Merge pull request #3121 in SNORT/snort3 from ~SMINUT/snort3:init_scale_fix to master

Squashed commit of the following:

commit 30e99be7b9374ba90e30313b69f1a8a141a0caf5
Author: Silviu Minut <sminut@cisco.com>
Date:   Wed Oct 20 12:03:50 2021 -0400

    stream_tcp: fix init_wscale() to take into account the DECODE_TCP_WS flag

    tcp: remove the probably obsolete __GNUC__ block from TcpOption::next()

    tcp: stop on the EOL option in TcpOptIteratorIter::operator++()

diff --git a/src/protocols/tcp_options.cc b/src/protocols/tcp_options.cc
index 1cf66aa204248509b16fa00ecd2efaa9d5abdb3e..cc345d37bea29ccd791358a47a579bbbe517d34b 100644 (file)
--- a/src/protocols/tcp_options.cc
+++ b/src/protocols/tcp_options.cc
@@ -42,7 +42,7 @@ const TcpOptIteratorIter& TcpOptIteratorIter::operator++()
 {
     const auto* old_opt = opt;
     opt = &opt->next();
-    if (opt == old_opt)       // defend against option length = 0
+    if (opt == old_opt or opt->code == TcpOptCode::EOL)       // defend against option length = 0
     {
         *this = iter->end();
         tcpStats.zero_len_tcp_opt++;

diff --git a/src/protocols/tcp_options.h b/src/protocols/tcp_options.h
index fad01028140c4923a838209921642695f7c79100..d80b4e93200acd320dffd7bc34b2c7d591610c9e 100644 (file)
--- a/src/protocols/tcp_options.h
+++ b/src/protocols/tcp_options.h
@@ -109,18 +109,10 @@ struct TcpOption
 
     inline const TcpOption& next() const
     {
-#ifdef __GNUC__
-        const uint8_t tmp_len = ((uint8_t)code <= 1) ? 1 : len;
-        const uint8_t* const tmp = reinterpret_cast<const uint8_t*>(this);
-        const TcpOption* opt = reinterpret_cast<const TcpOption*>(&tmp[tmp_len]);
-        return *opt;
-
-#else
         if ( (uint8_t)code <= 1 )
             return reinterpret_cast<const TcpOption&>(len);
         else
             return reinterpret_cast<const TcpOption&>(data[len -2]);
-#endif
     }
 };
 

diff --git a/src/stream/tcp/tcp_segment_descriptor.cc b/src/stream/tcp/tcp_segment_descriptor.cc
index 55cfb60145f2058016b6c58c08d7cb037c9a533c..8dd633ee8a1e6962069241f39115e2547b374025 100644 (file)
--- a/src/stream/tcp/tcp_segment_descriptor.cc
+++ b/src/stream/tcp/tcp_segment_descriptor.cc
@@ -123,26 +123,27 @@ uint32_t TcpSegmentDescriptor::init_mss(uint16_t* value)
 
 uint32_t TcpSegmentDescriptor::init_wscale(uint16_t* value)
 {
-    tcp::TcpOptIterator iter(tcph, pkt);
-
-    for (const tcp::TcpOption& opt : iter)
+    if ( pkt->ptrs.decode_flags & DECODE_TCP_WS )
     {
-        if (opt.code == tcp::TcpOptCode::WSCALE)
+        tcp::TcpOptIterator iter(tcph, pkt);
+
+        for (const tcp::TcpOption& opt : iter)
         {
-            *value = (uint16_t)opt.data[0];
+            if (opt.code == tcp::TcpOptCode::WSCALE)
+            {
+                *value = (uint16_t)opt.data[0];
 
-            // If scale specified in option is larger than 14, use 14 because of limitation
-            // in the math of shifting a 32bit value (max scaled window is 2^30th).
-            // See RFC 1323 for details.
-            if (*value > 14)
-                *value = 14;
+                // If scale specified in option is larger than 14, use 14 because of limitation
+                // in the math of shifting a 32bit value (max scaled window is 2^30th).
+                // See RFC 1323 for details.
+                if (*value > 14)
+                    *value = 14;
 
-            return TF_WSCALE;
+                return TF_WSCALE;
+            }
         }
     }
-
     *value = 0;
-
     return TF_NONE;
 }