Project

General

Profile

Actions

Bug #4246

closed

Assertion failed in AdjustToAcked delta > 10000000ULL && delta > stream->window

Added by Philippe Antoine almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0, Needs backport to 6.0


Files

lol.pcapng (4.8 KB) lol.pcapng Suricata reproducer Philippe Antoine, 12/30/2020 08:51 PM

Related issues 2 (0 open2 closed)

Copied to Suricata - Bug #4341: Assertion failed in AdjustToAcked delta > 10000000ULL && delta > stream->windowClosedJeff LucovskyActions
Copied to Suricata - Bug #4342: Assertion failed in AdjustToAcked delta > 10000000ULL && delta > stream->windowClosedVictor JulienActions
Actions #1

Updated by Philippe Antoine almost 4 years ago

I do not know if this assertion is right.

I understand that the scenario to trigger this is :
Have a stream with a very big window > 10000000ULL, with tcp window being 0xFFFF and scale factor 8
Grow delta ie stream->last_ack - stream->base_seq bigger than 10000000ULL but smaller than window
Then have a packet with a small window, and delta will not have changed. Hence the assertion will trigger

Actions #3

Updated by Philippe Antoine almost 4 years ago

  • Assignee set to Victor Julien
Actions #4

Updated by Victor Julien almost 4 years ago

  • Status changed from New to Assigned
Actions #5

Updated by Victor Julien almost 4 years ago

I've not been able to get this to trigger with the pcap. How are you running it?

Actions #6

Updated by Philippe Antoine almost 4 years ago

The pcap seems not to be a reproducer now...
Will try to craft another one later

Actions #7

Updated by Philippe Antoine almost 4 years ago

suricata -r lol.pcapng -k none -c suricata.yaml
Trick is to enable HTTP2 in suricata.yaml

Actions #8

Updated by Victor Julien almost 4 years ago

  • Status changed from Assigned to Closed
  • Private changed from Yes to No
  • Label Needs backport to 5.0, Needs backport to 6.0 added
Actions #9

Updated by Philippe Antoine almost 4 years ago

  • Status changed from Closed to In Progress

Fix seems incomplete as per https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30885
fuzz_sigpcap: stream-tcp-reassemble.c:989: _Bool CheckGap(TcpSession *, TcpStream *, Packet *): Assertion `!((delta > 10000000ULL && delta > stream->window))' failed.

Actions #10

Updated by Jeff Lucovsky almost 4 years ago

  • Copied to Bug #4341: Assertion failed in AdjustToAcked delta > 10000000ULL && delta > stream->window added
Actions #11

Updated by Jeff Lucovsky almost 4 years ago

  • Copied to Bug #4342: Assertion failed in AdjustToAcked delta > 10000000ULL && delta > stream->window added
Actions #12

Updated by Victor Julien almost 4 years ago

  • Status changed from In Progress to Closed
  • Target version changed from 6.0.2 to 7.0.0-beta1
Actions

Also available in: Atom PDF