From: Philippe Antoine Date: Fri, 10 Sep 2021 12:16:57 +0000 (+0200) Subject: ipv6: simpler generic overlap condition X-Git-Tag: suricata-5.0.8~26 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7d3c7ab4a7312610131ede02e0e73afde57383ae;p=thirdparty%2Fsuricata.git ipv6: simpler generic overlap condition This also changes the behavior, as the condition is checked in every case cf ipv6-malformed-fragments-8 (cherry picked from commit 3a230c2208046d001b386979663a6c565691794b) --- diff --git a/src/defrag.c b/src/defrag.c index d388438385..6d690a274b 100644 --- a/src/defrag.c +++ b/src/defrag.c @@ -634,7 +634,7 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, tracker->timeout.tv_usec = p->ts.tv_usec; Frag *prev = NULL, *next = NULL; - int overlap = 0; + bool overlap = false; ltrim = 0; if (!RB_EMPTY(&tracker->fragment_tree)) { @@ -656,22 +656,22 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (prev->skip) { goto next; } + if (frag_offset < prev->offset + prev->data_len && prev->offset < frag_end) { + overlap = true; + } switch (tracker->policy) { case DEFRAG_POLICY_BSD: if (frag_offset < prev->offset + prev->data_len) { if (frag_offset >= prev->offset) { ltrim = prev->offset + prev->data_len - frag_offset; - overlap++; } if ((next != NULL) && (frag_end > next->offset)) { next->ltrim = frag_end - next->offset; - overlap++; } if ((frag_offset < prev->offset) && (frag_end >= prev->offset + prev->data_len)) { prev->skip = 1; - overlap++; } goto insert; } @@ -687,7 +687,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (prev->offset + prev->ltrim < frag_offset + ltrim && prev->offset + prev->data_len > frag_offset + ltrim) { ltrim += prev->offset + prev->data_len - frag_offset; - overlap++; } /* Check if new fragment overlaps the beginning of @@ -701,7 +700,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (frag_offset + ltrim < prev->offset + prev->ltrim && frag_end > prev->offset + prev->ltrim) { prev->ltrim += frag_end - (prev->offset + prev->ltrim); - overlap++; goto insert; } @@ -721,7 +719,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, /* If new fragment fits inside a previous fragment, drop it. */ if (frag_offset + ltrim >= prev->offset + ltrim && frag_end <= prev->offset + prev->data_len) { - overlap++; goto done; } @@ -730,7 +727,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (frag_offset + ltrim < prev->offset + ltrim && frag_end > prev->offset + prev->data_len) { prev->skip = 1; - overlap++; goto insert; } @@ -744,7 +740,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (frag_offset + ltrim > prev->offset + prev->ltrim && frag_offset + ltrim < prev->offset + prev->data_len) { ltrim += prev->offset + prev->data_len - frag_offset; - overlap++; goto insert; } @@ -754,7 +749,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (frag_offset + ltrim == prev->offset + ltrim && frag_end > prev->offset + prev->data_len) { ltrim += prev->offset + prev->data_len - frag_offset; - overlap++; goto insert; } break; @@ -762,12 +756,10 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (frag_offset < prev->offset + prev->data_len) { if (frag_offset >= prev->offset) { ltrim = prev->offset + prev->data_len - frag_offset; - overlap++; } if ((frag_offset < prev->offset) && (frag_end >= prev->offset + prev->data_len)) { prev->skip = 1; - overlap++; } goto insert; } @@ -775,7 +767,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, case DEFRAG_POLICY_FIRST: if ((frag_offset >= prev->offset) && (frag_end <= prev->offset + prev->data_len)) { - overlap++; goto done; } if (frag_offset < prev->offset) { @@ -783,7 +774,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, } if (frag_offset < prev->offset + prev->data_len) { ltrim = prev->offset + prev->data_len - frag_offset; - overlap++; goto insert; } break; @@ -791,7 +781,6 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker, if (frag_offset <= prev->offset) { if (frag_end > prev->offset) { prev->ltrim = frag_end - prev->offset; - overlap++; } goto insert; }