From 7eb03bc0daa40184cf886e503b6fa197dc659008 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail Date: Fri, 1 Nov 2024 22:20:24 +0100 Subject: [PATCH] TCP: Fix Reset segment processing When a received RST segment contains data, this is diagnostic data that explains the cause of the RST. So we have to stop processing, even if we don't print the data (no "-v"). Rename two test outputs, with "-v" in the names. Add two test cases (existing pcap printed without "-v"). --- print-tcp.c | 7 +++++-- tests/TESTLIST | 6 ++++-- tests/tcp_rst_data-trunc-v.out | 2 ++ tests/tcp_rst_data-trunc.out | 3 +-- tests/tcp_rst_data-v.out | 2 ++ tests/tcp_rst_data.out | 3 +-- 6 files changed, 15 insertions(+), 8 deletions(-) create mode 100644 tests/tcp_rst_data-trunc-v.out create mode 100644 tests/tcp_rst_data-v.out diff --git a/print-tcp.c b/print-tcp.c index 38f80d9b..4314ec22 100644 --- a/print-tcp.c +++ b/print-tcp.c @@ -729,8 +729,11 @@ tcp_print(netdissect_options *ndo, nd_trunc_longjmp(ndo); } bp += header_len; - if ((flags & TH_RST) && ndo->ndo_vflag) { - print_tcp_rst_data(ndo, bp, length); + if (flags & TH_RST) { + if(ndo->ndo_vflag) + print_tcp_rst_data(ndo, bp, length); + else + ND_TCHECK_LEN(bp, length); return; } diff --git a/tests/TESTLIST b/tests/TESTLIST index f56ac855..1e0759bc 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -39,9 +39,11 @@ tcp-handshake-nano-tttt tcp-handshake-nano.pcap tcp-handshake-nano-tttt.out -ttt tcp-handshake-nano-ttttt tcp-handshake-nano.pcap tcp-handshake-nano-ttttt.out -ttttt -q --nano SPECIAL_t # TCP with data in the RST segment -tcp_rst_data tcp_rst_data.pcap tcp_rst_data.out -v +tcp_rst_data tcp_rst_data.pcap tcp_rst_data-v.out -v +tcp_rst_data tcp_rst_data.pcap tcp_rst_data.out # TCP with data in the RST segment, truncated example -tcp_rst_data-trunc tcp_rst_data-trunc.pcap tcp_rst_data-trunc.out -v +tcp_rst_data-trunc tcp_rst_data-trunc.pcap tcp_rst_data-trunc-v.out -v +tcp_rst_data-trunc tcp_rst_data-trunc.pcap tcp_rst_data-trunc.out # TCP tcp_eight_lowest_weight_flags_set tcp_eight_lowest_weight_flags_set.pcap tcp_eight_lowest_weight_flags_set.out diff --git a/tests/tcp_rst_data-trunc-v.out b/tests/tcp_rst_data-trunc-v.out new file mode 100644 index 00000000..0f25b0b4 --- /dev/null +++ b/tests/tcp_rst_data-trunc-v.out @@ -0,0 +1,2 @@ + 1 2013-02-26 22:03:19.190965 IP (tos 0x20, ttl 243, id 8243, offset 0, flags [DF], proto TCP (6), length 98) + 199.204.31.89.80 > 172.16.133.41.52875: Flags [R.], seq 1617159969:1617160027, ack 1936660873, win 5785, length 58 [!RST+ BIG-IP: [0x11c5672:3045] {peer] diff --git a/tests/tcp_rst_data-trunc.out b/tests/tcp_rst_data-trunc.out index 0f25b0b4..e368f365 100644 --- a/tests/tcp_rst_data-trunc.out +++ b/tests/tcp_rst_data-trunc.out @@ -1,2 +1 @@ - 1 2013-02-26 22:03:19.190965 IP (tos 0x20, ttl 243, id 8243, offset 0, flags [DF], proto TCP (6), length 98) - 199.204.31.89.80 > 172.16.133.41.52875: Flags [R.], seq 1617159969:1617160027, ack 1936660873, win 5785, length 58 [!RST+ BIG-IP: [0x11c5672:3045] {peer] + 1 2013-02-26 22:03:19.190965 IP 199.204.31.89.80 > 172.16.133.41.52875: Flags [R.], seq 1617159969:1617160027, ack 1936660873, win 5785, length 58 [|tcp] diff --git a/tests/tcp_rst_data-v.out b/tests/tcp_rst_data-v.out new file mode 100644 index 00000000..13f77006 --- /dev/null +++ b/tests/tcp_rst_data-v.out @@ -0,0 +1,2 @@ + 1 2013-02-26 22:03:19.190965 IP (tos 0x20, ttl 243, id 8243, offset 0, flags [DF], proto TCP (6), length 98) + 199.204.31.89.80 > 172.16.133.41.52875: Flags [R.], cksum 0x8471 (correct), seq 1617159969:1617160027, ack 1936660873, win 5785, length 58 [RST+ BIG-IP: [0x11c5672:3045] {peer] diff --git a/tests/tcp_rst_data.out b/tests/tcp_rst_data.out index 13f77006..d43424c2 100644 --- a/tests/tcp_rst_data.out +++ b/tests/tcp_rst_data.out @@ -1,2 +1 @@ - 1 2013-02-26 22:03:19.190965 IP (tos 0x20, ttl 243, id 8243, offset 0, flags [DF], proto TCP (6), length 98) - 199.204.31.89.80 > 172.16.133.41.52875: Flags [R.], cksum 0x8471 (correct), seq 1617159969:1617160027, ack 1936660873, win 5785, length 58 [RST+ BIG-IP: [0x11c5672:3045] {peer] + 1 2013-02-26 22:03:19.190965 IP 199.204.31.89.80 > 172.16.133.41.52875: Flags [R.], seq 1617159969:1617160027, ack 1936660873, win 5785, length 58