From: Juweria Ali Imran (jaliimra) Date: Tue, 12 Sep 2023 13:44:38 +0000 (+0000) Subject: Pull request #3983: stream_tcp: ensure all data segments after a zero window are... X-Git-Tag: 3.1.71.0~13 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=864de42101fd798ea8f682b17ee59bf77a5fb266;p=thirdparty%2Fsnort3.git Pull request #3983: stream_tcp: ensure all data segments after a zero window are blocked when NAP is inline Merge in SNORT/snort3 from ~JALIIMRA/snort3:sfcn_zw_block to master Squashed commit of the following: commit f9831f17611dfbed4c4ff20717272e7ab26c66f9 Author: Juweria Ali Imran Date: Mon Sep 4 14:30:19 2023 -0400 stream_tcp: ensure all data segments after a zero window are blocked when NAP is inline --- diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc index 75e4a3f1e..43b4f238c 100644 --- a/src/stream/tcp/tcp_session.cc +++ b/src/stream/tcp/tcp_session.cc @@ -475,7 +475,8 @@ int TcpSession::process_tcp_data(TcpSegmentDescriptor& tsd) } else { - listener->normalizer.trim_win_payload(tsd); + bool force = (tsd.is_nap_policy_inline() && listener->get_iss()); + listener->normalizer.trim_win_payload(tsd, 0, force); return STREAM_UNALIGNED; } } @@ -506,7 +507,8 @@ int TcpSession::process_tcp_data(TcpSegmentDescriptor& tsd) if (tsd.get_len() == ZERO_WIN_PROBE_LEN) tcpStats.zero_win_probes++; - listener->normalizer.trim_win_payload(tsd); + bool force = (tsd.is_nap_policy_inline() && listener->get_iss()); + listener->normalizer.trim_win_payload(tsd, 0, force); return STREAM_UNALIGNED; } if ( tsd.is_data_segment() )