From f1368df0dea4626eee33a1809d8d6b1e003470af Mon Sep 17 00:00:00 2001
From: _Frky <3105926+Frky@users.noreply.github.com>
Date: Thu, 23 Dec 2021 08:08:54 +0100
Subject: [PATCH] Add test to highlight bug - protocol parsing state not kept

---
 test/src/tests/http.py | 74 ++++++++++++++++++++++++++++++++++++++++--
 test/src/tests/rpc.py  | 19 ++++++++---
 2 files changed, 85 insertions(+), 8 deletions(-)

diff --git a/test/src/tests/http.py b/test/src/tests/http.py
index 811d9ff..2e829ff 100644
--- a/test/src/tests/http.py
+++ b/test/src/tests/http.py
@@ -74,6 +74,74 @@ def test_ipv4_tcp_http():
         assert tcp.payload.load.startswith(b"HTTP/1.1 401 Unauthorized\n")
 
 
+@test
+def test_ipv4_tcp_http_segmented():
+    sport = 24592
+    dports = [80, 443, 5000, 53228]
+    for dport in dports:
+        seq_init = int(RandInt())
+        syn = (
+            Ether(dst=MAC_ADDR)
+            / IP(dst=IPV4_ADDR)
+            / TCP(flags="S", sport=sport, dport=dport, seq=seq_init)
+        )
+        syn_ack = srp1(syn, timeout=1)
+        assert syn_ack is not None, "expecting answer, got nothing"
+        check_ip_checksum(syn_ack)
+        assert TCP in syn_ack, "expecting TCP, got %r" % syn_ack.summary()
+        syn_ack = syn_ack[TCP]
+        assert syn_ack.flags == "SA", "expecting TCP SA, got %r" % syn_ack.flags
+        ack = (
+            Ether(dst=MAC_ADDR)
+            / IP(dst=IPV4_ADDR)
+            / TCP(
+                flags="A",
+                sport=sport,
+                dport=dport,
+                seq=seq_init + 1,
+                ack=syn_ack.seq + 1,
+            )
+        )
+        _ = srp1(ack, timeout=1)
+        # request is not complete yet
+        req = (
+            Ether(dst=MAC_ADDR)
+            / IP(dst=IPV4_ADDR)
+            / TCP(
+                flags="PA",
+                sport=sport,
+                dport=dport,
+                seq=seq_init + 1,
+                ack=syn_ack.seq + 1,
+            )
+            / Raw("GET / HTTP/1.1\r\n")
+        )
+        resp = srp1(req, timeout=1)
+        assert resp is not None, "expecting answer, got nothing"
+        check_ip_checksum(resp)
+        assert TCP in resp, "expecting TCP, got %r" % resp.summary()
+        assert resp[TCP].flags == "A"
+        req = (
+            Ether(dst=MAC_ADDR)
+            / IP(dst=IPV4_ADDR)
+            / TCP(
+                flags="PA",
+                sport=sport,
+                dport=dport,
+                seq=seq_init + len(req) + 1,
+                ack=syn_ack.seq + 1,
+            )
+            / Raw("\r\n")
+        )
+        resp = srp1(req, timeout=1)
+        assert resp is not None, "expecting answer, got nothing"
+        check_ip_checksum(resp)
+        assert TCP in resp, "expecting TCP, got %r" % resp.summary()
+        tcp = resp[TCP]
+        assert tcp.flags == "PA"
+        assert tcp.payload.load.startswith(b"HTTP/1.1 401 Unauthorized\n")
+
+
 @test
 def test_ipv4_tcp_http_incomplete():
     sport = 24595
@@ -126,7 +194,7 @@ def test_ipv4_tcp_http_incomplete():
 
 @test
 def test_ipv6_tcp_http():
-    sport = 24592
+    sport = 24594
     dports = [80, 443, 5000, 53228]
     for dport in dports:
         seq_init = int(RandInt())
@@ -213,7 +281,7 @@ def test_ipv6_udp_http():
 
 @test
 def test_ipv4_tcp_http_ko():
-    sport = 24592
+    sport = 24596
     dports = [80, 443, 5000, 53228]
     for dport in dports:
         seq_init = int(RandInt())
@@ -277,7 +345,7 @@ def test_ipv4_udp_http_ko():
 
 @test
 def test_ipv6_tcp_http_ko():
-    sport = 24592
+    sport = 24597
     dports = [80, 443, 5000, 53228]
     for dport in dports:
         seq_init = int(RandInt())
diff --git a/test/src/tests/rpc.py b/test/src/tests/rpc.py
index 62e42a1..8f2e5ce 100644
--- a/test/src/tests/rpc.py
+++ b/test/src/tests/rpc.py
@@ -56,17 +56,26 @@ def test_rpc_nmap():
         result = results[0]
         assert len(result["ports"]) == 1, f"Expected 1 port, got {len(result['ports'])}"
         port = result["ports"][0]
-        assert port["port"] == 111 and port["protocol"] == (
+        assert port["port"] == 111, f"Expected port 111, got {port['port']}"
+        assert port["protocol"] == (
             "tcp" if scan == "S" else "udp"
-        )
-        assert port["service_name"] in {"rpcbind", "nfs"}
-        assert port["service_extrainfo"] in {"RPC #100000", "RPC #100003"}
+        ), f"Unexpected proto {port['protocol']} for scan {scan}"
+        assert port["service_name"] in {
+            "rpcbind",
+            "nfs",
+            }, f"Unexpected service_name: {port['service_name']}"
+        assert port["service_extrainfo"] in {
+            "RPC #100000",
+            "RPC #100003",
+            }, f"Unexpected service_extrainfo: {port['service_extrainfo']}"
         assert (
             len(port["scripts"]) == 1
         ), f"Expected 1 script, got {len(port['scripts'])}"
         script = port["scripts"][0]
         assert script["id"] == "rpcinfo", "Expected rpcinfo script, not found"
-        assert len(script["rpcinfo"]) == 1
+        assert (
+            len(script["rpcinfo"]) == 1
+        ), f"Expected 1 rpcinfo, got {len(script['rpcinfo'])}"
 
 
 @test