feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

sniffer skips partially received record when fixing an ACK fault

Browse Source
This commit is contained in:
John Safranek
2015-10-02 15:13:02 -07:00
parent 1237b35bb8
commit 9fe5401630
3 changed files with 13 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/sniffer.c
View File

@@ -246,6 +246,7 @@ static const char* const msgTable[] =
"Get Session Stats Failure", "Get Session Stats Failure",
"Reassembly Buffer Size Exceeded", "Reassembly Buffer Size Exceeded",
"Dropping Lost Fragment", "Dropping Lost Fragment",
"Dropping Partial Record",
"Clear ACK Fault" "Clear ACK Fault"
}; };
@@ -2528,10 +2529,7 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session,
else if (tcpInfo->fin) else if (tcpInfo->fin)
return AddFinCapture(session, real); return AddFinCapture(session, real);
} }
else { else if (*sslBytes > 0) {
/* The following conditional block is duplicated above. It is the
* same action but for a different setup case. If changing this
* block be sure to also update the block above. */
if (skipPartial) { if (skipPartial) {
AddToReassembly(session->flags.side, real, AddToReassembly(session->flags.side, real,
*sslFrame, *sslBytes, session, error); *sslFrame, *sslBytes, session, error);
@@ -2541,6 +2539,9 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session,
*expected += 1; *expected += 1;
return 0; return 0;
} }
/* The following conditional block is duplicated above. It is the
* same action but for a different setup case. If changing this
* block be sure to also update the block above. */
else if (reassemblyList) { else if (reassemblyList) {
word32 newEnd = *expected + *sslBytes; word32 newEnd = *expected + *sslBytes;
@@ -2600,25 +2601,23 @@ static int FindNextRecordInAssembly(SnifferSession* session,
curr->data[1] == pv.major && curr->data[1] == pv.major &&
curr->data[2] == pv.minor) { curr->data[2] == pv.minor) {
word32 length; if (ssl->buffers.inputBuffer.length > 0)
Trace(DROPPING_PARTIAL_RECORD);
*sslBytes = curr->end - curr->begin + 1; *sslBytes = curr->end - curr->begin + 1;
length = ssl->buffers.inputBuffer.length;
if ( (word32)*sslBytes > ssl->buffers.inputBuffer.bufferSize) { if ( (word32)*sslBytes > ssl->buffers.inputBuffer.bufferSize) {
if (GrowInputBuffer(ssl, *sslBytes, length) < 0) { if (GrowInputBuffer(ssl, *sslBytes, 0) < 0) {
SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE); SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
return -1; return -1;
} }
} }
XMEMCPY(&ssl->buffers.inputBuffer.buffer[length], XMEMCPY(ssl->buffers.inputBuffer.buffer, curr->data, *sslBytes);
curr->data, *sslBytes);
*front = curr->next; *front = curr->next;
*reassemblyMemory -= *sslBytes; *reassemblyMemory -= *sslBytes;
FreePacketBuffer(curr); FreePacketBuffer(curr);
*sslBytes += length;
ssl->buffers.inputBuffer.length = *sslBytes; ssl->buffers.inputBuffer.length = *sslBytes;
*sslFrame = ssl->buffers.inputBuffer.buffer; *sslFrame = ssl->buffers.inputBuffer.buffer;
*end = *sslFrame + *sslBytes; *end = *sslFrame + *sslBytes;

3
wolfssl/sniffer_error.h
View File

@@ -112,7 +112,8 @@
#define BAD_SESSION_STATS 76 #define BAD_SESSION_STATS 76
#define REASSEMBLY_MAX_STR 77 #define REASSEMBLY_MAX_STR 77
#define DROPPING_LOST_FRAG_STR 78 #define DROPPING_LOST_FRAG_STR 78
#define CLEAR_ACK_FAULT 79 #define DROPPING_PARTIAL_RECORD 79
#define CLEAR_ACK_FAULT 80
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

3
wolfssl/sniffer_error.rc
View File

@@ -94,6 +94,7 @@ STRINGTABLE
76, "Get Session Stats Failure" 76, "Get Session Stats Failure"
77, "Reassembly Buffer Size Exceeded" 77, "Reassembly Buffer Size Exceeded"
78, "Dropping Lost Fragment" 78, "Dropping Lost Fragment"
79, "Clear ACK Fault" 79, "Dropping Partial Record"
80, "Clear ACK Fault"
} }