aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve SSL input validation.

Browse Source
remotes/origin/master-1.0.x
Victor Julien 15 years ago
parent 5fe1dc1d24
commit 98c3f0149c
1 changed files with 13 additions and 14 deletions
Show Stats Download Patch File Download Diff File

27
src/app-layer-ssl.c
Unescape Escape View File

@ -65,17 +65,18 @@ static int SSLParseClientRecord(Flow *f, void *ssl_state, AppLayerParserState *p
AppLayerParserResult *output) AppLayerParserResult *output)
{ {
SCEnter(); SCEnter();
SslClient *client = (SslClient *)input;
SslState *ssl_st = (SslState *)ssl_state;
/* SSL client message should be larger than 5 bytes as we need to know, to /* SSL client message should be larger than 9 bytes as we need to know, to
what is the SSL version and message type */ what is the SSL version and message type */
if (input_len < 5) { if (input_len < 9) {
SCLogDebug("Input message lentgh (%"PRIu32") is not equal to minimum " SCLogDebug("Input message length (%"PRIu32") is not equal to minimum "
"valid ssl record message length, thus returning!!", input_len); "valid ssl record message length, thus returning", input_len);
SCReturnInt(1); SCReturnInt(1);
} }
SslClient *client = (SslClient *)input;
SslState *ssl_st = (SslState *)ssl_state;
switch (client->msg_type) { switch (client->msg_type) {
case SSL_CLIENT_HELLO: case SSL_CLIENT_HELLO:
if (client->major_ver != 0x02) { if (client->major_ver != 0x02) {
@ -248,7 +249,7 @@ void RegisterSSLParsers(void)
} }
//#ifdef UNITTESTS #ifdef UNITTESTS
#include "util-unittest-helper.h" #include "util-unittest-helper.h"
#include "stream-tcp-reassemble.h" #include "stream-tcp-reassemble.h"
#include "decode-tcp.h" #include "decode-tcp.h"
@ -256,9 +257,9 @@ void RegisterSSLParsers(void)
extern uint16_t AppLayerParserGetStorageId (void); extern uint16_t AppLayerParserGetStorageId (void);
static int SSLParserTest01(void) { static int SSLParserTest01(void) {
int result = 1; int result = 0;
Flow f; Flow f;
uint8_t sslbuf[] = {0x80, 0x31, 0x01, 0x00, 0x02 }; uint8_t sslbuf[] = {0x80, 0x31, 0x01, 0x00, 0x02, 0x00, 0x00, 0x00, 0x01 };
uint32_t ssllen = sizeof(sslbuf); uint32_t ssllen = sizeof(sslbuf);
TcpSession ssn; TcpSession ssn;
@ -272,30 +273,28 @@ static int SSLParserTest01(void) {
int r = AppLayerParse(&f, ALPROTO_SSL, STREAM_TOSERVER|STREAM_EOF, sslbuf, ssllen); int r = AppLayerParse(&f, ALPROTO_SSL, STREAM_TOSERVER|STREAM_EOF, sslbuf, ssllen);
if (r != 0) { if (r != 0) {
printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
result = 0;
goto end; goto end;
} }
SslState *ssl_state = ssn.aldata[AlpGetStateIdx(ALPROTO_SSL)]; SslState *ssl_state = ssn.aldata[AlpGetStateIdx(ALPROTO_SSL)];
if (ssl_state == NULL) { if (ssl_state == NULL) {
printf("no ssl state: "); printf("no ssl state: ");
result = 0;
goto end; goto end;
} }
if (ssl_state->client_content_type != 0x1) { if (ssl_state->client_content_type != 0x1) {
printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x1, printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x1,
ssl_state->client_content_type); ssl_state->client_content_type);
result = 0;
goto end; goto end;
} }
if (ssl_state->client_version != SSL_CLIENT_VERSION) { if (ssl_state->client_version != SSL_CLIENT_VERSION) {
printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ", printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ",
SSL_CLIENT_VERSION, ssl_state->client_version); SSL_CLIENT_VERSION, ssl_state->client_version);
result = 0;
goto end; goto end;
} }
result = 1;
end: end:
StreamL7DataPtrFree(&ssn); StreamL7DataPtrFree(&ssn);
StreamTcpFreeConfig(TRUE); StreamTcpFreeConfig(TRUE);
@ -689,7 +688,7 @@ end:
StreamTcpFreeConfig(TRUE); StreamTcpFreeConfig(TRUE);
return result; return result;
} }
//#endif /* UNITTESTS */ #endif /* UNITTESTS */
void SSLParserRegisterTests(void) { void SSLParserRegisterTests(void) {
#ifdef UNITTESTS #ifdef UNITTESTS

Write Preview
Loading…
Cancel
Save