diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2020-11-03 11:35:52 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-03 11:35:52 +0100 |
| commit | a9547da138871ff019aaa51092544d9ca005dffd (patch) | |
| tree | 623edb9f069368a0ae7572fd4acfbc70211dfa3d | |
| parent | 92b80e2468f53ffb86b7b530e54579a81c8f3d22 (diff) | |
QUIC: fix dissection of Initial packets coalesced with 0-RTT one (#1044)
* QUIC: fix dissection of Initial packets coalesced with 0-RTT one
* QUIC: fix a memory leak
| -rw-r--r-- | src/lib/protocols/quic.c | 13 | ||||
| -rw-r--r-- | tests/pcap/quic_0RTT.pcap | bin | 0 -> 2644 bytes | |||
| -rw-r--r-- | tests/result/quic_0RTT.pcap.out | 8 |
3 files changed, 19 insertions, 2 deletions
diff --git a/src/lib/protocols/quic.c b/src/lib/protocols/quic.c index 924b90b8a..88c535cd0 100644 --- a/src/lib/protocols/quic.c +++ b/src/lib/protocols/quic.c @@ -856,13 +856,22 @@ static uint8_t *decrypt_initial_packet(struct ndpi_detection_module_struct *ndpi pn_offset += quic_len(&packet->payload[pn_offset], &token_length); pn_offset += token_length; /* Checks: quic_len reads 8 bytes, at most; quic_decrypt_header reads other 20 bytes */ - if(pn_offset + 8 + (4 + 16) >= packet->payload_packet_len) + if(pn_offset + 8 + (4 + 16) >= packet->payload_packet_len) { + quic_cipher_reset(&cipher); return NULL; + } pn_offset += quic_len(&packet->payload[pn_offset], &payload_length); NDPI_LOG_DBG2(ndpi_struct, "pn_offset %d token_length %d payload_length %d\n", pn_offset, token_length, payload_length); + if (pn_offset + payload_length > packet->payload_packet_len) { + NDPI_LOG_DBG(ndpi_struct, "Too short %d %d\n", pn_offset + payload_length, + packet->payload_packet_len); + quic_cipher_reset(&cipher); + return NULL; + } + if(!quic_decrypt_header(&packet->payload[0], pn_offset, cipher.hp_cipher, GCRY_CIPHER_AES128, &first_byte, &pkn32)) { quic_cipher_reset(&cipher); @@ -875,7 +884,7 @@ static uint8_t *decrypt_initial_packet(struct ndpi_detection_module_struct *ndpi packet_number = pkn32; offset = pn_offset + pkn_len; - quic_decrypt_message(&cipher, &packet->payload[0], packet->payload_packet_len, + quic_decrypt_message(&cipher, &packet->payload[0], pn_offset + payload_length, offset, first_byte, pkn_len, packet_number, &decryption); quic_cipher_reset(&cipher); diff --git a/tests/pcap/quic_0RTT.pcap b/tests/pcap/quic_0RTT.pcap Binary files differnew file mode 100644 index 000000000..7ade88654 --- /dev/null +++ b/tests/pcap/quic_0RTT.pcap diff --git a/tests/result/quic_0RTT.pcap.out b/tests/result/quic_0RTT.pcap.out new file mode 100644 index 000000000..50c318c89 --- /dev/null +++ b/tests/result/quic_0RTT.pcap.out @@ -0,0 +1,8 @@ +QUIC 2 2588 1 + +JA3 Host Stats: + IP Address # JA3C + 1 ::1 1 + + + 1 UDP [::1]:60459 <-> [::1]:4443 [proto: 188/QUIC][cat: Web/5][1 pkts/1294 bytes <-> 1 pkts/1294 bytes][Goodput ratio: 95/95][0.00 sec][ALPN: h3-32][TLS Supported Versions: TLSv1.3;TLSv1.3 (draft);TLSv1.3 (draft);TLSv1.3 (draft)][TLSv1.3][Client: abcd][JA3C: a7b629a5bd67bfc25e2c78b3daa4c12f][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0] |