From: Steve Chew (stechew) Date: Mon, 23 Mar 2020 23:25:02 +0000 (+0000) Subject: Merge pull request #2084 in SNORT/snort3 from ~STECHEW/snort3:ioctl_inject_fix to... X-Git-Tag: 3.0.0-270~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=10be560d4c4df190fdf27d376adc792f67aa8670;p=thirdparty%2Fsnort3.git Merge pull request #2084 in SNORT/snort3 from ~STECHEW/snort3:ioctl_inject_fix to master Squashed commit of the following: commit 49237a73836f4b17b7cf9ef4ce101abca6e876c6 Author: Steve Chew Date: Thu Mar 19 01:05:01 2020 -0400 active: Send entire buffer at once when send_data uses ioctl. commit 38a9fd566784902701899bd098456e442ca6fd15 Author: Steve Chew Date: Tue Mar 17 17:52:51 2020 -0400 active: Fix direction of RST packet being sent to server. --- diff --git a/src/packet_io/active.cc b/src/packet_io/active.cc index 85ae185f6..1ca1a1a3d 100644 --- a/src/packet_io/active.cc +++ b/src/packet_io/active.cc @@ -293,9 +293,10 @@ uint32_t Active::send_data( // Send RST to the originator of the data. if ( flags & ENC_FLAG_RST_SRVR ) { + EncodeFlags tmp_flags = flags ^ ENC_FLAG_FWD; if ( use_direct_inject ) { - DIOCTL_DirectInjectReset msg = { p->daq_msg, !(flags & ENC_FLAG_FWD) }; + DIOCTL_DirectInjectReset msg = { p->daq_msg, !(tmp_flags & ENC_FLAG_FWD) }; ret = p->daq_instance->ioctl(DIOCTL_DIRECT_INJECT_RESET, &msg, sizeof(msg)); if ( ret != DAQ_SUCCESS ) @@ -309,7 +310,6 @@ uint32_t Active::send_data( else { plen = 0; - EncodeFlags tmp_flags = flags ^ ENC_FLAG_FWD; seg = PacketManager::encode_response(TcpResponse::RST, tmp_flags, p, plen); if ( seg ) @@ -327,34 +327,37 @@ uint32_t Active::send_data( flags |= ENC_FLAG_SEQ; uint32_t sent = 0; - const uint16_t maxPayload = PacketManager::encode_get_max_payload(p); // Inject the payload. - if (maxPayload) + if ( use_direct_inject ) { - uint16_t toSend; - do + flags = (flags & ~ENC_FLAG_VAL); + const DAQ_DIPayloadSegment segments[] = { {buf, blen} }; + const DAQ_DIPayloadSegment* payload[] = { &segments[0] }; + DIOCTL_DirectInjectPayload msg = { p->daq_msg, payload, 1, !(flags & ENC_FLAG_FWD)}; + ret = p->daq_instance->ioctl(DIOCTL_DIRECT_INJECT_PAYLOAD, + &msg, sizeof(msg)); + if ( ret != DAQ_SUCCESS ) { - plen = 0; - toSend = blen > maxPayload ? maxPayload : blen; - flags = (flags & ~ENC_FLAG_VAL) | sent; - if ( use_direct_inject ) - { - const DAQ_DIPayloadSegment segments[] = { {buf, toSend} }; - const DAQ_DIPayloadSegment* payload[] = { &segments[0] }; - DIOCTL_DirectInjectPayload msg = { p->daq_msg, payload, 1, !(flags & ENC_FLAG_FWD)}; - ret = p->daq_instance->ioctl(DIOCTL_DIRECT_INJECT_PAYLOAD, - &msg, sizeof(msg)); - if ( ret != DAQ_SUCCESS ) - { - active_counts.failed_direct_injects++; - return sent; - } + active_counts.failed_direct_injects++; + return 0; + } - active_counts.direct_injects++; - } - else + sent = blen; + active_counts.direct_injects++; + } + else + { + const uint16_t maxPayload = PacketManager::encode_get_max_payload(p); + + if (maxPayload) + { + uint32_t toSend; + do { + plen = 0; + flags = (flags & ~ENC_FLAG_VAL) | sent; + toSend = blen > maxPayload ? maxPayload : blen; seg = PacketManager::encode_response(TcpResponse::PUSH, flags, p, plen, buf, toSend); if ( !seg ) @@ -368,12 +371,12 @@ uint32_t Active::send_data( active_counts.failed_injects++; else active_counts.injects++; - } - sent += toSend; - buf += toSend; + sent += toSend; + buf += toSend; + } + while (blen -= toSend); } - while (blen -= toSend); } // FIXIT-L: Currently there is no support for injecting a FIN via