diff --git a/scripts/base/init-bare.bro b/scripts/base/init-bare.bro index 7b1b304405..b9eca66d24 100644 --- a/scripts/base/init-bare.bro +++ b/scripts/base/init-bare.bro @@ -945,7 +945,7 @@ const IPPROTO_RAW = 255; ##< Raw IP packet. # Definitions for IPv6 extension headers. const IPPROTO_HOPOPTS = 0; ##< IPv6 hop-by-hop-options header. const IPPROTO_ROUTING = 43; ##< IPv6 routing header. -const IPPROTO_FRAGMENT = 44; ##< IPv6 fragment header. +const IPPROTO_FRAGMENT = 44; ##< IPv6 fragment header. const IPPROTO_ESP = 50; ##< IPv6 encapsulating security payload header. const IPPROTO_AH = 51; ##< IPv6 authentication header. const IPPROTO_NONE = 59; ##< IPv6 no next header. @@ -1081,14 +1081,14 @@ type ip6_ext_hdr: record { type ip6_hdr: record { class: count; ##< Traffic class. flow: count; ##< Flow label. - len: count; ##< Payload length. - nxt: count; ##< Protocol number of the next header - ##< (RFC 1700 et seq., IANA assigned number) - ##< e.g. :bro:id:`IPPROTO_ICMP`. + len: count; ##< Payload length. + nxt: count; ##< Protocol number of the next header + ##< (RFC 1700 et seq., IANA assigned number) + ##< e.g. :bro:id:`IPPROTO_ICMP`. hlim: count; ##< Hop limit. - src: addr; ##< Source address. - dst: addr; ##< Destination address. - exts: vector of ip6_ext_hdr; ##< Extension header chain. + src: addr; ##< Source address. + dst: addr; ##< Destination address. + exts: vector of ip6_ext_hdr; ##< Extension header chain. }; ## Values extracted from an IPv4 header. diff --git a/src/Frag.cc b/src/Frag.cc index a744526921..9bd16a71c9 100644 --- a/src/Frag.cc +++ b/src/Frag.cc @@ -90,7 +90,7 @@ void FragReassembler::AddFragment(double t, const IP_Hdr* ip, const u_char* pkt) if ( ip->NextProto() != next_proto || ip->HdrLen() - 8 != proto_hdr_len ) s->Weird("fragment_protocol_inconsistency", ip); - //TODO: more detailed unfrag header consistency checks? + // TODO: more detailed unfrag header consistency checks? } if ( ip->DF() ) diff --git a/src/IP.cc b/src/IP.cc index d6d1df0c31..4148c58a33 100644 --- a/src/IP.cc +++ b/src/IP.cc @@ -18,7 +18,9 @@ static RecordType* ip6_esp_type = 0; static inline RecordType* hdrType(RecordType*& type, const char* name) { - if ( ! type ) type = internal_type(name)->AsRecordType(); + if ( ! type ) + type = internal_type(name)->AsRecordType(); + return type; } @@ -54,6 +56,7 @@ static VectorVal* BuildOptionsVal(const u_char* data, uint16 len) vv->Assign(vv->Size(), rv, 0); } + return vv; } diff --git a/src/IP.h b/src/IP.h index f3e8272080..cb5bcf77c7 100644 --- a/src/IP.h +++ b/src/IP.h @@ -229,7 +229,9 @@ public: ~IP_Hdr() { - if ( ip6 ) delete ip6_hdrs; + if ( ip6 ) + delete ip6_hdrs; + if ( del ) { if ( ip4 ) diff --git a/src/PacketSort.cc b/src/PacketSort.cc index aec7639f4a..04c525c4d1 100644 --- a/src/PacketSort.cc +++ b/src/PacketSort.cc @@ -31,7 +31,7 @@ PacketSortElement::PacketSortElement(PktSrc* arg_src, else if ( ip->ip_v == 6 ) ip_hdr = new IP_Hdr((const struct ip6_hdr*) ip, false); else - // weird will be generated later in NetSessions::NextPacket + // Weird will be generated later in NetSessions::NextPacket. return; if ( ip_hdr->NextProto() == IPPROTO_TCP && diff --git a/src/Sessions.cc b/src/Sessions.cc index 4f31d29346..f03b6d4c63 100644 --- a/src/Sessions.cc +++ b/src/Sessions.cc @@ -640,20 +640,24 @@ bool NetSessions::CheckHeaderTrunc(int proto, uint32 len, uint32 caplen, min_hdr_len = sizeof(struct udphdr); break; case IPPROTO_ICMP: - default: min_hdr_len = ICMP_MINLEN; break; + default: + internal_error("unknown protocol"); } + if ( len < min_hdr_len ) { Weird("truncated_header", h, p); return true; } + if ( caplen < min_hdr_len ) { Weird("internally_truncated_header", h, p); return true; } + return false; } diff --git a/src/bro.bif b/src/bro.bif index 375a1c64c1..64ed7d1f2f 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -2067,6 +2067,7 @@ function routing0_data_to_addrs%(s: string%): addr_set const u_char* bytes = s->Bytes(); bytes += 4; // go past 32-bit reserved field len -= 4; + if ( ( len % 16 ) != 0 ) reporter->Warning("Bad ip6_routing data length: %d", s->Len());