Merge pull request #2834 in SNORT/snort3 from ~MDAGON/snort3:goaway to master

Squashed commit of the following:

commit 184702db041232b8f7f1dda1c1bd61e7f5774fa3
Author: Maya Dagon <mdagon@cisco.com>
Date:   Wed Mar 24 11:12:18 2021 -0400

    payload_injector: send go away frame

diff --git a/src/payload_injector/payload_injector_translate_page.cc b/src/payload_injector/payload_injector_translate_page.cc
index d4d239ae4ea2dc358abc9eb8c04d02f8371299fc..f206a7d21cfa735f4be222650fcc1d1c0af192e1 100644 (file)
--- a/src/payload_injector/payload_injector_translate_page.cc
+++ b/src/payload_injector/payload_injector_translate_page.cc
@@ -55,6 +55,10 @@ static const uint32_t max_hdr_size = 2000;
 // Empty settings frame
 static const uint8_t empty_settings_frame[] = { 0, 0, 0, FT_SETTINGS, 0, 0, 0, 0, 0 };
 
+// Goaway frame header
+static const uint8_t goaway_frame_len = 8; // 4 bytes stream id + 4 bytes error code
+static const uint8_t goaway_frame_header[] = { 0, 0, goaway_frame_len, FT_GOAWAY, 0, 0, 0, 0, 0};
+
 static InjectionReturnStatus write_translation(uint8_t*& out, uint32_t& out_free_space,
     const uint8_t* translation, uint32_t size)
 {
@@ -244,7 +248,18 @@ static void write_frame_hdr(uint8_t*& out, uint32_t len, uint8_t type, uint8_t f
     out[4] = flags;
     stream_id = htonl(stream_id);
     memcpy(out+5, &stream_id, 4);
-    out += Http2Enums::FRAME_HEADER_LENGTH;
+    out += FRAME_HEADER_LENGTH;
+}
+
+static void write_goaway_frame(uint8_t*& out, uint32_t stream_id)
+{
+    memcpy(out, goaway_frame_header, FRAME_HEADER_LENGTH);
+    out += FRAME_HEADER_LENGTH;
+    stream_id = htonl(stream_id);
+    memcpy(out, &stream_id, 4);
+    const uint32_t error_code = 0;
+    memcpy(out+4, &error_code, 4);
+    out += goaway_frame_len;
 }
 
 InjectionReturnStatus PayloadInjector::get_http2_payload(InjectionControl control,
@@ -265,7 +280,8 @@ InjectionReturnStatus PayloadInjector::get_http2_payload(InjectionControl contro
     uint32_t num_data_frames = body_len / (1<<14);
     if (body_len % (1<<14) != 0)
         num_data_frames++;
-    payload_len = FRAME_HEADER_LENGTH*(num_data_frames + 1) + hdr_len + body_len;
+    payload_len = FRAME_HEADER_LENGTH*(num_data_frames + 1) + hdr_len + body_len; // block page
+    payload_len += FRAME_HEADER_LENGTH + goaway_frame_len; // goaway frame
     if (send_settings)
         payload_len += sizeof(empty_settings_frame);
     http2_payload = (uint8_t*)snort_alloc(payload_len);
@@ -290,6 +306,7 @@ InjectionReturnStatus PayloadInjector::get_http2_payload(InjectionControl contro
         http2_payload_cur += cur_len;
         http_body_cur += cur_len;
     }
+    write_goaway_frame(http2_payload_cur, control.stream_id);
     assert((http2_payload_cur - http2_payload) == payload_len);
     return INJECTION_SUCCESS;
 }

