libalias: improve handling of invalid SCTP packets

In case of a paritial chunk only pretend the result is OK if the packet is not the last fragment and there is a valid association. PR: 267476 MFC after: 3 days
2024-09-06 09:10:28 +00:00 · 2022-11-15 21:05:02 +01:00 · 2022-11-15 21:05:02 +01:00 · 9a71437621
parent e471259313
commit 9a71437621
1 changed files with 7 additions and 4 deletions
--- a/sys/netinet/libalias/alias_sctp.c
+++ b/sys/netinet/libalias/alias_sctp.c
@ -754,8 +754,11 @@ SctpAlias(struct libalias *la, struct ip *pip, int direction)
 	case SN_PARSE_OK:
 		break;
 	case SN_PARSE_ERROR_CHHL:
-		/* Not an error if there is a chunk length parsing error and this is a fragmented packet */
-		if (ntohs(pip->ip_off) & IP_MF) {
+		/*
+		 * Not an error, if there is a chunk length parsing error,
+		 * this is a fragmented packet, and we have a valid assoc.
+		 */
+		if ((assoc != NULL) && (ntohs(pip->ip_off) & IP_MF)) {
 			rtnval = SN_PARSE_OK;
 			break;
 		}
@ -1067,6 +1070,8 @@ sctp_PktParser(struct libalias *la, int direction, struct ip *pip,
 	 * Also, I am only interested in the content of INIT and ADDIP chunks
 	 */

+	sm->msg = SN_SCTP_OTHER;/* Initialise to largest value*/
+	sm->chunk_length = 0; /* only care about length for key chunks */
 	// no mbuf stuff from Paolo yet so ...
 	sm->ip_hdr = pip;
 	/* remove ip header length from the bytes_left */
@ -1114,8 +1119,6 @@ sctp_PktParser(struct libalias *la, int direction, struct ip *pip,

 	chunk_count = 1;
 	/* Real packet parsing occurs below */
-	sm->msg = SN_SCTP_OTHER;/* Initialise to largest value*/
-	sm->chunk_length = 0; /* only care about length for key chunks */
 	while (IS_SCTP_CONTROL(chunk_hdr)) {
 		switch (chunk_hdr->chunk_type) {
 		case SCTP_INITIATION: