118 lines
3.7 KiB
Plaintext
118 lines
3.7 KiB
Plaintext
$NetBSD: patch-ak,v 1.2 2012/03/31 08:31:06 dholland Exp $
|
|
|
|
- use standard headers
|
|
- unclear other changes from a long time back
|
|
|
|
--- sn_packets.c.orig 1997-04-18 09:33:58.000000000 +0000
|
|
+++ sn_packets.c
|
|
@@ -4,6 +4,7 @@
|
|
#include "sn_config.h"
|
|
#include "sn_defines.h"
|
|
#include "sn_structs.h"
|
|
+#include <string.h>
|
|
#include <netinet/in.h>
|
|
|
|
extern int PROTO_HEAD;
|
|
@@ -43,6 +44,7 @@ int unwrap_packet (unsigned char *sp, st
|
|
struct UDP_header UDPhead;
|
|
|
|
int i;
|
|
+ short int dummy; /* 2 bytes, important */
|
|
|
|
memcpy(&IPhead,(sp+PROTO_HEAD),sizeof(struct IP_header));
|
|
/* IP header Conversion */
|
|
@@ -51,6 +53,7 @@ int unwrap_packet (unsigned char *sp, st
|
|
unwrapped->TCP_len = 0; /* Reset structure NEEDED!!! */
|
|
unwrapped->UDP_len = 0;
|
|
unwrapped->DATA_len = 0;
|
|
+ unwrapped->FRAG_nf = 0;
|
|
|
|
if(NO_CHKSUM == 0)
|
|
{
|
|
@@ -75,32 +78,74 @@ int unwrap_packet (unsigned char *sp, st
|
|
/* restore orig buffer */
|
|
/* general programming rule */
|
|
}
|
|
+
|
|
+#ifdef DEBUG_ONSCREEN
|
|
+ printf("IPheadlen: %d total length: %d\n", unwrapped->IP_len,
|
|
+ ntohs(IPhead.length));
|
|
+#endif
|
|
+
|
|
+ dummy=ntohs(IPhead.flag_offset); dummy<<=3;
|
|
+ if( dummy!=0 ) /* we have offset */
|
|
+ {
|
|
+ unwrapped->FRAG_nf = 1;
|
|
+ }
|
|
+
|
|
if(IPhead.protocol == TCP ) /* TCP */
|
|
{
|
|
- memcpy(&TCPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
|
|
+ if(unwrapped->FRAG_nf == 0)
|
|
+ {
|
|
+ if( (ntohs(IPhead.length)-(unwrapped->IP_len))<20 )
|
|
+ {return CORRUPT_IP;};
|
|
+
|
|
+ memcpy(&TCPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
|
|
sizeof(struct TCP_header));
|
|
- unwrapped->TCP_len = ntohs(TCPhead.offset_flag) & 0xF000;
|
|
- unwrapped->TCP_len >>= 10;
|
|
- unwrapped->DATA_len = ntohs(IPhead.length) -
|
|
+ unwrapped->TCP_len = ntohs(TCPhead.offset_flag) & 0xF000;
|
|
+ unwrapped->TCP_len >>= 10;
|
|
+ unwrapped->DATA_len = ntohs(IPhead.length) -
|
|
(unwrapped->IP_len) - (unwrapped->TCP_len);
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ unwrapped->DATA_len = ntohs(IPhead.length) - (unwrapped->IP_len);
|
|
+ }
|
|
return TCP;
|
|
}
|
|
if(IPhead.protocol == ICMP ) /* ICMP */
|
|
{
|
|
- memcpy(&ICMPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
|
|
+ if(unwrapped->FRAG_nf == 0)
|
|
+ {
|
|
+ if( (ntohs(IPhead.length)-(unwrapped->IP_len))<4 )
|
|
+ {return CORRUPT_IP;};
|
|
+
|
|
+ memcpy(&ICMPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
|
|
sizeof(struct ICMP_header));
|
|
- unwrapped->ICMP_len = ICMP_HEADLENGTH;
|
|
- unwrapped->DATA_len = ntohs(IPhead.length) -
|
|
+ unwrapped->ICMP_len = ICMP_HEADLENGTH;
|
|
+ unwrapped->DATA_len = ntohs(IPhead.length) -
|
|
(unwrapped->IP_len) - (unwrapped->ICMP_len);
|
|
- return ICMP;
|
|
+ return ICMP;
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ return -1; /* don't handle fragmented ICMP */
|
|
+ }
|
|
}
|
|
if(IPhead.protocol == UDP ) /* UDP */
|
|
{
|
|
- memcpy(&UDPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
|
|
+ if(unwrapped->FRAG_nf == 0)
|
|
+ {
|
|
+ if( (ntohs(IPhead.length)-(unwrapped->IP_len))<8 )
|
|
+ {return CORRUPT_IP;};
|
|
+
|
|
+ memcpy(&UDPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
|
|
sizeof(struct UDP_header));
|
|
- unwrapped->UDP_len = UDP_HEADLENGTH;
|
|
- unwrapped->DATA_len = ntohs(IPhead.length) -
|
|
+ unwrapped->UDP_len = UDP_HEADLENGTH;
|
|
+ unwrapped->DATA_len = ntohs(IPhead.length) -
|
|
(unwrapped->IP_len) - (unwrapped->UDP_len);
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ unwrapped->DATA_len = ntohs(IPhead.length)-(unwrapped->IP_len);
|
|
+ }
|
|
return UDP;
|
|
}
|
|
return -1;
|