Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 01:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/topic/timw/fix-ip-header-length-checking'

Browse source 
* origin/topic/timw/fix-ip-header-length-checking:
  Fix handling of IP packets with bogus IP header lengths
This commit is contained in:
Tim Wojtulewicz 2021-06-04 08:28:57 -07:00
commit d15fca7e17
5 changed files with 24 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/packet_analysis/protocol/ip/IP.cc
View file

@ -235,6 +235,13 @@ bool IPAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
packet->proto = proto;
// Double check the lengths one more time before forwarding this on.
if ( packet->ip_hdr->TotalLen() < packet->ip_hdr->HdrLen() )
{
Weird("bogus_IP_header_lengths", packet);
return false;
}
switch ( proto ) {
case IPPROTO_NONE:
// If the packet is encapsulated in Teredo, then it was a bubble and