Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge remote-tracking branch 'origin/topic/timw/packet-length-checks' into master

Browse source 
* origin/topic/timw/packet-length-checks:
  Add length checks for IP header values before parsing TCP/UDP
This commit is contained in:
Jon Siwek 2020-10-19 18:57:00 -07:00
commit 924a24ad2b
3 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -1,4 +1,8 @@
3.3.0-dev.463 | 2020-10-19 18:57:00 -0700
* Add length checks for IP header values before parsing TCP/UDP (Tim Wojtulewicz, Corelight)
3.3.0-dev.461 | 2020-10-19 11:54:23 -0700
* Fix deprecation warning in POP3 fuzzer (Jon Siwek, Corelight)

2
VERSION
View file

@ -1 +1 @@
3.3.0-dev.461
3.3.0-dev.463

12
src/Sessions.cc
View file

@ -89,6 +89,18 @@ void NetSessions::DoNextPacket(double t, const Packet* pkt)
uint32_t len = ip_hdr->TotalLen();
uint16_t ip_hdr_len = ip_hdr->HdrLen();
if ( len < ip_hdr_len )
{
sessions->Weird("bogus_IP_header_lengths", pkt);
return;
}
if ( caplen < ip_hdr_len )
{
sessions->Weird("truncated_IP", pkt);
return;
}
len -= ip_hdr_len; // remove IP header
caplen -= ip_hdr_len; // remove IP header