wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 20:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for handling TCP out-of-range sequence number.

Browse Source
This commit is contained in:
David Garske
2020-11-12 16:08:07 -08:00
parent c7053e9a36
commit f02cc650a2
1 changed files with 13 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/sniffer.c
View File

@@ -2649,8 +2649,8 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
/* make sure we didn't miss ClientHello */ /* make sure we didn't miss ClientHello */
if (session->flags.clientHello == 0 || session->sslClient->arrays == NULL) { if (session->flags.clientHello == 0 || session->sslClient->arrays == NULL) {
SetError(MISSED_CLIENT_HELLO_STR, error, session, FATAL_ERROR_STATE); SetError(MISSED_CLIENT_HELLO_STR, error, session, 0);
return -1; return 0; /* do not throw error, just ignore packet */
} }
/* make sure can read through session len */ /* make sure can read through session len */
@@ -4152,6 +4152,7 @@ static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
SetError(PACKET_HDR_SHORT_STR, error, NULL, 0); SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
return -1; return -1;
} }
/* We only care about the data in the TCP/IP record. There may be extra /* We only care about the data in the TCP/IP record. There may be extra
* data after the IP record for the FCS for Ethernet. */ * data after the IP record for the FCS for Ethernet. */
*sslBytes = (int)(packet + ipInfo->total - *sslFrame); *sslBytes = (int)(packet + ipInfo->total - *sslFrame);
@@ -4564,6 +4565,8 @@ static int FixSequence(TcpInfo* tcpInfo, SnifferSession* session)
{ {
word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ? word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
&session->srvExpected : &session->cliExpected; &session->srvExpected : &session->cliExpected;
word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
session->srvSeqStart : session->cliSeqStart;
PacketBuffer* list = (session->flags.side == WOLFSSL_SERVER_END) ? PacketBuffer* list = (session->flags.side == WOLFSSL_SERVER_END) ?
session->srvReassemblyList : session->srvReassemblyList :
session->cliReassemblyList; session->cliReassemblyList;
@@ -4571,16 +4574,16 @@ static int FixSequence(TcpInfo* tcpInfo, SnifferSession* session)
&session->flags.srvSkipPartial : &session->flags.srvSkipPartial :
&session->flags.cliSkipPartial; &session->flags.cliSkipPartial;
if (tcpInfo->ackNumber < seqStart) {
return -1; /* do not fix sequence - could be ack on unseen seq */
}
*skipPartial = 1; *skipPartial = 1;
if (list != NULL) if (list != NULL)
*expected = list->begin; *expected = list->begin;
else { else
word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ? *expected = tcpInfo->ackNumber - seqStart;
session->srvSeqStart : session->cliSeqStart;
word32 real = tcpInfo->ackNumber - seqStart;
*expected = real;
}
return 1; return 1;
} }
@@ -4621,8 +4624,8 @@ static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo,
&session->flags.cliAckFault : &session->flags.cliAckFault :
&session->flags.srvAckFault; &session->flags.srvAckFault;
/* init SEQ from server to client */ /* init SEQ from server to client - if not ack fault */
if (tcpInfo->syn && tcpInfo->ack) { if (tcpInfo->syn && tcpInfo->ack && !*ackFault) {
session->srvSeqStart = tcpInfo->sequence; session->srvSeqStart = tcpInfo->sequence;
session->srvExpected = 1; session->srvExpected = 1;
TraceServerSyn(tcpInfo->sequence); TraceServerSyn(tcpInfo->sequence);