From: Russ Combs (rucombs) Date: Thu, 21 Oct 2021 16:12:09 +0000 (+0000) Subject: Merge pull request #3121 in SNORT/snort3 from ~SMINUT/snort3:init_scale_fix to master X-Git-Tag: 3.1.16.0~22 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c6a23d3b1f695851af9d0b3247d708876819620a;p=thirdparty%2Fsnort3.git Merge pull request #3121 in SNORT/snort3 from ~SMINUT/snort3:init_scale_fix to master Squashed commit of the following: commit 30e99be7b9374ba90e30313b69f1a8a141a0caf5 Author: Silviu Minut Date: Wed Oct 20 12:03:50 2021 -0400 stream_tcp: fix init_wscale() to take into account the DECODE_TCP_WS flag tcp: remove the probably obsolete __GNUC__ block from TcpOption::next() tcp: stop on the EOL option in TcpOptIteratorIter::operator++() --- diff --git a/src/protocols/tcp_options.cc b/src/protocols/tcp_options.cc index 1cf66aa20..cc345d37b 100644 --- a/src/protocols/tcp_options.cc +++ b/src/protocols/tcp_options.cc @@ -42,7 +42,7 @@ const TcpOptIteratorIter& TcpOptIteratorIter::operator++() { const auto* old_opt = opt; opt = &opt->next(); - if (opt == old_opt) // defend against option length = 0 + if (opt == old_opt or opt->code == TcpOptCode::EOL) // defend against option length = 0 { *this = iter->end(); tcpStats.zero_len_tcp_opt++; diff --git a/src/protocols/tcp_options.h b/src/protocols/tcp_options.h index fad010281..d80b4e932 100644 --- a/src/protocols/tcp_options.h +++ b/src/protocols/tcp_options.h @@ -109,18 +109,10 @@ struct TcpOption inline const TcpOption& next() const { -#ifdef __GNUC__ - const uint8_t tmp_len = ((uint8_t)code <= 1) ? 1 : len; - const uint8_t* const tmp = reinterpret_cast(this); - const TcpOption* opt = reinterpret_cast(&tmp[tmp_len]); - return *opt; - -#else if ( (uint8_t)code <= 1 ) return reinterpret_cast(len); else return reinterpret_cast(data[len -2]); -#endif } }; diff --git a/src/stream/tcp/tcp_segment_descriptor.cc b/src/stream/tcp/tcp_segment_descriptor.cc index 55cfb6014..8dd633ee8 100644 --- a/src/stream/tcp/tcp_segment_descriptor.cc +++ b/src/stream/tcp/tcp_segment_descriptor.cc @@ -123,26 +123,27 @@ uint32_t TcpSegmentDescriptor::init_mss(uint16_t* value) uint32_t TcpSegmentDescriptor::init_wscale(uint16_t* value) { - tcp::TcpOptIterator iter(tcph, pkt); - - for (const tcp::TcpOption& opt : iter) + if ( pkt->ptrs.decode_flags & DECODE_TCP_WS ) { - if (opt.code == tcp::TcpOptCode::WSCALE) + tcp::TcpOptIterator iter(tcph, pkt); + + for (const tcp::TcpOption& opt : iter) { - *value = (uint16_t)opt.data[0]; + if (opt.code == tcp::TcpOptCode::WSCALE) + { + *value = (uint16_t)opt.data[0]; - // If scale specified in option is larger than 14, use 14 because of limitation - // in the math of shifting a 32bit value (max scaled window is 2^30th). - // See RFC 1323 for details. - if (*value > 14) - *value = 14; + // If scale specified in option is larger than 14, use 14 because of limitation + // in the math of shifting a 32bit value (max scaled window is 2^30th). + // See RFC 1323 for details. + if (*value > 14) + *value = 14; - return TF_WSCALE; + return TF_WSCALE; + } } } - *value = 0; - return TF_NONE; }