suricata
decode-ipv4.c
Go to the documentation of this file.
1/* Copyright (C) 2007-2024 Open Information Security Foundation
2 *
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
5 * Software Foundation.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 * 02110-1301, USA.
16 */
17
18/**
19 * \ingroup decode
20 *
21 * @{
22 */
23
24
25/**
26 * \file
27 *
28 * \author Victor Julien <victor@inliniac.net>
29 * \author Brian Rectanus <brectanu@gmail.com>
30 *
31 * Decode IPv4
32 */
33
34#include "suricata-common.h"
35#include "decode-ipv4.h"
36#include "decode.h"
37#include "defrag.h"
38#include "flow.h"
39#include "util-print.h"
40
41/* Generic validation
42 *
43 * [--type--][--len---]
44 *
45 * \todo This function needs removed in favor of specific validation.
46 *
47 * See: RFC 791
48 */
49static int IPV4OptValidateGeneric(Packet *p, const IPV4Opt *o)
50{
51 switch (o->type) {
52 /* See: RFC 4782 */
53 case IPV4_OPT_QS:
54 if (o->len < IPV4_OPT_QS_MIN) {
55 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
56 return -1;
57 }
58 break;
59 /* See: RFC 1108 */
60 case IPV4_OPT_SEC:
61 case IPV4_OPT_ESEC:
62 if (unlikely(o->len < IPV4_OPT_SEC_MIN)) {
63 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
64 return -1;
65 }
66 break;
67 case IPV4_OPT_SID:
68 if (o->len != IPV4_OPT_SID_LEN) {
69 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
70 return -1;
71 }
72 break;
73 /* See: RFC 2113 */
74 case IPV4_OPT_RTRALT:
75 if (o->len != IPV4_OPT_RTRALT_LEN) {
76 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
77 return -1;
78 }
79 break;
80 default:
81 /* Should never get here unless there is a coding error */
82 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_UNKNOWN);
83 return -1;
84 }
85
86 return 0;
87}
88
89/* Validate route type options
90 *
91 * [--type--][--len---][--ptr---][address1]...[addressN]
92 *
93 * See: RFC 791
94 */
95static int IPV4OptValidateRoute(Packet *p, const IPV4Opt *o)
96{
97 uint8_t ptr;
98
99 /* Check length */
100 if (unlikely(o->len < IPV4_OPT_ROUTE_MIN)) {
101 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
102 return -1;
103 }
104
105 /* Data is required */
106 if (unlikely(o->data == NULL)) {
107 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
108 return -1;
109 }
110 ptr = *o->data;
111
112 /* Address pointer is 1 based and points at least after type+len+ptr,
113 * must be a incremented by 4 bytes (address size) and cannot extend
114 * past option length.
115 */
116 if (unlikely((ptr < 4) || (ptr % 4) || (ptr > o->len + 1))) {
117 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
118 return -1;
119 }
120
121 return 0;
122}
123
124/* Validate timestamp type options
125 *
126 * [--type--][--len---][--ptr---][ovfl][flag][rec1----...]...[recN----...]
127 * NOTE: rec could be 4 (ts only) or 8 (ip+ts) bytes in length.
128 *
129 * See: RFC 781
130 */
131static int IPV4OptValidateTimestamp(Packet *p, const IPV4Opt *o)
132{
133 uint8_t ptr;
134 uint8_t flag;
135 uint8_t rec_size;
136
137 /* Check length */
138 if (unlikely(o->len < IPV4_OPT_TS_MIN)) {
139 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
140 return -1;
141 }
142
143 /* Data is required */
144 if (unlikely(o->data == NULL)) {
145 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
146 return -1;
147 }
148 ptr = *o->data;
149
150 /* We need the flag to determine what is in the option payload */
151 if (unlikely(ptr < 5)) {
152 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
153 return -1;
154 }
155 flag = *(o->data + 1) & 0x0f;
156
157 /* A flag of 1|3 means we have both the ip+ts in each record */
158 rec_size = ((flag == 1) || (flag == 3)) ? 8 : 4;
159
160 /* Address pointer is 1 based and points at least after
161 * type+len+ptr+ovfl+flag, must be incremented by by the rec_size
162 * and cannot extend past option length.
163 */
164 if (unlikely(((ptr - 5) % rec_size) || (ptr > o->len + 1))) {
165 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
166 return -1;
167 }
168
169 return 0;
170}
171
172/* Validate CIPSO option
173 *
174 * [--type--][--len---][--doi---][tags--...]
175 *
176 * See: draft-ietf-cipso-ipsecurity-01.txt
177 * See: FIPS 188 (tags 6 & 7)
178 */
179static int IPV4OptValidateCIPSO(Packet *p, const IPV4Opt *o)
180{
181// uint32_t doi;
182 const uint8_t *tag;
183 uint16_t len;
184
185 /* Check length */
186 if (unlikely(o->len < IPV4_OPT_CIPSO_MIN)) {
187 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
188 return -1;
189 }
190
191 /* Data is required */
192 if (unlikely(o->data == NULL)) {
193 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
194 return -1;
195 }
196// doi = *o->data;
197 tag = o->data + 4;
198 len = o->len - 1 - 1 - 4; /* Length of tags after header */
199
200
201#if 0
202 /* Domain of Interest (DOI) of 0 is reserved and thus invalid */
203 /** \todo Apparently a DOI of zero is fine in practice - verify. */
204 if (doi == 0) {
205 ENGINE_SET_EVENT(p,IPV4_OPT_MALFORMED);
206 return -1;
207 }
208#endif
209
210 /* NOTE: We know len has passed min tests prior to this call */
211
212 /* Check that tags are formatted correctly
213 * [-ttype--][--tlen--][-tagdata-...]
214 */
215 while (len) {
216 uint8_t ttype;
217 uint8_t tlen;
218
219 /* Tag header must fit within option length */
220 if (unlikely(len < 2)) {
221 //printf("CIPSO tag header too large %" PRIu16 " < 2\n", len);
222 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
223 return -1;
224 }
225
226 /* Tag header is type+len */
227 ttype = *(tag++);
228 tlen = *(tag++);
229
230 /* Tag length must fit within the option length */
231 if (unlikely(tlen > len)) {
232 //printf("CIPSO tag len too large %" PRIu8 " > %" PRIu16 "\n", tlen, len);
233 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
234 return -1;
235 }
236
237 switch(ttype) {
238 case 1:
239 case 2:
240 case 5:
241 case 6:
242 case 7:
243 /* Tag is at least 4 and at most the remainder of option len */
244 if (unlikely((tlen < 4) || (tlen > len))) {
245 //printf("CIPSO tag %" PRIu8 " bad tlen=%" PRIu8 " len=%" PRIu8 "\n", ttype, tlen, len);
246 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
247 return -1;
248 }
249
250 /* The alignment octet is always 0 except tag
251 * type 7, which has no such field.
252 */
253 if (unlikely((ttype != 7) && (*tag != 0))) {
254 //printf("CIPSO tag %" PRIu8 " ao=%" PRIu8 "\n", ttype, tlen);
255 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
256 return -1;
257 }
258
259 /* Skip the rest of the tag payload */
260 tag += tlen - 2;
261 len -= tlen;
262
263 continue;
264 case 0:
265 /* Tag type 0 is reserved and thus invalid */
266 /** \todo Wireshark marks this a padding, but spec says reserved. */
267 ENGINE_SET_INVALID_EVENT(p,IPV4_OPT_MALFORMED);
268 return -1;
269 default:
270 //printf("CIPSO tag %" PRIu8 " unknown tag\n", ttype);
271 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_MALFORMED);
272 /** \todo May not want to return error here on unknown tag type (at least not for 3|4) */
273 return -1;
274 }
275 }
276
277 return 0;
278}
279
292
293/**
294 * Decode/Validate IPv4 Options.
295 */
296static int DecodeIPV4Options(Packet *p, const uint8_t *pkt, uint16_t len, IPV4Options *opts)
297{
298 uint16_t plen = len;
299
300#ifdef DEBUG
301 if (SCLogDebugEnabled()) {
302 uint16_t i;
303 char buf[256] = "";
304 int offset = 0;
305
306 for (i = 0; i < len; i++) {
307 offset += snprintf(buf + offset, (sizeof(buf) - offset), "%02" PRIx8 " ", pkt[i]);
308 }
309 SCLogDebug("IPV4OPTS: { %s}", buf);
310 }
311#endif
312
313 /* Options length must be padded to 8byte boundary */
314 if (plen % 8) {
315 ENGINE_SET_EVENT(p,IPV4_OPT_PAD_REQUIRED);
316 /* Warn - we can keep going */
317 }
318
319 while (plen)
320 {
321 p->l3.vars.ip4.opt_cnt++;
322
323 /* single byte options */
324 if (*pkt == IPV4_OPT_EOL) {
325 /** \todo What if more data exist after EOL (possible covert channel or data leakage)? */
326 SCLogDebug("IPV4OPT %" PRIu8 " len 1 @ %d/%d",
327 *pkt, (len - plen), (len - 1));
328 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_EOL;
329 break;
330 } else if (*pkt == IPV4_OPT_NOP) {
331 SCLogDebug("IPV4OPT %" PRIu8 " len 1 @ %d/%d",
332 *pkt, (len - plen), (len - 1));
333 pkt++;
334 plen--;
335
336 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_NOP;
337
338 /* multibyte options */
339 } else {
340 if (unlikely(plen < 2)) {
341 /** \todo What if padding is non-zero (possible covert channel or data leakage)? */
342 /** \todo Spec seems to indicate EOL required if there is padding */
343 ENGINE_SET_EVENT(p,IPV4_OPT_EOL_REQUIRED);
344 break;
345 }
346
347 /* Option length is too big for packet */
348 if (unlikely(*(pkt+1) > plen)) {
349 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
350 return -1;
351 }
352
353 IPV4Opt opt = {*pkt, *(pkt+1), plen > 2 ? (pkt + 2) : NULL };
354
355 /* we already know that the total options len is valid,
356 * so here the len of the specific option must be bad.
357 * Also check for invalid lengths 0 and 1. */
358 if (unlikely(opt.len > plen || opt.len < 2)) {
359 ENGINE_SET_INVALID_EVENT(p, IPV4_OPT_INVALID_LEN);
360 return -1;
361 }
362 /* we are parsing the most commonly used opts to prevent
363 * us from having to walk the opts list for these all the
364 * time. */
365 /** \todo Figure out which IP options are more common and list them first */
366 switch (opt.type) {
367 case IPV4_OPT_TS:
368 if (opts->o_ts.type != 0) {
369 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
370 /* Warn - we can keep going */
371 } else if (IPV4OptValidateTimestamp(p, &opt) == 0) {
372 opts->o_ts = opt;
373 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_TS;
374 }
375 break;
376 case IPV4_OPT_RR:
377 if (opts->o_rr.type != 0) {
378 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
379 /* Warn - we can keep going */
380 } else if (IPV4OptValidateRoute(p, &opt) == 0) {
381 opts->o_rr = opt;
382 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_RR;
383 }
384 break;
385 case IPV4_OPT_QS:
386 if (opts->o_qs.type != 0) {
387 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
388 /* Warn - we can keep going */
389 } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
390 opts->o_qs = opt;
391 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_QS;
392 }
393 break;
