gfwleak/mesa-platform-quic
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-7756: QUIC.v13.1异常存在重启,解析client hello出错时,未对参数进行检查

Browse Source
This commit is contained in:
liuxueli
2021-09-14 11:59:31 +08:00
committed by 刘学利
parent fb3f2460ea
commit b5210028da
5 changed files with 23 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
demo/demo.cpp
View File

@@ -173,7 +173,7 @@ int parse_encrypt_client_hello(void *pstream, struct _quic_stream *quic_stream,
used_len+=skip_len; used_len+=skip_len;
extension_total_len=(int)get_value(payload, &used_len, 2); //Extension length extension_total_len=(int)get_value(payload, &used_len, 2); //Extension length
if(!check_length(payload_len-used_len, extension_total_len)) if(!check_length(payload_len-used_len, extension_total_len) && (extension_total_len!=payload_len-used_len))
{ {
return flags; return flags;
} }

9
src/gquic_process.cpp
View File

@@ -1169,7 +1169,7 @@ int parse_encrypt_client_hello(struct streaminfo *pstream, struct _quic_stream *
used_len+=skip_len; used_len+=skip_len;
extension_total_len=(int)get_value(payload, &used_len, 2); //Extension length extension_total_len=(int)get_value(payload, &used_len, 2); //Extension length
if(!check_length(payload_len-used_len, extension_total_len)) if(!check_length(payload_len-used_len, extension_total_len) && (payload_len-used_len!=extension_total_len))
{ {
return flags; return flags;
} }
@@ -1235,6 +1235,9 @@ int parse_decrypt_quic(struct streaminfo *pstream, struct _quic_context* _contex
{ {
_context->quic_info.client_hello=(struct _quic_stream *)dictator_malloc(pstream->threadnum, sizeof(struct _quic_stream)); _context->quic_info.client_hello=(struct _quic_stream *)dictator_malloc(pstream->threadnum, sizeof(struct _quic_stream));
memset(_context->quic_info.client_hello, 0, sizeof(struct _quic_stream)); memset(_context->quic_info.client_hello, 0, sizeof(struct _quic_stream));
_context->quic_info.client_hello->sni_idx=0xFF;
_context->quic_info.client_hello->ua_idx=0xFF;
_context->quic_info.client_hello->ver_idx=0xFF;
} }
ret=parse_encrypt_client_hello(pstream, _context->quic_info.client_hello, a_packet, payload+*used_len, payload_len-*used_len); //Frame Type=1, offset=1, length=2 ret=parse_encrypt_client_hello(pstream, _context->quic_info.client_hello, a_packet, payload+*used_len, payload_len-*used_len); //Frame Type=1, offset=1, length=2
if(ret>0 && _context->call_business) if(ret>0 && _context->call_business)
@@ -1314,7 +1317,7 @@ int quic_process(struct streaminfo *pstream, struct _quic_context* _context, int
ret=dissect_quic((char *)udp_detail->pdata, udp_detail->datalen, decrypt_payload, &decrypt_payload_len); ret=dissect_quic((char *)udp_detail->pdata, udp_detail->datalen, decrypt_payload, &decrypt_payload_len);
if(ret!=1) if(ret!=1)
{ {
return APP_STATE_DROPME; return APP_STATE_GIVEME;
} }
ret=parse_decrypt_quic(pstream, _context, a_packet, decrypt_payload, decrypt_payload_len, &used_len); ret=parse_decrypt_quic(pstream, _context, a_packet, decrypt_payload, decrypt_payload_len, &used_len);
break; break;
@@ -1373,7 +1376,7 @@ unsigned int quic_protocol_identify(struct streaminfo *a_stream, void *a_packet,
_context=(struct _quic_context *)pme; _context=(struct _quic_context *)pme;
ret=quic_process(a_stream, _context, a_stream->threadnum, a_packet); ret=quic_process(a_stream, _context, a_stream->threadnum, a_packet);
if(ret!=PROT_STATE_DROPME && _context->is_quic!=QUIC_VERSION_UNKNOWN) if(ret!=PROT_STATE_DROPME && _context->is_quic!=QUIC_VERSION_UNKNOWN)
{ {
if(_context->quic_info.client_hello!=NULL && _context->quic_info.client_hello->ext_tags!=NULL) if(_context->quic_info.client_hello!=NULL && _context->quic_info.client_hello->ext_tags!=NULL)
{ {

6
test/pcap/iquic/29/quic_result.json
View File

@@ -3,9 +3,13 @@
"VERSION": "IETF QUIC 29", "VERSION": "IETF QUIC 29",
"SNI": "www.facebook.com", "SNI": "www.facebook.com",
"name": "QUIC_RESULT_1" "name": "QUIC_RESULT_1"
}, {
"Tuple4": "223.104.233.102.13650>203.208.40.98.443",
"VERSION": "IETF QUIC 29",
"name": "QUIC_RESULT_2"
}, { }, {
"Tuple4": "192.168.50.33.57220>114.250.70.38.443", "Tuple4": "192.168.50.33.57220>114.250.70.38.443",
"VERSION": "IETF QUIC 29", "VERSION": "IETF QUIC 29",
"SNI": "securepubads.g.doubleclick.net", "SNI": "securepubads.g.doubleclick.net",
"name": "QUIC_RESULT_2" "name": "QUIC_RESULT_3"
}] }]

BIN
test/pcap/rfc9000/2-ietf-rfc9000-124.88.191.113.39716-114.250.66.33-443.pcap Normal file
View File

Binary file not shown.

19
test/pcap/rfc9000/quic_result.json
View File

@@ -1,8 +1,11 @@
[ [{
{ "Tuple4": "192.168.60.32.59699>64.233.164.84.443",
"Tuple4": "192.168.60.32.59699>64.233.164.84.443", "VERSION": "IETF QUIC RFC9000",
"VERSION": "IETF QUIC RFC9000", "SNI": "accounts.google.com",
"SNI": "accounts.google.com", "name": "QUIC_RESULT_1"
"name": "QUIC_RESULT_1" }, {
} "Tuple4": "124.88.191.113.39716>114.250.66.33.443",
] "VERSION": "IETF QUIC RFC9000",
"SNI": "safebrowsing.googleapis.com",
"name": "QUIC_RESULT_2"
}]