Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add header length check to GRE packet analyzer

Browse source
This commit is contained in:
Tim Wojtulewicz 2020-10-19 10:26:23 -07:00
parent 4d27793f13
commit a19b018dc8
1 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/packet_analysis/protocol/gre/GRE.cc
View file

@ -10,7 +10,7 @@
using namespace zeek::packet_analysis::GRE; using namespace zeek::packet_analysis::GRE;
static unsigned int gre_header_len(uint16_t flags) static unsigned int gre_header_len(uint16_t flags=0)
{ {
unsigned int len = 4; // Always has 2 byte flags and 2 byte protocol type. unsigned int len = 4; // Always has 2 byte flags and 2 byte protocol type.
@ -44,7 +44,7 @@ bool GREAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
{ {
if ( ! packet->ip_hdr ) if ( ! packet->ip_hdr )
{ {
reporter->InternalError("GREAnalyzer: ip_hdr not found in packet keystore"); reporter->InternalError("GREAnalyzer: ip_hdr not provided from earlier analyzer");
return false; return false;
} }
@ -54,6 +54,12 @@ bool GREAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
return false; return false;
} }
if ( len < gre_header_len() )
{
sessions->Weird("truncated_GRE", packet);
return false;
}
int proto = packet->proto; int proto = packet->proto;
int gre_link_type = DLT_RAW; int gre_link_type = DLT_RAW;