suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	68c7fae79f	ipv6: simplify ext hdr parsing and storage This reduces size of the IPV6ExtHdr structure part of every packet significantly. Clean up macro's in the ipv6 header.	9 years ago
Victor Julien	9fd96f531a	ipv6: convert ext header pointers to const To prevent accidental writes into the orignal packet buffer, use const pointers for the extension header pointers used by IPv6. This will cause compiler warnings in case of writes.	11 years ago
Victor Julien	5f4a23deb9	ipv6: RH extension header parsing issue A logic error in the IPv6 Routing header parsing caused accidental updating of the original packet buffer. The calculated extension header lenght was set to the length field of the routing header, causing it to be wrong. This has 2 consequences: 1. defrag failure. As the now modified payload was used in defrag, the decoding of the reassembled packet now contained a broken length field for the routing header. This would lead to decoding failure. The potential here is evasion, although it would trigger: [1:2200014:1] SURICATA IPv6 truncated extension header 2. in IPS mode, especially the AF_PACKET mode, the modified and now broken packet would be transmitted on the wire. It's likely that end hosts and/or routers would reject this packet. NFQ based IPS mode would be less affected, as it 'verdicts' based on the packet handle. In case of replacing the packet (replace keyword or stream normalization) it could broadcast the bad packet. Additionally, the RH Type 0 address parsing was also broken. It too would modify the original packet. As the result of this code was not used anywhere else in the engine, this code is now disabled. Reported-By: Rafael Schaefer <rschaefer@ernw.de>	11 years ago
Ken Steele	c91b7fd3bc	More structures that need to be marked Packed. These structures are cast from raw packet data, so they should be packed. The case is: typedef struct Foo_ { } Foo; Foo f = (Foo )pkt;	11 years ago
Victor Julien	1195f882b9	ipv6: add support for PAD1 Support PAD1 in IPv6 HOP options header and DST options header.	11 years ago
Victor Julien	98c30be2db	ipv6: improve handling of packets with duplicate (or more) ipv6 extension headers.	13 years ago
Victor Julien	92e7a7d254	ipv6: fix detection engine using the originals IPv6 header's nxt hdr value instead of the upper layer one.	13 years ago
Victor Julien	cdba2f50d1	Various fixes and improvements based on feedback by Coverity analyzer.	13 years ago
Anoop Saldanha	f514b141ce	fix ipv6 header setup in pseudo pkt creation	13 years ago
Victor Julien	34450b9b57	Don't parse layers / ext headers above ipv6 frag header. This is taken care of by defrag.	13 years ago
Victor Julien	e1d4e16645	Simplify packet decoding macro's.	14 years ago
Victor Julien	4a2d4eef5a	Properly reset IPv6 extension headers structure.	14 years ago
Victor Julien	6519a86ec7	Move packet pool to ringbuffer, update packet pool api and ringbuffer api. Remove memset usage from PACKET_RECYCLE, add proper cleanup macros.	15 years ago
William Metcalf	2eef905c07	GPL and Copyright header updates.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	0d0ffb9963	Reorganize header inclusions.	16 years ago
Brian Rectanus	fa5939ca91	64 bit cleanup part2	16 years ago
Victor Julien	689bbfdc45	Rename all structure definitions in the "typedef struct _SomeStruct" format to "typedef struct SomeStruct_" to make the Doxygen output more useful. Remove the Trie multi pattern matcher code. It wasn't used anymore.	16 years ago
Victor Julien	516ca7ead5	Fix IPv4 and IPv6 decoders not being able to deal with ethernet packets with trailing bytes.	16 years ago
Victor Julien	bab4b62376	Initial add of the files.	16 years ago

20 Commits (3205a8789b418dc601e85bc90b92d0091834fd7c)