From: Victor Julien Date: Mon, 21 Feb 2022 09:08:41 +0000 (+0100) Subject: rpc: enforce various field values X-Git-Tag: suricata-6.0.5~97 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5bb752e65a9219f63dd25fc89ef57748c196529e;p=thirdparty%2Fsuricata.git rpc: enforce various field values Minimal frag_len. Correct msgtype and others. (cherry picked from commit 1c57e3c18d746743bc2cbcaba35f78b5f9b15675) --- diff --git a/rust/src/nfs/rpc_records.rs b/rust/src/nfs/rpc_records.rs index b48afc6a53..4a9d7fe090 100644 --- a/rust/src/nfs/rpc_records.rs +++ b/rust/src/nfs/rpc_records.rs @@ -134,9 +134,9 @@ fn parse_bits(i:&[u8]) -> IResult<&[u8],(u8,u32)> { named!(pub parse_rpc_packet_header, do_parse!( - fraghdr: parse_bits + fraghdr: verify!(parse_bits, |v: &(u8,u32)| v.1 >= 24) >> xid: be_u32 - >> msgtype: be_u32 + >> msgtype: verify!(be_u32, |&v| v <= 1) >> ( RpcPacketHeader { frag_is_last:fraghdr.0 == 1, @@ -281,7 +281,7 @@ named_args!(pub parse_rpc_reply(start_i: usize, complete: bool) do_parse!( hdr: parse_rpc_packet_header - >> reply_state: be_u32 + >> reply_state: verify!(be_u32, |&v| v <= 1) >> verifier_flavor: be_u32 >> verifier_len: verify!(be_u32, |&size| size < RPC_MAX_VERIFIER_SIZE) @@ -313,7 +313,7 @@ named_args!(pub parse_rpc_reply(start_i: usize, complete: bool) named!(pub parse_rpc_udp_packet_header, do_parse!( xid: be_u32 - >> msgtype: be_u32 + >> msgtype: verify!(be_u32, |&v| v <= 1) >> ( RpcPacketHeader { frag_is_last:false, @@ -375,7 +375,7 @@ named!(pub parse_rpc_udp_reply, >> verifier_len: verify!(be_u32, |&size| size < RPC_MAX_VERIFIER_SIZE) >> verifier: cond!(verifier_len > 0, take!(verifier_len as usize)) - >> reply_state: be_u32 + >> reply_state: verify!(be_u32, |&v| v <= 1) >> accept_state: be_u32 >> pl: rest