Commit 4b6714da authored by Stig Venaas's avatar Stig Venaas
Browse files

added IPv6 length checks, parsing of IPv6 payload start/length and payload anon

git-svn-id: file:///home/svn/mapi/trunk@880 8d5bb341-7cf1-0310-8cf6-ba355fef3186
parent 98141f69
......@@ -1350,6 +1350,8 @@ int DecodeIPv6Only(u_int8_t * pkt, const u_int32_t len, mapipacket * p, MAPI_UNU
/* set the IP datagram length */
ip_len = ntohs(p->orig_ip6h->ip6_plen);
if (len < ip_len)
ip_len = len;
switch(p->orig_ip6h->ip6_nxt)
{
......@@ -1776,28 +1778,35 @@ void DecodeIPV6(unsigned char *pkt, unsigned int len, mapipacket *p, int snaplen
/* Check Version Field */
version = IP6_VER(p->ip6h);
plen = ntohs(p->ip6h->ip6_plen);
if( version != 6 )
{
p->ip6h = NULL;
return;
}
plen = ntohs(p->ip6h->ip6_plen);
if (len < plen)
plen = len;
/* go to next layer decoder */
switch(p->ip6h->ip6_nxt)
{
case IPPROTO_TCP:
p->ipdata = pkt + IP6_HEADER_LEN;
p->ipdsize = (u_short) plen;
DecodeTCP(pkt + IP6_HEADER_LEN, plen, p, snaplen);
return;
case IPPROTO_UDP:
p->ipdata = pkt + IP6_HEADER_LEN;
p->ipdsize = (u_short) plen;
DecodeUDP(pkt + IP6_HEADER_LEN, plen, p, snaplen);
return;
case IPPROTO_ICMPV6:
p->ipdata = pkt + IP6_HEADER_LEN;
p->ipdsize = (u_short) plen;
DecodeICMPV6(pkt + IP6_HEADER_LEN, plen, p, snaplen);
return;
......@@ -1815,7 +1824,9 @@ void DecodeIPV6(unsigned char *pkt, unsigned int len, mapipacket *p, int snaplen
default:
p->data = pkt + IP6_HEADER_LEN;
p->ipdata = p->data;
p->dsize = (u_short) plen;
p->ipdsize = p->dsize;
return;
}
......@@ -1850,7 +1861,9 @@ void DecodeIPV6Frag(u_int8_t * pkt, const u_int32_t len, mapipacket *p, MAPI_UNU
p->frag_flag = 1;
p->data = pkt + sizeof(struct ip6_frag);
p->ipdata = p->data;
p->dsize = len - sizeof(struct ip6_frag);
p->ipdsize = p->dsize;
/* Shouldn't we parse what comes after initial fragment? Like DecodeIPV6Opt, STIG */
return;
......@@ -1887,14 +1900,20 @@ void DecodeIPV6Opt(u_int8_t * pkt, const u_int32_t len, mapipacket *p, int snapl
switch(nextheader)
{
case IPPROTO_TCP:
p->ipdata = pkt;
p->ipdsize = (u_short) plen;
DecodeTCP(pkt, plen, p, snaplen);
return;
case IPPROTO_UDP:
p->ipdata = pkt;
p->ipdsize = (u_short) plen;
DecodeUDP(pkt, plen, p, snaplen);
return;
case IPPROTO_ICMPV6:
p->ipdata = pkt;
p->ipdsize = (u_short) plen;
DecodeICMPV6(pkt, plen, p, snaplen);
return;
......@@ -1923,6 +1942,10 @@ void DecodeIPV6Opt(u_int8_t * pkt, const u_int32_t len, mapipacket *p, int snapl
return;
default:
p->data = pkt;
p->ipdata = p->data;
p->dsize = (u_short) plen;
p->ipdsize = p->dsize;
return;
}
}
......
......@@ -51,7 +51,9 @@ typedef struct _mapiPacket
echoext *ext; /* ICMP echo extension struct */
unsigned char *ipdata; /* IP payload pointer (incl tcp/udp header) */
unsigned char *data; /* packet payload pointer */
unsigned short int ipdsize; /* IP payload size */
unsigned short int dsize; /* packet payload size */
unsigned short int alt_dsize; /* the dsize of a packet before munging
(used for log)*/
......
......@@ -570,6 +570,11 @@ void anonymize_field(int protocol, int field, int function,mapipacket *packet,st
}
} else if (packet->ip6h) {
switch(field) {
case PAYLOAD:
field_pointer = packet->ipdata;
header_pointer = field_pointer;
len = header_len = packet->ipdsize;
break;
case SRC_IP:
field_pointer = (unsigned char *)&packet->ip6h->ip6_src;
len = 16;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment