '/build/xplico/src/xplico-v.1.2.2/dissectors/tcp_grbg'
make[1]: *** [Makefile:52: subdir] Error 1
make[1]: Leaving directory '/build/xplico/src/xplico-v.1.2.2/dissectors'
make: *** [Makefile:149: subdir] Error 1

It will be a pain to debug / update since upstream as no documentation and an outdated dependency list from 2016.

  • ❤️1
D3vil0p3r commented

Still failing:

rltm_pol.c: In function ‘CaptDisMain’:
rltm_pol.c:382:35: error: passing argument 2 of ‘pcap_next_ex’ from incompatible pointer type [-Wincompatible-pointer-types]
  382 |             if (pcap_next_ex(cap, &pkt_header, &pkt_data) == -1) {
      |                                   ^~~~~~~~~~~
      |                                   |
      |                                   struct pcappkt_hdr **
In file included from /usr/include/pcap.h:43,
                 from rltm_pol.c:32:
/usr/include/pcap/pcap.h:623:40: note: expected ‘struct pcap_pkthdr **’ but argument is of type ‘struct pcappkt_hdr **’
  623 | PCAP_API int    pcap_next_ex(pcap_t *, struct pcap_pkthdr **, const u_char **);
      |                                        ^~~~~~~~~~~~~~~~~~~~~
rltm_pol.c:388:50: error: passing argument 2 of ‘RltmPolDissector’ from incompatible pointer type [-Wincompatible-pointer-types]
  388 |                 RltmPolDissector((u_char *)&ref, pkt_header, pkt_data);
      |                                                  ^~~~~~~~~~
      |                                                  |
      |                                                  struct pcappkt_hdr *
rltm_pol.c:105:70: note: expected ‘const struct pcap_pkthdr *’ but argument is of type ‘struct pcappkt_hdr *’
  105 | static void RltmPolDissector(u_char *user, const struct pcap_pkthdr *h, const u_char *bytes)
      |                                            ~~~~~~~~~~~~~~~~~~~~~~~~~~^
make[2]: *** [<incorporato>: rltm_pol.o] Error 1
make[2]: uscita dalla directory «/tmp/makepkg/xplico/src/xplico-v.1.2.2/capt_dissectors/rltm_pol»
make[1]: *** [Makefile:47: subdir] Error 1
make[1]: uscita dalla directory «/tmp/makepkg/xplico/src/xplico-v.1.2.2/capt_dissectors»
make: *** [Makefile:149: subdir] Error 1

Should we drop Xplico?

noraj commented

idk, could be nice to fix it, but abandonned for 4 years and the DEPENDENCES file has not been updated for 8 years and is probably not accurate.

D3vil0p3r commented

The question is: is it worth to spend much effort (now and probably for the ever future) for a non-maintained repository like that? I would focus BlackArch more on maintained resources and to keep the environment clean.