394 case IPV4_OPT_SEC:
395 if (opts->o_sec.type != 0) {
396 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
397 /* Warn - we can keep going */
398 } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
399 opts->o_sec = opt;
400 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_SEC;
401 }
402 break;
403 case IPV4_OPT_LSRR:
404 if (opts->o_lsrr.type != 0) {
405 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
406 /* Warn - we can keep going */
407 } else if (IPV4OptValidateRoute(p, &opt) == 0) {
408 opts->o_lsrr = opt;
409 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_LSRR;
410 }
411 break;
412 case IPV4_OPT_ESEC:
413 if (opts->o_esec.type != 0) {
414 ENGINE_SET_EVENT(p, IPV4_OPT_DUPLICATE);
415 /* Warn - we can keep going */
416 } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
417 opts->o_esec = opt;
418 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_ESEC;
419 }
420 break;
421 case IPV4_OPT_CIPSO:
422 if (opts->o_cipso.type != 0) {
423 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
424 /* Warn - we can keep going */
425 } else if (IPV4OptValidateCIPSO(p, &opt) == 0) {
426 opts->o_cipso = opt;
427 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_CIPSO;
428 }
429 break;
430 case IPV4_OPT_SID:
431 if (opts->o_sid.type != 0) {
432 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
433 /* Warn - we can keep going */
434 } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
435 opts->o_sid = opt;
436 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_SID;
437 }
438 break;
439 case IPV4_OPT_SSRR:
440 if (opts->o_ssrr.type != 0) {
441 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
442 /* Warn - we can keep going */
443 } else if (IPV4OptValidateRoute(p, &opt) == 0) {
444 opts->o_ssrr = opt;
445 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_SSRR;
446 }
447 break;
448 case IPV4_OPT_RTRALT:
449 if (opts->o_rtralt.type != 0) {
450 ENGINE_SET_EVENT(p,IPV4_OPT_DUPLICATE);
451 /* Warn - we can keep going */
452 } else if (IPV4OptValidateGeneric(p, &opt) == 0) {
453 opts->o_rtralt = opt;
454 p->l3.vars.ip4.opts_set |= IPV4_OPT_FLAG_RTRALT;
455 }
456 break;
457 default:
458 SCLogDebug("IPV4OPT <unknown> (%" PRIu8 ") len %" PRIu8,
459 opt.type, opt.len);
460 ENGINE_SET_EVENT(p,IPV4_OPT_INVALID);
461 /* Warn - we can keep going */
462 break;
463 }
464
465 pkt += opt.len;
466 plen -= opt.len;
467 }
468 }
469
470 return 0;
471}
472
473static const IPV4Hdr *DecodeIPV4Packet(Packet *p, const uint8_t *pkt, uint16_t len)
474{
475 if (unlikely(len < IPV4_HEADER_LEN)) {
476 ENGINE_SET_INVALID_EVENT(p, IPV4_PKT_TOO_SMALL);
477 return NULL;
478 }
479
480 if (unlikely(IP_GET_RAW_VER(pkt) != 4)) {
481 SCLogDebug("wrong ip version %d",IP_GET_RAW_VER(pkt));
482 ENGINE_SET_INVALID_EVENT(p, IPV4_WRONG_IP_VER);
483 return NULL;
484 }
485
486 const IPV4Hdr *ip4h = PacketSetIPV4(p, pkt);
487
488 if (unlikely(IPV4_GET_RAW_HLEN(ip4h) < IPV4_HEADER_LEN)) {
489 ENGINE_SET_INVALID_EVENT(p, IPV4_HLEN_TOO_SMALL);
490 return NULL;
491 }
492
493 if (unlikely(IPV4_GET_RAW_IPLEN(ip4h) < IPV4_GET_RAW_HLEN(ip4h))) {
494 ENGINE_SET_INVALID_EVENT(p, IPV4_IPLEN_SMALLER_THAN_HLEN);
495 return NULL;
