From 35dc6e27ae11a92553611a9d3d8c1ed963a894d4 Mon Sep 17 00:00:00 2001 From: Ludovico Cavedon Date: Tue, 9 Jan 2018 10:26:10 -0800 Subject: Fix MPLS header parsing in ndpiReader. Reported at https://bugs.debian.org/886133. The current parsing for the MPLS header in examples/ndpi_util.c has multiple issues: - the bitfield order is incorrect for little endian architectures - ntohl() is applied to a 20 bit label, which has unclear purpose - if multiple labels are detected, the while loop parsing labels will never exit due to a missing re-read of the mpls label - the last label is identified by looking inside the label field, while it should be done by looking at the S bit This change fixes the above issues. Notice that bitfield ordering is implementation-dependent, so C bitfields should not be used in the first place to parse network packets. --- example/ndpi_util.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'example/ndpi_util.c') diff --git a/example/ndpi_util.c b/example/ndpi_util.c index d0a8470dc..af83c6d14 100644 --- a/example/ndpi_util.c +++ b/example/ndpi_util.c @@ -689,7 +689,10 @@ struct ndpi_proto ndpi_workflow_process_packet (struct ndpi_workflow * workflow, const struct ndpi_wifi_header *wifi; /* --- MPLS header --- */ - struct ndpi_mpls_header *mpls; + union mpls { + uint32_t u32; + struct ndpi_mpls_header mpls; + } mpls; /** --- IP header --- **/ struct ndpi_iphdr *iph; @@ -846,15 +849,15 @@ struct ndpi_proto ndpi_workflow_process_packet (struct ndpi_workflow * workflow, break; case MPLS_UNI: case MPLS_MULTI: - mpls = (struct ndpi_mpls_header *) &packet[ip_offset]; - label = ntohl(mpls->label); - /* label = ntohl(*((u_int32_t*)&packet[ip_offset])); */ + mpls.u32 = *((uint32_t *) &packet[ip_offset]); + mpls.u32 = ntohl(mpls.u32); workflow->stats.mpls_count++; type = ETH_P_IP, ip_offset += 4; - while((label & 0x100) != 0x100) { + while(!mpls.mpls.s) { ip_offset += 4; - label = ntohl(mpls->label); + mpls.u32 = *((uint32_t *) &packet[ip_offset]); + mpls.u32 = ntohl(mpls.u32); } break; case PPPoE: -- cgit v1.2.3