wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3493 from dgarske/zd11245

Browse Source 
Sniffer fixes for handling TCP `out-of-range sequence number`
This commit is contained in:
toddouska
2020-11-18 16:14:09 -08:00
committed by GitHub
parent a280df1892 f02cc650a2
commit ca281f976e
1 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/sniffer.c
View File

@ -2781,9 +2781,9 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
(void)msgSz; (void)msgSz;
/* make sure we didn't miss ClientHello */ /* make sure we didn't miss ClientHello */
if (session->flags.clientHello == 0) { if (session->flags.clientHello == 0 || session->sslClient->arrays == NULL) {
SetError(MISSED_CLIENT_HELLO_STR, error, session, FATAL_ERROR_STATE); SetError(MISSED_CLIENT_HELLO_STR, error, session, 0);
return -1; return 0; /* do not throw error, just ignore packet */
} }
/* make sure can read through session len */ /* make sure can read through session len */
@ -4254,6 +4254,7 @@ static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
SetError(PACKET_HDR_SHORT_STR, error, NULL, 0); SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
return -1; return -1;
} }
/* We only care about the data in the TCP/IP record. There may be extra /* We only care about the data in the TCP/IP record. There may be extra
* data after the IP record for the FCS for Ethernet. */ * data after the IP record for the FCS for Ethernet. */
*sslBytes = (int)(packet + ipInfo->total - *sslFrame); *sslBytes = (int)(packet + ipInfo->total - *sslFrame);
@ -4666,6 +4667,8 @@ static int FixSequence(TcpInfo* tcpInfo, SnifferSession* session)
{ {
word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ? word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
&session->srvExpected : &session->cliExpected; &session->srvExpected : &session->cliExpected;
word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
session->srvSeqStart : session->cliSeqStart;
PacketBuffer* list = (session->flags.side == WOLFSSL_SERVER_END) ? PacketBuffer* list = (session->flags.side == WOLFSSL_SERVER_END) ?
session->srvReassemblyList : session->srvReassemblyList :
session->cliReassemblyList; session->cliReassemblyList;
@ -4673,16 +4676,16 @@ static int FixSequence(TcpInfo* tcpInfo, SnifferSession* session)
&session->flags.srvSkipPartial : &session->flags.srvSkipPartial :
&session->flags.cliSkipPartial; &session->flags.cliSkipPartial;
if (tcpInfo->ackNumber < seqStart) {
return -1; /* do not fix sequence - could be ack on unseen seq */
}
*skipPartial = 1; *skipPartial = 1;
if (list != NULL) if (list != NULL)
*expected = list->begin; *expected = list->begin;
else { else
word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ? *expected = tcpInfo->ackNumber - seqStart;
session->srvSeqStart : session->cliSeqStart;
word32 real = tcpInfo->ackNumber - seqStart;
*expected = real;
}
return 1; return 1;
} }
@ -4723,8 +4726,8 @@ static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo,
&session->flags.cliAckFault : &session->flags.cliAckFault :
&session->flags.srvAckFault; &session->flags.srvAckFault;
/* init SEQ from server to client */ /* init SEQ from server to client - if not ack fault */
if (tcpInfo->syn && tcpInfo->ack) { if (tcpInfo->syn && tcpInfo->ack && !*ackFault) {
session->srvSeqStart = tcpInfo->sequence; session->srvSeqStart = tcpInfo->sequence;
session->srvExpected = 1; session->srvExpected = 1;
TraceServerSyn(tcpInfo->sequence); TraceServerSyn(tcpInfo->sequence);