From: Jason Ish <jason.ish@emulex.com>
Date: Fri, 17 Oct 2014 15:33:07 +0000 (-0600)
Subject: Use ENGINE_SET_INVALID_EVENT when the packet is too small for an
X-Git-Tag: suricata-2.1beta2~68
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2d122091945babfa5d89718130171ae8722d8607;p=thirdparty%2Fsuricata.git

Use ENGINE_SET_INVALID_EVENT when the packet is too small for an
MPLS header, and when the payload type can not be determined.
---

diff --git a/src/decode-events.h b/src/decode-events.h
index d794bf5fa9..658b997312 100644
--- a/src/decode-events.h
+++ b/src/decode-events.h
@@ -229,6 +229,7 @@ enum {
     IPV6_IN_IPV6_WRONG_IP_VER,
 
     /* MPLS decode events. */
+    MPLS_HEADER_TOO_SMALL,
     MPLS_BAD_LABEL_ROUTER_ALERT,
     MPLS_BAD_LABEL_IMPLICIT_NULL,
     MPLS_BAD_LABEL_RESERVED,
diff --git a/src/decode-mpls.c b/src/decode-mpls.c
index 0b125a11e9..8618850203 100644
--- a/src/decode-mpls.c
+++ b/src/decode-mpls.c
@@ -55,6 +55,7 @@ int DecodeMPLS(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt,
 
     do {
         if (len < MPLS_HEADER_LEN) {
+            ENGINE_SET_INVALID_EVENT(p, MPLS_HEADER_TOO_SMALL);
             return TM_ECODE_FAILED;
         }
         shim = *(uint32_t *)pkt;
@@ -98,8 +99,8 @@ int DecodeMPLS(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt,
             pq);
         break;
     default:
-        event = MPLS_UNKNOWN_PAYLOAD_TYPE;
-        break;
+        ENGINE_SET_INVALID_EVENT(p, MPLS_UNKNOWN_PAYLOAD_TYPE);
+        return TM_ECODE_OK;
     }
 
 end:
@@ -111,6 +112,36 @@ end:
 
 #ifdef UNITTESTS
 
+static int DecodeMPLSTestHeaderTooSmall(void)
+{
+    int ret = 1;
+
+    /* A packet that is too small to have a complete MPLS header. */
+    uint8_t pkt[] = {
+        0x00, 0x00, 0x11
+    };
+
+    Packet *p = SCMalloc(SIZE_OF_PACKET);
+    if (unlikely(p == NULL)) {
+        return 0;
+    }
+    ThreadVars tv;
+    DecodeThreadVars dtv;
+
+    memset(&dtv, 0, sizeof(DecodeThreadVars));
+    memset(&tv,  0, sizeof(ThreadVars));
+    memset(p, 0, SIZE_OF_PACKET);
+
+    DecodeMPLS(&tv, &dtv, p, pkt, sizeof(pkt), NULL);
+
+    if (!ENGINE_ISSET_EVENT(p, MPLS_HEADER_TOO_SMALL)) {
+        ret = 0;
+    }
+
+    SCFree(p);
+    return ret;
+}
+
 static int DecodeMPLSTestBadLabelRouterAlert(void)
 {
     int ret = 1;
@@ -280,6 +311,8 @@ static int DecodeMPLSTestUnknownPayloadType(void)
 void DecodeMPLSRegisterTests(void)
 {
 #ifdef UNITTESTS
+    UtRegisterTest("DecodeMPLSTestHeaderTooSmall",
+        DecodeMPLSTestHeaderTooSmall, 1);
     UtRegisterTest("DecodeMPLSTestBadLabelRouterAlert",
         DecodeMPLSTestBadLabelRouterAlert, 1);
     UtRegisterTest("DecodeMPLSTestBadLabelImplicitNull",