aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add ACK validation to Reset/RST validation code.

Browse Source
remotes/origin/master-1.1.x
Victor Julien 14 years ago
parent 16cd31a408
commit 94fe0d5fa2
2 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
src/decode-events.h
Unescape Escape View File

@ -171,6 +171,7 @@ enum {
STREAM_TIMEWAIT_INVALID_ACK, STREAM_TIMEWAIT_INVALID_ACK,
STREAM_PKT_INVALID_TIMESTAMP, STREAM_PKT_INVALID_TIMESTAMP,
STREAM_PKT_INVALID_ACK, STREAM_PKT_INVALID_ACK,
STREAM_RST_INVALID_ACK,
/* should always be last! */ /* should always be last! */
DECODE_EVENT_MAX, DECODE_EVENT_MAX,

13
src/stream-tcp.c
Unescape Escape View File

@ -3399,11 +3399,24 @@ static int ValidReset(TcpSession *ssn, Packet *p)
StreamTcpSetOSPolicy(&ssn->server, p); StreamTcpSetOSPolicy(&ssn->server, p);
os_policy = ssn->server.os_policy; os_policy = ssn->server.os_policy;
if (StreamTcpValidateAck(&ssn->server, p) == -1) {
SCLogDebug("ssn %p: rejecting because of invalid ack value", ssn);
StreamTcpSetEvent(p, STREAM_RST_INVALID_ACK);
SCReturnInt(-1);
}
} else { } else {
if (ssn->client.os_policy == 0) if (ssn->client.os_policy == 0)
StreamTcpSetOSPolicy(&ssn->client, p); StreamTcpSetOSPolicy(&ssn->client, p);
os_policy = ssn->client.os_policy; os_policy = ssn->client.os_policy;
if (StreamTcpValidateAck(&ssn->client, p) == -1) {
SCLogDebug("ssn %p: rejecting because of invalid ack value", ssn);
StreamTcpSetEvent(p, STREAM_RST_INVALID_ACK);
SCReturnInt(-1);
}
} }
switch (os_policy) { switch (os_policy) {

Write Preview
Loading…
Cancel
Save