Check packetsize before process to fix out of range

This commit is contained in:
Kusakabe Si 2021-12-10 17:35:44 +00:00
parent 89f1548dd4
commit 5608430139
15 changed files with 58 additions and 40 deletions

View File

@ -356,6 +356,7 @@ func NewDevice(tapDevice tap.Device, id mtypes.Vertex, bind conn.Bind, logger *L
device.SuperConfigPath = configpath
device.SuperConfig = sconfig
device.EdgeConfig = &mtypes.EdgeConfig{}
device.EdgeConfig.Interface.MTU = 1416
device.Chan_server_pong = superevents.Event_server_pong
device.Chan_server_register = superevents.Event_server_register
device.LogLevel = sconfig.LogLevel

View File

@ -7,6 +7,7 @@ package device
import (
"bytes"
"encoding/base64"
"encoding/binary"
"errors"
"fmt"
@ -427,6 +428,7 @@ func (peer *Peer) RoutineSequentialReceiver() {
should_process := false
should_receive := false
should_transfer := false
packetlan := 0
currentTime := time.Now()
storeTime := currentTime.Add(time.Second)
if currentTime.After((*peer.LastPacketReceivedAdd1Sec.Load().(*time.Time))) {
@ -463,24 +465,30 @@ func (peer *Peer) RoutineSequentialReceiver() {
device.log.Errorf("Invalid EgHeader from peer %v", peer)
goto skip
}
EgHeader, _ = path.NewEgHeader(elem.packet[0:path.EgHeaderLen]) // EG header
EgHeader, _ = path.NewEgHeader(elem.packet[0:path.EgHeaderLen], device.EdgeConfig.Interface.MTU) // EG header
src_nodeID = EgHeader.GetSrc()
dst_nodeID = EgHeader.GetDst()
elem.packet = elem.packet[:EgHeader.GetPacketLength()+path.EgHeaderLen] // EG header + true packet
packet_type = elem.Type
packetlan = int(EgHeader.GetPacketLength() + path.EgHeaderLen)
if packetlan >= len(elem.packet) {
device.log.Errorf("received invalid packet content: %v S:%v D:%v From:%v IP:%v", base64.StdEncoding.EncodeToString([]byte(elem.packet)), src_nodeID.ToString(), dst_nodeID.ToString(), peer.ID.ToString(), peer.endpoint.DstToString())
goto skip
}
elem.packet = elem.packet[:packetlan] // EG header + true packet
if device.IsSuperNode {
if packet_type.IsControl_Edge2Super() {
should_process = true
} else {
device.log.Errorf("received unsupported packet_type %v from %v %v", packet_type, src_nodeID, peer.endpoint.DstToString())
device.log.Errorf("received unsupported packet_type %v S:%v From:%v IP:%v", packet_type, src_nodeID, peer.ID.ToString(), peer.endpoint.DstToString())
goto skip
}
switch dst_nodeID {
case mtypes.NodeID_SuperNode:
should_process = true
default:
device.log.Errorf("received invalid dst_nodeID %v from %v %v", dst_nodeID, src_nodeID, peer.endpoint.DstToString())
device.log.Errorf("received invalid dst_nodeID: %v S:%v From:%v IP:%v", dst_nodeID, src_nodeID, peer.ID.ToString(), peer.endpoint.DstToString())
goto skip
}
} else {
@ -515,7 +523,7 @@ func (peer *Peer) RoutineSequentialReceiver() {
}
} else {
device.log.Errorf("received ServerUpdate packet from non supernode %v %v", src_nodeID, peer.endpoint.DstToString())
device.log.Errorf("received ServerUpdate packet from non supernode S:%v From:%v IP:%v", src_nodeID, peer.ID.ToString(), peer.endpoint.DstToString())
goto skip
}
}
@ -530,7 +538,7 @@ func (peer *Peer) RoutineSequentialReceiver() {
should_transfer = true
} else {
if device.LogLevel.LogTransit {
fmt.Printf("Transit: Duplicate packet received from %d through %d , src_nodeID = %d . Dropped.\n", peer.ID, device.ID, src_nodeID)
fmt.Printf("Transit: Duplicate packet dropped. From:%v Me:%v To:%v S:%v D:%v\n", peer.ID, device.ID, peer_out.ID, src_nodeID.ToString(), dst_nodeID.ToString())
}
goto skip
}
@ -569,7 +577,7 @@ func (peer *Peer) RoutineSequentialReceiver() {
peer_out = device.peers.IDMap[next_id]
device.peers.RUnlock()
if device.LogLevel.LogTransit {
fmt.Printf("Transit: Transfer packet from %d through %d to %d\n", peer.ID, device.ID, peer_out.ID)
fmt.Printf("Transit: Transfer From:%v Me:%v To:%v S:%v D:%v\n", peer.ID, device.ID, peer_out.ID, src_nodeID.ToString(), dst_nodeID.ToString())
}
go device.SendPacket(peer_out, elem.Type, elem.packet, MessageTransportOffsetContent)
}
@ -581,7 +589,7 @@ func (peer *Peer) RoutineSequentialReceiver() {
if packet_type != path.NormalPacket {
if device.LogLevel.LogControl {
if peer.GetEndpointDstStr() != "" {
fmt.Printf("Control: Received S:%v D:%v %v From:%v\n", src_nodeID.ToString(), dst_nodeID.ToString(), device.sprint_received(packet_type, elem.packet[path.EgHeaderLen:]), peer.ID.ToString())
fmt.Printf("Control: Recv %v S:%v D:%v From:%v IP:%v\n", device.sprint_received(packet_type, elem.packet[path.EgHeaderLen:]), src_nodeID.ToString(), dst_nodeID.ToString(), peer.ID.ToString(), peer.GetEndpointDstStr())
}
}
err = device.process_received(packet_type, peer, elem.packet[path.EgHeaderLen:])
@ -599,7 +607,7 @@ func (peer *Peer) RoutineSequentialReceiver() {
}
if device.LogLevel.LogNormal {
packet_len := len(elem.packet) - path.EgHeaderLen
fmt.Println("Normal: Reveived Normal packet From:" + peer.GetEndpointDstStr() + " SrcID:" + src_nodeID.ToString() + " DstID:" + dst_nodeID.ToString() + " Len:" + strconv.Itoa(packet_len))
fmt.Println("Normal: Recv Normal packet From:" + peer.GetEndpointDstStr() + " SrcID:" + src_nodeID.ToString() + " DstID:" + dst_nodeID.ToString() + " Len:" + strconv.Itoa(packet_len))
packet := gopacket.NewPacket(elem.packet[path.EgHeaderLen:], layers.LayerTypeEthernet, gopacket.Default)
fmt.Println(packet.Dump())
}

View File

@ -36,27 +36,28 @@ func (device *Device) SendPacket(peer *Peer, usage path.Usage, packet []byte, of
}
if usage == path.NormalPacket && len(packet)-path.EgHeaderLen <= 12 {
if device.LogLevel.LogNormal {
fmt.Println("Normal: Invalid packet: Ethernet packet too small")
fmt.Printf("Normal: Send Len:%v Invalid packet: Ethernet packet too small\n", len(packet))
}
return
}
if device.LogLevel.LogNormal {
EgHeader, _ := path.NewEgHeader(packet[:path.EgHeaderLen])
EgHeader, _ := path.NewEgHeader(packet[:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
if usage == path.NormalPacket && EgHeader.GetSrc() == device.ID {
dst_nodeID := EgHeader.GetDst()
packet_len := len(packet) - path.EgHeaderLen
fmt.Println("Normal: Send Normal packet To:" + peer.GetEndpointDstStr() + " SrcID:" + device.ID.ToString() + " DstID:" + dst_nodeID.ToString() + " Len:" + strconv.Itoa(packet_len))
fmt.Printf("Normal: Send Len%v S:%v D:%v To:%v IP:%v:\n", packet_len, device.ID.ToString(), dst_nodeID.ToString(), peer.ID.ToString(), peer.GetEndpointDstStr())
packet := gopacket.NewPacket(packet[path.EgHeaderLen:], layers.LayerTypeEthernet, gopacket.Default)
fmt.Println(packet.Dump())
}
}
if device.LogLevel.LogControl {
EgHeader, _ := path.NewEgHeader(packet[:path.EgHeaderLen])
EgHeader, _ := path.NewEgHeader(packet[:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
if usage != path.NormalPacket {
if peer.GetEndpointDstStr() != "" {
src_nodeID := EgHeader.GetSrc()
dst_nodeID := EgHeader.GetDst()
fmt.Printf("Control: Send D:%v %v To:%v\n", dst_nodeID.ToString(), device.sprint_received(usage, packet[path.EgHeaderLen:]), peer.GetEndpointDstStr())
fmt.Printf("Control: Send %v S:%v D:%v To:%v IP:%v\n", device.sprint_received(usage, packet[path.EgHeaderLen:]), src_nodeID.ToString(), dst_nodeID.ToString(), peer.ID.ToString(), peer.GetEndpointDstStr())
}
}
}
@ -246,7 +247,7 @@ func (device *Device) GeneratePingPacket(src_nodeID mtypes.Vertex, request_reply
return nil, path.PingPacket, err
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[0:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[0:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
if err != nil {
return nil, path.PingPacket, err
}
@ -305,7 +306,7 @@ func (device *Device) server_process_RegisterMsg(peer *Peer, content mtypes.Regi
return err
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
header.SetSrc(device.ID)
header.SetTTL(0)
header.SetPacketLength(uint16(len(body)))
@ -348,7 +349,7 @@ func (device *Device) process_ping(peer *Peer, content mtypes.PingMsg) error {
return err
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
header.SetSrc(device.ID)
header.SetTTL(device.EdgeConfig.DefaultTTL)
header.SetPacketLength(uint16(len(body)))
@ -379,7 +380,7 @@ func (device *Device) process_pong(peer *Peer, content mtypes.PongMsg) error {
return err
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
header.SetSrc(device.ID)
header.SetTTL(device.EdgeConfig.DefaultTTL)
header.SetPacketLength(uint16(len(body)))
@ -702,7 +703,7 @@ func (device *Device) process_RequestPeerMsg(content mtypes.QueryPeerMsg) error
continue
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[0:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[0:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
header.SetDst(mtypes.NodeID_AllPeer)
header.SetTTL(device.EdgeConfig.DefaultTTL)
header.SetSrc(device.ID)
@ -874,7 +875,7 @@ func (device *Device) RoutineRegister(startchan chan struct{}) {
HttpPostCount: device.HttpPostCount,
})
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[0:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[0:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
header.SetDst(mtypes.NodeID_SuperNode)
header.SetTTL(0)
header.SetSrc(device.ID)

View File

@ -251,7 +251,7 @@ func (device *Device) RoutineReadFromTUN() {
//add custom header dst_node, src_node, ttl
size += path.EgHeaderLen
elem.packet = elem.buffer[offset : offset+size]
EgBody, _ := path.NewEgHeader(elem.packet[0:path.EgHeaderLen])
EgBody, _ := path.NewEgHeader(elem.packet[0:path.EgHeaderLen], device.EdgeConfig.Interface.MTU)
dst_nodeID := EgBody.GetDst()
dstMacAddr := tap.GetDstMacAddr(elem.packet[path.EgHeaderLen:])
// lookup peer

View File

@ -20,8 +20,8 @@ PrivKey: 12CRJpzWOTRQDOdtROtwwWb68B4HHjSbrS1WySAkWYI=
ListenPort: 0
LogLevel:
LogLevel: error
LogTransit: false
LogNormal: false
LogTransit: true
LogNormal: true
LogControl: true
LogInternal: true
LogNTP: true

View File

@ -20,8 +20,8 @@ PrivKey: 2swvwMtyuOKd2HsrfSY1eEYKRjhS4dCr2Cwtj9or0us=
ListenPort: 0
LogLevel:
LogLevel: error
LogTransit: false
LogNormal: false
LogTransit: true
LogNormal: true
LogControl: true
LogInternal: true
LogNTP: true

View File

@ -20,8 +20,8 @@ PrivKey: iquaLyD+YLzW3zvI0JGSed9GfDqHYMh/vUaU0PYVAbQ=
ListenPort: 0
LogLevel:
LogLevel: error
LogTransit: false
LogNormal: false
LogTransit: true
LogNormal: true
LogControl: true
LogInternal: true
LogNTP: true

2
go.mod
View File

@ -5,7 +5,7 @@ go 1.17
require (
git.fd.io/govpp.git v0.3.6-0.20210927044411-385ccc0d8ba9
git.fd.io/govpp.git/extras v0.0.0-20211129071605-0a0c03d45954
github.com/KusakabeSi/go-cache v0.0.0-20210823132304-22b5b1d22b41
github.com/KusakabeSi/go-cache v0.0.0-20211210164531-8ee1215c700a
github.com/beevik/ntp v0.3.0
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/google/gopacket v1.1.19

4
go.sum
View File

@ -2,8 +2,8 @@ git.fd.io/govpp.git v0.3.6-0.20210927044411-385ccc0d8ba9 h1:QFHVGWCWf6e226vMy1zU
git.fd.io/govpp.git v0.3.6-0.20210927044411-385ccc0d8ba9/go.mod h1:OCVd4W8SH+666KRQoMj6PM+oipLDZAHhqMz9B1TGbgI=
git.fd.io/govpp.git/extras v0.0.0-20211129071605-0a0c03d45954 h1:F4tLgA7dY1lY1GQ6D7dMiLie39FV6QXinM7BU9cRENY=
git.fd.io/govpp.git/extras v0.0.0-20211129071605-0a0c03d45954/go.mod h1:GhryuN3x7qZ/wYLlEiPUVi6glJvh5S5V6E+XASV4774=
github.com/KusakabeSi/go-cache v0.0.0-20210823132304-22b5b1d22b41 h1:o6o1+n8vqD/Qsxw26x7aLH6QQzPGGmQdKQqQRpkA/ac=
github.com/KusakabeSi/go-cache v0.0.0-20210823132304-22b5b1d22b41/go.mod h1:u+fcGXuY9eUnv1Lw58RgBJcfNxv8rT2jHNI3tdDUHp0=
github.com/KusakabeSi/go-cache v0.0.0-20211210164531-8ee1215c700a h1:5OUSCHnmA6F0QtzSl8Am/QDBI9d16pidq6SbHiPO69U=
github.com/KusakabeSi/go-cache v0.0.0-20211210164531-8ee1215c700a/go.mod h1:u+fcGXuY9eUnv1Lw58RgBJcfNxv8rT2jHNI3tdDUHp0=
github.com/beevik/ntp v0.3.0 h1:xzVrPrE4ziasFXgBVBZJDP0Wg/KpMwk2KHJ4Ba8GrDw=
github.com/beevik/ntp v0.3.0/go.mod h1:hIHWr+l3+/clUnF44zdK+CWW7fO8dR5cIylAQ76NRpg=
github.com/bennyscetbun/jsongo v1.1.0/go.mod h1:suxbVmjBV8+A2BBAM5EYVh6Uj8j3rqJhzWf3hv7Ff8U=

View File

@ -333,7 +333,7 @@ func super_peerdel_notify(toDelete mtypes.Vertex, PubKey string) {
for i := 0; i < 10; i++ {
body, _ := mtypes.GetByte(&ServerUpdateMsg)
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen], 1416)
header.SetSrc(mtypes.NodeID_SuperNode)
header.SetTTL(0)
header.SetPacketLength(uint16(len(body)))
@ -464,7 +464,7 @@ func PushNhTable(force bool) {
return
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen], 1416)
header.SetDst(mtypes.NodeID_SuperNode)
header.SetPacketLength(uint16(len(body)))
header.SetSrc(mtypes.NodeID_SuperNode)
@ -499,7 +499,7 @@ func PushPeerinfo(force bool) {
return
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen], 1416)
header.SetDst(mtypes.NodeID_SuperNode)
header.SetPacketLength(uint16(len(body)))
header.SetSrc(mtypes.NodeID_SuperNode)
@ -541,7 +541,7 @@ func PushServerParams(force bool) {
return
}
buf := make([]byte, path.EgHeaderLen+len(body))
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen])
header, _ := path.NewEgHeader(buf[:path.EgHeaderLen], 1416)
header.SetDst(mtypes.NodeID_SuperNode)
header.SetPacketLength(uint16(len(body)))
header.SetSrc(mtypes.NodeID_SuperNode)

View File

@ -73,7 +73,7 @@ type InterfaceConf struct {
IPv4CIDR string `yaml:"IPv4CIDR"`
IPv6CIDR string `yaml:"IPv6CIDR"`
IPv6LLPrefix string `yaml:"IPv6LLPrefix"`
MTU int `yaml:"MTU"`
MTU uint16 `yaml:"MTU"`
RecvAddr string `yaml:"RecvAddr"`
SendAddr string `yaml:"SendAddr"`
L2HeaderMode string `yaml:"L2HeaderMode"`

View File

@ -93,3 +93,10 @@ func ReadYaml(filePath string, out interface{}) (err error) {
err = yaml.Unmarshal(yamlFile, out)
return
}
func AbsInt(a int) int {
if a < 0 {
a *= -1
}
return a
}

View File

@ -90,7 +90,7 @@ func (v Usage) IsControl_Edge2Edge() bool {
}
}
func NewEgHeader(pac []byte) (e EgHeader, err error) {
func NewEgHeader(pac []byte, mtu uint16) (e EgHeader, err error) {
if len(pac) != EgHeaderLen {
err = errors.New("invalid packet size")
return
@ -120,8 +120,9 @@ func (e EgHeader) SetTTL(ttl uint8) {
e.buf[4] = ttl
}
func (e EgHeader) GetPacketLength() uint16 {
return binary.BigEndian.Uint16(e.buf[5:7])
func (e EgHeader) GetPacketLength() (ret uint16) {
ret = binary.BigEndian.Uint16(e.buf[5:7])
return
}
func (e EgHeader) SetPacketLength(length uint16) {
binary.BigEndian.PutUint16(e.buf[5:7], length)

View File

@ -334,7 +334,7 @@ func getIFIndex(name string) (ret int32, err error) {
return *(*int32)(unsafe.Pointer(&ifr[unix.IFNAMSIZ])), nil
}
func (tap *NativeTap) setMTU(n int) (err error) {
func (tap *NativeTap) setMTU(n uint16) (err error) {
name, err := tap.Name()
if err != nil {
return err

View File

@ -133,7 +133,7 @@ func CreateVppTAP(iconfig mtypes.InterfaceConf, NodeID mtypes.Vertex, loglevel s
tap := &VppTap{
name: iconfig.Name,
mtu: iconfig.MTU,
mtu: int(iconfig.MTU),
ifuid: iconfig.VPPIFaceID,
SwIfIndex: 0,
memifSockPath: path.Join(vppMemifSocketDir, iconfig.Name+".sock"),