Project

General

Profile

Actions

Feature #746

closed

Decoding API modification

Added by Eric Leblond almost 12 years ago. Updated about 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

I propose to change the type of Decode* function (and other decoding functions as well). It could then return an error if the decoding is not correct (let's say SC_ERR).

Then we could do in DecodeTeredo and other functions:

    if (IP_GET_RAW_VER(start) == 6) {
         IPV6Hdr *thdr = (IPV6Hdr *)start;
         if (len ==  IPV6_HEADER_LEN +
                 IPV6_GET_RAW_PLEN(thdr) + (start - pkt)) {
             if (pq != NULL) {
                 int blen = len - (start - pkt);
                 /* spawn off tunnel packet */
                 Packet *tp = PacketPseudoPktSetup(p, start, blen,
                                                   IPPROTO_IPV6);
                 if (tp != NULL) {
                     PKT_SET_SRC(tp, PKT_SRC_DECODER_TEREDO);
                     /* send that to the Tunnel decoder */
                     ret = DecodeTunnel(tv, dtv, tp, GET_PKT_DATA(tp), GET_PKT_LEN(tp),
                                  pq, IPPROTO_IPV6);
                   if (ret != SC_ERR) {
                     /* add the tp to the packet queue. */
                     PacketEnqueue(pq,tp);
                     SCPerfCounterIncr(dtv->counter_teredo, tv->sc_perf_pca);
                     return 1;
               } else {
                       RETURN PACKET TO POOL
                       return 0;
                 }
                 }
             }
         }

This would allow to detect incorrect IPv6 packets which will trigger a failure of DecodeIPv6 and hence of DecodeTunnel. This way we will detect invalid packet in the most accurate way.

Actions #1

Updated by Victor Julien over 11 years ago

  • Status changed from New to Assigned
  • Assignee set to Eric Leblond
  • Target version changed from 2.0rc2 to 2.0beta2
Actions #2

Updated by Victor Julien over 11 years ago

The error should only be in case the packet is not the suspected protocol or when it's severely malformed.

We should also carefully review that the packet that errors out doesn't set vars in the packet, like a header pointer.

Actions #3

Updated by Eric Leblond about 11 years ago

  • % Done changed from 0 to 70
Actions #4

Updated by Eric Leblond about 11 years ago

  • Status changed from Assigned to Closed
Actions

Also available in: Atom PDF