Connection closing improvements and explicit cleanup code

[dccp2tcp] / dccp2tcp.c

diff --git a/dccp2tcp.c b/dccp2tcp.c
index 651d98bcce0965012b317e0f7e631fb516d4d6f2..dbd90dfc39832683cacbefdefdd7202add5f7f63 100644 (file)
--- a/dccp2tcp.c
+++ b/dccp2tcp.c
@@ -33,7 +33,7 @@ void process_packets();
 void handle_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *bytes);
 int convert_packet(struct packet *new, const struct const_packet* old);
 unsigned int interp_ack_vect(u_char* hdr);
-u_int32_t initialize_seq(struct host *seq, __be16 source, __be32 initial);
+u_int32_t initialize_seq(struct host *seq, __be32 initial);
 u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type type);
 u_int32_t convert_ack(struct host *seq, __be32 num);
 int acked_packet_size(struct host *seq, __be32 num);
@@ -131,6 +131,9 @@ int main(int argc, char *argv[])
        /*close files*/
        pcap_close(in);
        pcap_dump_close(out);
+
+       /*Delete all connections*/
+       cleanup_connections();
 return 0;
 }
 
@@ -202,8 +205,8 @@ int convert_packet(struct packet *new, const struct const_packet* old)
                exit(1);
                return 0;
        }
-       if(old->length < sizeof(struct dccp_hdr) || new->length < sizeof(struct dccp_hdr)){
-               dbgprintf(0, "Error: Convert Packet Function given packet of wrong size!\n");
+       if(old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext)) || new->length < sizeof(struct dccp_hdr)){
+               dbgprintf(0, "Error: DCCP Packet Too short!\n");
                return 0;
        }
 
@@ -225,6 +228,17 @@ int convert_packet(struct packet *new, const struct const_packet* old)
                return 0;
        }
 
+       /*Ensure packet is at least as large as DCCP header*/
+       if(old->length < dccph->dccph_doff*4){
+               dbgprintf(0, "Error: DCCP Header truncated\n");
+               return 0;
+       }
+       if(dccph->dccph_type!=DCCP_PKT_DATA &&
+                       old->length < (sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext) +
+                       sizeof(struct dccp_hdr_ack_bits))){
+               dbgprintf(0, "Error: DCCP Packet Too short!\n");
+       }
+
        /*determine data length*/
        datalength=old->length - dccph->dccph_doff*4;
        pd=old->data + dccph->dccph_doff*4;
@@ -249,7 +263,7 @@ int convert_packet(struct packet *new, const struct const_packet* old)
                                tcph->window=htons(0);
                        }
                        tcph->ack_seq=htonl(0);
-                       tcph->seq=htonl(initialize_seq(h1, dccph->dccph_sport, ntohl(dccphex->dccph_seq_low)));
+                       tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low)));
                        tcph->syn=1;
                        tcph->ack=0;
                        tcph->fin=0;
@@ -276,7 +290,7 @@ int convert_packet(struct packet *new, const struct const_packet* old)
                        if(yellow){
                                tcph->window=htons(0);
                        }
-                       tcph->seq=htonl(initialize_seq(h1, dccph->dccph_sport, ntohl(dccphex->dccph_seq_low)));
+                       tcph->seq=htonl(initialize_seq(h1, ntohl(dccphex->dccph_seq_low)));
                        tcph->syn=1;
                        tcph->ack=1;
                        tcph->fin=0;
@@ -506,7 +520,6 @@ unsigned int interp_ack_vect(u_char* hdr)
 
        /*parse options*/
        while(optlen > 0){
-               len=*(opt+1);
 
                /*One byte options (no length)*/
                if(*opt< 32){
@@ -515,6 +528,13 @@ unsigned int interp_ack_vect(u_char* hdr)
                        continue;
                }
 
+               /*Check option length*/
+               len=*(opt+1);
+               if(len > optlen){
+                       dbgprintf(0, "Warning: Option would extend into packet data\n");
+                       return additional;
+               }
+
                /*Ack Vector Option*/
                if(*opt==38 || *opt==39){
                        tmp=len-2;
@@ -536,7 +556,7 @@ unsigned int interp_ack_vect(u_char* hdr)
                                }
 
                                if(((*cur& 0xC0)!= 0xC0) && ((*cur& 0xC0)!= 0x00) && ((*cur& 0xC0)!= 0x40)){
-                                       dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!) -- %X\n", *cur);
+                                       dbgprintf(1, "Warning: Invalid Ack Vector!! (Linux will handle poorly!)\n");
                                }
                                tmp--;
                                cur++;
@@ -553,7 +573,7 @@ return additional;
 
 
 /* Setup Sequence Number Structure*/
-u_int32_t initialize_seq(struct host *seq, __be16 source, __be32 initial)
+u_int32_t initialize_seq(struct host *seq, __be32 initial)
 {
        /*set default values*/
        seq->cur=0;
@@ -587,13 +607,18 @@ u_int32_t add_new_seq(struct host *seq, __be32 num, int size, enum dccp_pkt_type
        
        if(seq->table==NULL){
                dbgprintf(1, "Warning: Connection uninitialized\n");
-               return initialize_seq(seq, 0, num);
+               return initialize_seq(seq, num);
        }
 
        /*account for missing packets*/
+       if(num - seq->table[seq->cur].old +1 >=100){
+                       dbgprintf(1,"Missing more than 100 packets!\n");
+       }
        while(seq->table[seq->cur].old +1 < num && seq->table[seq->cur].old +1 > 0){
                prev=seq->cur;
-               dbgprintf(1,"Missing Packet: %X\n",seq->table[prev].new+1);
+               if(num - seq->table[seq->cur].old +1 <100){
+                       dbgprintf(1,"Missing Packet: %X\n",seq->table[prev].new+1);
+               }
                seq->cur=(seq->cur+1)%(seq->size);/*find next available table slot*/
                seq->table[seq->cur].old=seq->table[prev].old+1;
                seq->table[seq->cur].new=seq->table[prev].new + seq->table[prev].size;
@@ -634,7 +659,7 @@ u_int32_t convert_ack(struct host *seq, __be32 num)
 
        if(seq->table==NULL){
                dbgprintf(1, "Warning: Connection uninitialized\n");
-               initialize_seq(seq, 0, num);
+               initialize_seq(seq, num);
        }
 
        /*loop through table looking for the DCCP ack number*/
@@ -659,7 +684,7 @@ int acked_packet_size(struct host *seq, __be32 num)
 
        if(seq->table==NULL){
                dbgprintf(1, "Warning: Connection uninitialized\n");
-               initialize_seq(seq, 0, num);
+               initialize_seq(seq, num);
        }
 
        /*loop through table looking for the DCCP ack number*/
@@ -715,7 +740,6 @@ void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_cha
 
        /*parse options*/
        while(optlen > 0){
-               len=*(opt+1);
 
                /*One byte options (no length)*/
                if(*opt< 32){
@@ -724,6 +748,12 @@ void ack_vect2sack(struct host *seq, struct tcphdr *tcph, u_char* tcpopts, u_cha
                        continue;
                }
 
+               len=*(opt+1);
+               if(len > optlen){
+                       dbgprintf(0, "Warning: Option would extend into packet data\n");
+                       break;
+               }
+
                /*Ack Vector Option*/
                if(*opt==38 || *opt==39){
                        tmp=len-2;