Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 07:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

packet_analysis/TCP: Do not use untrusted len for DeliverPacket()

Browse source 
We should not be passing the untrusted TCP header length into
DeliverPacket(). Also, DeliverPacket() cap len parameter should
be the capture length of the packet, not remaining data.
This commit is contained in:
Arne Welzel 2023-05-24 16:38:33 +02:00
parent a41dfb28d5
commit 6941e44aba
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/packet_analysis/protocol/tcp/TCP.cc
View file

@ -130,7 +130,8 @@ void TCPAnalyzer::DeliverPacket(Connection* c, double t, bool is_orig, int remai
// Call DeliverPacket on the adapter directly here. Normally we'd call ForwardPacket
// but this adapter does some other things in its DeliverPacket with the packet children
// analyzers.
adapter->DeliverPacket(len, data, is_orig, adapter->LastRelDataSeq(), ip.get(), remaining);
adapter->DeliverPacket(remaining, data, is_orig, adapter->LastRelDataSeq(), ip.get(),
pkt->cap_len);
}
const struct tcphdr* TCPAnalyzer::ExtractTCP_Header(const u_char*& data, int& len, int& remaining,