diff --git a/src/payload_injector/test/payload_injector_translate_test.cc b/src/payload_injector/test/payload_injector_translate_test.cc
index 27ef79ea2aae41b62bf341d630972a34b687d88e..e3dce6dead97808b4f75a6f0c49f317e5a1daece 100644 (file)
--- a/src/payload_injector/test/payload_injector_translate_test.cc
+++ b/src/payload_injector/test/payload_injector_translate_test.cc
@@ -61,7 +61,8 @@ TEST(payload_injector_translate_test, basic_hdr_translation)
         0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, 0x74, 0x79, 0x70, 0x65, 0x22, 0x20, 0x63,
         0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x3d, 0x22, 0x74, 0x65, 0x78, 0x74, 0x2f, 0x68,
         0x74, 0x6d, 0x6c, 0x3b, 0x20, 0x63, 0x68, 0x61, 0x72, 0x73, 0x65, 0x74, 0x3d, 0x55,
-        0x54, 0x46, 0x2d, 0x38, 0x22, 0x20, 0x2f, 0x3e, 0xa
+        0x54, 0x46, 0x2d, 0x38, 0x22, 0x20, 0x2f, 0x3e, 0xa, 0x0, 0x0, 0x8, 0x7, 0x0, 0x0,
+        0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0
     };
     CHECK(payload_len == sizeof(out));
     CHECK(memcmp(http2_payload, out, payload_len) == 0);
@@ -89,7 +90,8 @@ TEST(payload_injector_translate_test, basic_hdr_translation2)
         0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0xf, 0x28, 0x1b, 0x30, 0x34, 0x66, 0x32, 0x3b, 0x20,
         0x4d, 0x61, 0x78, 0x2d, 0x41, 0x67, 0x65, 0x3a, 0x20, 0x36, 0x30, 0x30, 0x3b, 0x20,
         0x70, 0x61, 0x74, 0x68, 0x3d, 0x2f, 0x3b, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0,
-        0x1, 0x42, 0x6f, 0x64, 0x79, 0xa
+        0x1, 0x42, 0x6f, 0x64, 0x79, 0xa, 0x0, 0x0, 0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+        0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0
     };
     CHECK(payload_len == sizeof(out));
     CHECK(memcmp(http2_payload, out, payload_len) == 0);
@@ -118,7 +120,8 @@ TEST(payload_injector_translate_test, basic_hdr_translation3)
         0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0xf, 0x28, 0x1b, 0x30, 0x34, 0x66, 0x32, 0x3b, 0x20,
         0x4d, 0x61, 0x78, 0x2d, 0x41, 0x67, 0x65, 0x3a, 0x20, 0x36, 0x30, 0x30, 0x3b, 0x20,
         0x70, 0x61, 0x74, 0x68, 0x3d, 0x2f, 0x3b, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0,
-        0x1, 0x42, 0x6f, 0x64, 0x79, 0xa
+        0x1, 0x42, 0x6f, 0x64, 0x79, 0xa, 0x0, 0x0, 0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+        0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0
     };
     CHECK(payload_len == sizeof(out));
     CHECK(memcmp(http2_payload, out, payload_len) == 0);
@@ -148,7 +151,7 @@ TEST(payload_injector_translate_test, mix_n_and_rn)
         0x2f, 0x3b, 0xf, 0x10, 0x18, 0x74, 0x65, 0x78,
         0x74, 0x2f, 0x68, 0x74, 0x6d, 0x6c, 0x3b, 0x20, 0x63, 0x68, 0x61, 0x72, 0x73, 0x65, 0x74,
         0x3d, 0x55, 0x54, 0x46, 0x2d, 0x38, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1,
-        0x62
+        0x62, 0x0, 0x0, 0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0
     };
     CHECK(payload_len == sizeof(out));
     CHECK(memcmp(http2_payload, out, payload_len) == 0);
@@ -309,7 +312,8 @@ TEST(payload_injector_translate_test, val_len1)
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61,
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61,
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x0, 0x0, 0x4,
-        0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x62, 0x6f, 0x64, 0x79
+        0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x62, 0x6f, 0x64, 0x79, 0x0, 0x0, 0x8, 0x7, 0x0,
+        0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0
     };
     CHECK(payload_len == sizeof(out));
     CHECK(memcmp(http2_payload, out, payload_len) == 0);
@@ -345,7 +349,8 @@ TEST(payload_injector_translate_test, val_len2)
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61,
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61,
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x0, 0x0, 0x4, 0x0,
-        0x1, 0x0, 0x0, 0x0, 0x1, 0x62, 0x6f, 0x64, 0x79
+        0x1, 0x0, 0x0, 0x0, 0x1, 0x62, 0x6f, 0x64, 0x79, 0x0, 0x0, 0x8, 0x7, 0x0, 0x0,
+        0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0
     };
     CHECK(payload_len == sizeof(out));
     CHECK(memcmp(http2_payload, out, payload_len) == 0);
@@ -410,7 +415,8 @@ TEST(payload_injector_translate_test, val_len3)
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61,
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x61,
         0x61, 0x61, 0x61, 0x61, 0x61, 0x61, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0,
-        0x1, 0x62, 0x6f, 0x64, 0x79
+        0x1, 0x62, 0x6f, 0x64, 0x79, 0x0, 0x0, 0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
+        0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0
     };
     CHECK(payload_len == sizeof(out));
     CHECK(memcmp(http2_payload, out, payload_len) == 0);
@@ -443,7 +449,7 @@ TEST(payload_injector_translate_test, http2_hdr_is_max)
     status = PayloadInjector::get_http2_payload(control, http2_payload, payload_len, false);
 
     CHECK(status == INJECTION_SUCCESS);
-    CHECK(payload_len == 2019);
+    CHECK(payload_len == 2036);
     uint8_t hdr[] = { 0x0, 0x7, 0xd0, 0x1, 0x4, 0x0, 0x0, 0xf0, 0x0 };
     CHECK(memcmp(http2_payload, hdr, sizeof(hdr))==0);
     uint8_t body[] = { 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0xf0, 0x0, 'b' };