]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
Merge pull request #1423 in SNORT/snort3 from ~SMINUT/snort3:fuzz_segfault to master
authorMike Stepanek (mstepane) <mstepane@cisco.com>
Mon, 19 Nov 2018 20:42:09 +0000 (15:42 -0500)
committerMike Stepanek (mstepane) <mstepane@cisco.com>
Mon, 19 Nov 2018 20:42:09 +0000 (15:42 -0500)
Squashed commit of the following:

commit 680fd0e03fb815f05bcc3862d7486dcb7c88a9a8
Author: Silviu Minut <sminut@cisco.com>
Date:   Fri Nov 2 16:19:05 2018 -0400

    protocols: add vlan_idx field to Packet struct and handle multiple vlan type ids. Thanks to ymansour for reporting this issue.

    protocols: change int8 to unit8 for vlan_idx type.

src/protocols/layer.cc
src/protocols/packet.h
src/protocols/packet_manager.cc

index e687c0105839ced22e501288ab836e629644b549..f84db4305f10f14280b48c03e4319c72f1585052 100644 (file)
@@ -144,11 +144,13 @@ const Layer* get_mpls_layer(const Packet* const p)
 
 const vlan::VlanTagHdr* get_vlan_layer(const Packet* const p)
 {
-    uint8_t num_layers = p->num_layers;
-    const Layer* lyr = p->layers;
-
-    return reinterpret_cast<const vlan::VlanTagHdr*>(
-        find_inner_layer(lyr, num_layers, ProtocolId::ETHERTYPE_8021Q));
+    if ( p->proto_bits & PROTO_BIT__VLAN )
+    {
+        assert( p->vlan_idx < p->num_layers );
+        const Layer* lyr = p->layers + p->vlan_idx;
+        return reinterpret_cast<const vlan::VlanTagHdr*>(lyr->start);
+    }
+    return nullptr;
 }
 
 const eth::EtherHdr* get_eth_layer(const Packet* const p)
@@ -445,4 +447,3 @@ const icmp::ICMPHdr* get_icmp_embed_icmp(const ip::IpApi& api)
 { return reinterpret_cast<const icmp::ICMPHdr*>(api.ip_data()); }
 } // namespace layer
 } // namespace snort
-
index 477c4622629a2138e8120892ad06220124af76a3..b28fd053e9a7cfbcfbbc22d7aa7083c69978eeae 100644 (file)
@@ -146,6 +146,8 @@ struct SO_PUBLIC Packet
     uint32_t user_ips_policy_id;
     uint32_t user_network_policy_id;
 
+    uint8_t vlan_idx;
+
     // IP_MAXPACKET is the minimum allowable max_dsize
     // there is no requirement that all data fit into an IP datagram
     // but we do require that an IP datagram fit into Packet space
@@ -352,4 +354,3 @@ inline uint64_t alignedNtohq(const uint64_t* ptr)
 }
 }
 #endif
-
index 7a62a56129b2ca9e4987aea246e07bca062c69f2..79282c9f14ea08f2e097e775e3c1d7c7c9f8cb4e 100644 (file)
@@ -174,7 +174,7 @@ void PacketManager::decode(
             }
             codec_data.codec_flags &= ~CODEC_ETHER_NEXT;
         }
-                
+
         /*
          * We only want the layer immediately following SAVE_LAYER to have the
          * UNSURE_ENCAP flag set.  So, if this is a SAVE_LAYER, zero out the
@@ -219,8 +219,14 @@ void PacketManager::decode(
         if ( p->num_layers == CodecManager::max_layers )
             DetectionEngine::queue_event(GID_DECODE, DECODE_TOO_MANY_LAYERS);
         else
+        {
             push_layer(p, prev_prot_id, raw.data, codec_data.lyr_len);
 
+            // Cache the index of the vlan layer for quick access.
+            if ( codec_data.proto_bits == PROTO_BIT__VLAN )
+                p->vlan_idx = p->num_layers-1;
+        }
+
         // internal statistics and record keeping
         s_stats[mapped_prot + stat_offset]++; // add correct decode for previous layer
         mapped_prot = CodecManager::s_proto_map[to_utype(codec_data.next_prot_id)];
@@ -918,4 +924,3 @@ void PacketManager::log_protocols(TextLog* const text_log,
         }
     }
 }
-