From 9fe5401630671c6683df9d28100a20c7d38dca55 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 2 Oct 2015 15:13:02 -0700 Subject: [PATCH] sniffer skips partially received record when fixing an ACK fault --- src/sniffer.c | 19 +++++++++---------- wolfssl/sniffer_error.h | 3 ++- wolfssl/sniffer_error.rc | 3 ++- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/src/sniffer.c b/src/sniffer.c index ba59a7fb7..9fa0bff7a 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -246,6 +246,7 @@ static const char* const msgTable[] = "Get Session Stats Failure", "Reassembly Buffer Size Exceeded", "Dropping Lost Fragment", + "Dropping Partial Record", "Clear ACK Fault" }; @@ -2528,10 +2529,7 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session, else if (tcpInfo->fin) return AddFinCapture(session, real); } - else { - /* The following conditional block is duplicated above. It is the - * same action but for a different setup case. If changing this - * block be sure to also update the block above. */ + else if (*sslBytes > 0) { if (skipPartial) { AddToReassembly(session->flags.side, real, *sslFrame, *sslBytes, session, error); @@ -2541,6 +2539,9 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session, *expected += 1; return 0; } + /* The following conditional block is duplicated above. It is the + * same action but for a different setup case. If changing this + * block be sure to also update the block above. */ else if (reassemblyList) { word32 newEnd = *expected + *sslBytes; @@ -2600,25 +2601,23 @@ static int FindNextRecordInAssembly(SnifferSession* session, curr->data[1] == pv.major && curr->data[2] == pv.minor) { - word32 length; + if (ssl->buffers.inputBuffer.length > 0) + Trace(DROPPING_PARTIAL_RECORD); *sslBytes = curr->end - curr->begin + 1; - length = ssl->buffers.inputBuffer.length; if ( (word32)*sslBytes > ssl->buffers.inputBuffer.bufferSize) { - if (GrowInputBuffer(ssl, *sslBytes, length) < 0) { + if (GrowInputBuffer(ssl, *sslBytes, 0) < 0) { SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE); return -1; } } - XMEMCPY(&ssl->buffers.inputBuffer.buffer[length], - curr->data, *sslBytes); + XMEMCPY(ssl->buffers.inputBuffer.buffer, curr->data, *sslBytes); *front = curr->next; *reassemblyMemory -= *sslBytes; FreePacketBuffer(curr); - *sslBytes += length; ssl->buffers.inputBuffer.length = *sslBytes; *sslFrame = ssl->buffers.inputBuffer.buffer; *end = *sslFrame + *sslBytes; diff --git a/wolfssl/sniffer_error.h b/wolfssl/sniffer_error.h index e96ad18dd..53acf6a10 100644 --- a/wolfssl/sniffer_error.h +++ b/wolfssl/sniffer_error.h @@ -112,7 +112,8 @@ #define BAD_SESSION_STATS 76 #define REASSEMBLY_MAX_STR 77 #define DROPPING_LOST_FRAG_STR 78 -#define CLEAR_ACK_FAULT 79 +#define DROPPING_PARTIAL_RECORD 79 +#define CLEAR_ACK_FAULT 80 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ diff --git a/wolfssl/sniffer_error.rc b/wolfssl/sniffer_error.rc index 1a0a87ba9..40bfac84a 100644 --- a/wolfssl/sniffer_error.rc +++ b/wolfssl/sniffer_error.rc @@ -94,6 +94,7 @@ STRINGTABLE 76, "Get Session Stats Failure" 77, "Reassembly Buffer Size Exceeded" 78, "Dropping Lost Fragment" - 79, "Clear ACK Fault" + 79, "Dropping Partial Record" + 80, "Clear ACK Fault" }