gfwleak/stellar-stellar
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature: enhance packet parser to verify IPv4/IPv6 header versions

Browse Source
This commit is contained in:
luwenpeng
2024-07-12 14:14:45 +08:00
parent 9e338ffccb
commit d31cfd02fd
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/packet/packet_parse.cpp
View File

@@ -498,7 +498,15 @@ static inline const char *parse_ipv4(struct packet *pkt, const char *data, uint1
{ {
return data; return data;
} }
const struct ip *hdr = (const struct ip *)data; const struct ip *hdr = (const struct ip *)data;
uint8_t version = ip4_hdr_get_version(hdr);
if (unlikely(version != 4))
{
PACKET_PARSE_LOG_ERROR("packet %p ipv4 version %d != 4", pkt, version);
return data;
}
uint16_t hdr_len = ip4_hdr_get_hdr_len(hdr); uint16_t hdr_len = ip4_hdr_get_hdr_len(hdr);
if (unlikely(hdr_len > len)) if (unlikely(hdr_len > len))
{ {
@@ -565,6 +573,13 @@ static inline const char *parse_ipv6(struct packet *pkt, const char *data, uint1
return data; return data;
} }
const struct ip6_hdr *hdr = (const struct ip6_hdr *)data; const struct ip6_hdr *hdr = (const struct ip6_hdr *)data;
uint8_t version = ip6_hdr_get_version(hdr);
if (unlikely(version != 6))
{
PACKET_PARSE_LOG_ERROR("packet %p ipv6 version %d != 6", pkt, version);
return data;
}
uint16_t pld_len = ip6_hdr_get_payload_len(hdr); uint16_t pld_len = ip6_hdr_get_payload_len(hdr);
if (unlikely(pld_len + sizeof(struct ip6_hdr) > len)) if (unlikely(pld_len + sizeof(struct ip6_hdr) > len))
{ {