Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 18:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix large memory allocation in IP fragment reassembly. Addresses #961.

Browse source 
Patch by jbaines modified slightly to return earlier so that the
problem packet can't cause any state change in the FragReassembler.
This commit is contained in:
Jon Siwek 2013-03-11 10:54:51 -05:00
parent 0075973249
commit 8d5434ef2d
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/Frag.cc
View file

@ -100,6 +100,13 @@ void FragReassembler::AddFragment(double t, const IP_Hdr* ip, const u_char* pkt)
int offset = ip->FragOffset(); int offset = ip->FragOffset();
int len = ip->TotalLen(); int len = ip->TotalLen();
int hdr_len = ip->HdrLen(); int hdr_len = ip->HdrLen();
if ( len < hdr_len )
{
s->Weird("fragment_protocol_inconsistency", ip);
return;
}
int upper_seq = offset + len - hdr_len; int upper_seq = offset + len - hdr_len;
if ( ! offset ) if ( ! offset )