From: Steve Chew (stechew) <stechew@cisco.com>
Date: Thu, 3 Oct 2019 14:17:45 +0000 (-0400)
Subject: Merge pull request #1771 in SNORT/snort3 from ~STECHEW/snort3:noack_seq_fix to master
X-Git-Tag: 3.0.0-262~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ba846fe6a752be879f202eb36e9b6c4f2a4d868;p=thirdparty%2Fsnort3.git

Merge pull request #1771 in SNORT/snort3 from ~STECHEW/snort3:noack_seq_fix to master

Squashed commit of the following:

commit 0f6d170ece2f36aeca31002ef6e7745c42d434a9
Author: Steve Chew <stechew@cisco.com>
Date:   Thu Sep 19 14:54:53 2019 -0400

    libtcp: Turn off no-ack mode if packet is out of order.
---

diff --git a/src/stream/libtcp/tcp_stream_tracker.cc b/src/stream/libtcp/tcp_stream_tracker.cc
index 1dad641fc..5d8dac635 100644
--- a/src/stream/libtcp/tcp_stream_tracker.cc
+++ b/src/stream/libtcp/tcp_stream_tracker.cc
@@ -477,11 +477,27 @@ void TcpStreamTracker::update_tracker_ack_recv(TcpSegmentDescriptor& tsd)
 // In no-ack policy, data is implicitly acked immediately.
 void TcpStreamTracker::update_tracker_no_ack_recv(TcpSegmentDescriptor& tsd)
 {
+    // No_ack mode requires that segments be provided in order. If we see
+    // a gap, don't advance the seq and turn off no-ack mode.
+    if(tsd.get_seg_len() != (tsd.get_end_seq() - snd_una))
+    {
+        Stream::set_no_ack_mode(tsd.get_flow(), false);
+        return;
+    }
+
     snd_una = snd_nxt = tsd.get_end_seq();
 }
 
 void TcpStreamTracker::update_tracker_no_ack_sent(TcpSegmentDescriptor& tsd)
 {
+    // No_ack mode requires that segments be provided in order. If we see
+    // a gap, don't advance the seq and turn off no-ack mode.
+    if(tsd.get_seg_len() != (tsd.get_end_seq() - r_win_base))
+    {
+        Stream::set_no_ack_mode(tsd.get_flow(), false);
+        return;
+    }
+
     r_win_base = tsd.get_end_seq();
     reassembler.flush_on_ack_policy(tsd.get_pkt());
 }