From: Victor Julien Date: Mon, 16 May 2016 12:11:56 +0000 (+0200) Subject: ipv6: simplify ext hdr parsing X-Git-Tag: suricata-3.1RC1~133 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b77d30727235e9195e581dfc15fca05a2dac9be6;p=thirdparty%2Fsuricata.git ipv6: simplify ext hdr parsing --- diff --git a/src/decode-ipv6.c b/src/decode-ipv6.c index 9ca0630652..ac0ad752ba 100644 --- a/src/decode-ipv6.c +++ b/src/decode-ipv6.c @@ -106,7 +106,7 @@ static inline #endif void DecodeIPV6FragHeader(Packet *p, uint8_t *pkt, uint16_t hdrextlen, uint16_t plen, - uint16_t ip6_exthdrs_cnt, IPV6GenOptHdr *ip6_exthdrs) + uint16_t prev_hdrextlen) { uint16_t frag_offset = (*(pkt + 2) << 8 | *(pkt + 3)) & 0xFFF8; int frag_morefrags = (*(pkt + 2) << 8 | *(pkt + 3)) & 0x0001; @@ -135,8 +135,8 @@ void DecodeIPV6FragHeader(Packet *p, uint8_t *pkt, p->ip6eh.fh_data_len = data_len; /* if we have a prev hdr, store the type and offset of it */ - if (ip6_exthdrs_cnt > 1) { - p->ip6eh.fh_prev_hdr_offset = frag_hdr_offset - ip6_exthdrs[ip6_exthdrs_cnt - 1].len; + if (prev_hdrextlen) { + p->ip6eh.fh_prev_hdr_offset = frag_hdr_offset - prev_hdrextlen; } SCLogDebug("IPV6 FH: frag_hdr_offset %u, data_offset %u, data_len %u", @@ -151,14 +151,10 @@ DecodeIPV6ExtHdrs(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt uint8_t *orig_pkt = pkt; uint8_t nh = 0; /* careful, 0 is actually a real type */ - uint16_t hdrextlen; + uint16_t hdrextlen = 0; uint16_t plen; char dstopts = 0; char exthdr_fh_done = 0; - - uint8_t ip6_exthdrs_cnt = 0; - IPV6GenOptHdr ip6_exthdrs[IPV6_MAX_OPT]; - int hh = 0; int rh = 0; int eh = 0; @@ -212,15 +208,6 @@ DecodeIPV6ExtHdrs(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt SCReturn; } - if (ip6_exthdrs_cnt < IPV6_MAX_OPT) - { - ip6_exthdrs[ip6_exthdrs_cnt].type = nh; - ip6_exthdrs[ip6_exthdrs_cnt].next = *pkt; - ip6_exthdrs[ip6_exthdrs_cnt].len = hdrextlen; - ip6_exthdrs[ip6_exthdrs_cnt].data = pkt+2; - ip6_exthdrs_cnt++; - } - if (rh) { ENGINE_SET_EVENT(p, IPV6_EXTHDR_DUPL_RH); /* skip past this extension so we can continue parsing the rest @@ -260,15 +247,6 @@ DecodeIPV6ExtHdrs(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt SCReturn; } - if (ip6_exthdrs_cnt < IPV6_MAX_OPT) - { - ip6_exthdrs[ip6_exthdrs_cnt].type = nh; - ip6_exthdrs[ip6_exthdrs_cnt].next = *pkt; - ip6_exthdrs[ip6_exthdrs_cnt].len = hdrextlen; - ip6_exthdrs[ip6_exthdrs_cnt].data = pkt+2; - ip6_exthdrs_cnt++; - } - uint8_t *ptr = pkt + 2; /* +2 to go past nxthdr and len */ /* point the pointers to right structures @@ -431,6 +409,7 @@ DecodeIPV6ExtHdrs(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt } case IPPROTO_FRAGMENT: + { IPV6_SET_L4PROTO(p,nh); /* store the offset of this extension into the packet * past the ipv6 header. We use it in defrag for creating @@ -440,6 +419,7 @@ DecodeIPV6ExtHdrs(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt exthdr_fh_done = 1; } + uint16_t prev_hdrextlen = hdrextlen; hdrextlen = sizeof(IPV6FragHdr); if (hdrextlen > plen) { ENGINE_SET_EVENT(p, IPV6_TRUNC_EXTHDR); @@ -452,15 +432,6 @@ DecodeIPV6ExtHdrs(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt /* non fatal, lets try to continue */ } - if(ip6_exthdrs_cntflags |= PKT_IS_FRAGMENT; SCReturn; - + } case IPPROTO_ESP: { IPV6_SET_L4PROTO(p,nh); @@ -502,15 +472,6 @@ DecodeIPV6ExtHdrs(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt SCReturn; } - if(ip6_exthdrs_cntip6fh_ident = htonl(id); fh->ip6fh_offlg = htons((off << 3) | mf); - DecodeIPV6FragHeader(p, (uint8_t *)fh, 8, 8 + content_len, 0, NULL); + DecodeIPV6FragHeader(p, (uint8_t *)fh, 8, 8 + content_len, 0); pcontent = SCCalloc(1, content_len); if (unlikely(pcontent == NULL))