X-Git-Url: http://sjero.net/git/?a=blobdiff_plain;f=dccp2tcp.c;h=dbd90dfc39832683cacbefdefdd7202add5f7f63;hb=55c388bacaff0cff07ddebc423a16c7d728acba3;hp=651d98bcce0965012b317e0f7e631fb516d4d6f2;hpb=46b392b07633963eb740e5061e33737eb77ba65a;p=dccp2tcp diff --git a/dccp2tcp.c b/dccp2tcp.c index 651d98b..dbd90df 100644 --- a/dccp2tcp.c +++ b/dccp2tcp.c @@ -33,7 +33,7 @@ void process_packets(); void handle_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *bytes); int convert_packet(struct packet *new, const struct const_packet* old); unsigned int interp_ack_vect(u_char* hdr); -u_int32_t initialize_seq(struct host *seq, __be16 source, __be32 initial); +u_int32_t initialize_seq(struct host *seq, __be32 initial); u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type type); u_int32_t convert_ack(struct host *seq, __be32 num); int acked_packet_size(struct host *seq, __be32 num); @@ -131,6 +131,9 @@ int main(int argc, char *argv[]) /*close files*/ pcap_close(in); pcap_dump_close(out); + + /*Delete all connections*/ + cleanup_connections(); return 0; } @@ -202,8 +205,8 @@ int convert_packet(struct packet *new, const struct const_packet* old) exit(1); return 0; } - if(old->length < sizeof(struct dccp_hdr) || new->length < sizeof(struct dccp_hdr)){ - dbgprintf(0, "Error: Convert Packet Function given packet of wrong size!\n"); + if(old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)) || new->length < sizeof(struct dccp_hdr)){ + dbgprintf(0, "Error: DCCP Packet Too short!\n"); return 0; } @@ -225,6 +228,17 @@ int convert_packet(struct packet *new, const struct const_packet* old) return 0; } + /*Ensure packet is at least as large as DCCP header*/ + if(old->length < dccph->dccph_doff*4){ + dbgprintf(0, "Error: DCCP Header truncated\n"); + return 0; + } + if(dccph->dccph_type!=DCCP_PKT_DATA && + old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) + + sizeof(struct dccp_hdr_ack_bits))){ + dbgprintf(0, "Error: DCCP Packet Too short!\n"); + } + /*determine data length*/ datalength=old->length - dccph->dccph_doff*4; pd=old->data + dccph->dccph_doff*4; @@ -249,7 +263,7 @@ int convert_packet(struct packet *new, const struct const_packet* old) tcph->window=htons(0); } tcph->ack_seq=htonl(0); - tcph->seq=htonl(initialize_seq(h1, dccph->dccph_sport, ntohl(dccphex->dccph_seq_low))); + tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low))); tcph->syn=1; tcph->ack=0; tcph->fin=0; @@ -276,7 +290,7 @@ int convert_packet(struct packet *new, const struct const_packet* old) if(yellow){ tcph->window=htons(0); } - tcph->seq=htonl(initialize_seq(h1, dccph->dccph_sport, ntohl(dccphex->dccph_seq_low))); + tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low))); tcph->syn=1; tcph->ack=1; tcph->fin=0; @@ -506,7 +520,6 @@ unsigned int interp_ack_vect(u_char* hdr) /*parse options*/ while(optlen > 0){ - len=*(opt+1); /*One byte options (no length)*/ if(*opt< 32){ @@ -515,6 +528,13 @@ unsigned int interp_ack_vect(u_char* hdr) continue; } + /*Check option length*/ + len=*(opt+1); + if(len > optlen){ + dbgprintf(0, "Warning: Option would extend into packet data\n"); + return additional; + } + /*Ack Vector Option*/ if(*opt==38 || *opt==39){ tmp=len-2; @@ -536,7 +556,7 @@ unsigned int interp_ack_vect(u_char* hdr) } if(((*cur& 0xC0)!= 0xC0) && ((*cur& 0xC0)!= 0x00) && ((*cur& 0xC0)!= 0x40)){ - dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!) -- %X\n", *cur); + dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!)\n"); } tmp--; cur++; @@ -553,7 +573,7 @@ return additional; /* Setup Sequence Number Structure*/ -u_int32_t initialize_seq(struct host *seq, __be16 source, __be32 initial) +u_int32_t initialize_seq(struct host *seq, __be32 initial) { /*set default values*/ seq->cur=0; @@ -587,13 +607,18 @@ u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type if(seq->table==NULL){ dbgprintf(1, "Warning: Connection uninitialized\n"); - return initialize_seq(seq, 0, num); + return initialize_seq(seq, num); } /*account for missing packets*/ + if(num - seq->table[seq->cur].old +1 >=100){ + dbgprintf(1,"Missing more than 100 packets!\n"); + } while(seq->table[seq->cur].old +1 < num && seq->table[seq->cur].old +1 > 0){ prev=seq->cur; - dbgprintf(1,"Missing Packet: %X\n",seq->table[prev].new+1); + if(num - seq->table[seq->cur].old +1 <100){ + dbgprintf(1,"Missing Packet: %X\n",seq->table[prev].new+1); + } seq->cur=(seq->cur+1)%(seq->size);/*find next available table slot*/ seq->table[seq->cur].old=seq->table[prev].old+1; seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size; @@ -634,7 +659,7 @@ u_int32_t convert_ack(struct host *seq, __be32 num) if(seq->table==NULL){ dbgprintf(1, "Warning: Connection uninitialized\n"); - initialize_seq(seq, 0, num); + initialize_seq(seq, num); } /*loop through table looking for the DCCP ack number*/ @@ -659,7 +684,7 @@ int acked_packet_size(struct host *seq, __be32 num) if(seq->table==NULL){ dbgprintf(1, "Warning: Connection uninitialized\n"); - initialize_seq(seq, 0, num); + initialize_seq(seq, num); } /*loop through table looking for the DCCP ack number*/ @@ -715,7 +740,6 @@ void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_cha /*parse options*/ while(optlen > 0){ - len=*(opt+1); /*One byte options (no length)*/ if(*opt< 32){ @@ -724,6 +748,12 @@ void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_cha continue; } + len=*(opt+1); + if(len > optlen){ + dbgprintf(0, "Warning: Option would extend into packet data\n"); + break; + } + /*Ack Vector Option*/ if(*opt==38 || *opt==39){ tmp=len-2;