496 }
497
498 if (unlikely(len < IPV4_GET_RAW_IPLEN(ip4h))) {
499 ENGINE_SET_INVALID_EVENT(p, IPV4_TRUNC_PKT);
500 return NULL;
501 }
502
503 /* set the address struct */
504 SET_IPV4_SRC_ADDR(ip4h, &p->src);
505 SET_IPV4_DST_ADDR(ip4h, &p->dst);
506
507 /* save the options len */
508 uint8_t ip_opt_len = IPV4_GET_RAW_HLEN(ip4h) - IPV4_HEADER_LEN;
509 if (ip_opt_len > 0) {
510 IPV4Options opts;
511 memset(&opts, 0x00, sizeof(opts));
512 if (DecodeIPV4Options(p, pkt + IPV4_HEADER_LEN, ip_opt_len, &opts) < 0) {
513 return NULL;
514 }
515 }
516
517 return ip4h;
518}
519
520int DecodeIPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
521 const uint8_t *pkt, uint16_t len)
522{
523 StatsIncr(tv, dtv->counter_ipv4);
524
525 SCLogDebug("pkt %p len %"PRIu16"", pkt, len);
526
527 if (!PacketIncreaseCheckLayers(p)) {
528 return TM_ECODE_FAILED;
529 }
530 /* do the actual decoding */
531 const IPV4Hdr *ip4h = DecodeIPV4Packet(p, pkt, len);
532 if (unlikely(ip4h == NULL)) {
533 SCLogDebug("decoding IPv4 packet failed");
534 PacketClearL3(p);
535 return TM_ECODE_FAILED;
536 }
537 p->proto = IPV4_GET_RAW_IPPROTO(ip4h);
538
539 /* If a fragment, pass off for re-assembly. */
540 if (unlikely(IPV4_GET_RAW_FRAGOFFSET(ip4h) > 0 || IPV4_GET_RAW_FLAG_MF(ip4h))) {
541 Packet *rp = Defrag(tv, dtv, p);
542 if (rp != NULL) {
543 PacketEnqueueNoLock(&tv->decode_pq, rp);
544 }
545 p->flags |= PKT_IS_FRAGMENT;
546 return TM_ECODE_OK;
547 }
548
549 /* do hdr test, process hdr rules */
550
551#ifdef DEBUG
552 if (SCLogDebugEnabled()) { /* only convert the addresses if debug is really enabled */
553 /* debug print */
554 char s[16], d[16];
555 PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), s, sizeof(s));
556 PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), d, sizeof(d));
557 SCLogDebug("IPV4 %s->%s PROTO: %" PRIu32 " OFFSET: %" PRIu32 " RF: %" PRIu8 " DF: %" PRIu8
558 " MF: %" PRIu8 " ID: %" PRIu32 "",
559 s, d, IPV4_GET_RAW_IPPROTO(ip4h), IPV4_GET_RAW_IPOFFSET(ip4h),
560 IPV4_GET_RAW_FLAG_RF(ip4h), IPV4_GET_RAW_FLAG_DF(ip4h), IPV4_GET_RAW_FLAG_MF(ip4h),
561 IPV4_GET_RAW_IPID(ip4h));
562 }
563#endif /* DEBUG */
564
565 const uint8_t *data = pkt + IPV4_GET_RAW_HLEN(ip4h);
566 const uint16_t data_len = IPV4_GET_RAW_IPLEN(ip4h) - IPV4_GET_RAW_HLEN(ip4h);
567
568 /* check what next decoder to invoke */
569 switch (p->proto) {
570 case IPPROTO_TCP:
571 DecodeTCP(tv, dtv, p, data, data_len);
572 break;
573 case IPPROTO_UDP:
574 DecodeUDP(tv, dtv, p, data, data_len);
575 break;
576 case IPPROTO_ICMP:
577 DecodeICMPV4(tv, dtv, p, data, data_len);
578 break;
579 case IPPROTO_GRE:
580 DecodeGRE(tv, dtv, p, data, data_len);
581 break;
582 case IPPROTO_SCTP:
583 DecodeSCTP(tv, dtv, p, data, data_len);
584 break;
585 case IPPROTO_ESP:
586 DecodeESP(tv, dtv, p, data, data_len);
587 break;
588 case IPPROTO_IPV6: {
589 /* spawn off tunnel packet */
590 Packet *tp = PacketTunnelPktSetup(tv, dtv, p, data, data_len, DECODE_TUNNEL_IPV6);
591 if (tp != NULL) {
592 PKT_SET_SRC(tp, PKT_SRC_DECODER_IPV4);
593 PacketEnqueueNoLock(&tv->decode_pq, tp);
594 StatsIncr(tv, dtv->counter_ipv6inipv4);
595 }
596 FlowSetupPacket(p);
597 break;
598 }
599 case IPPROTO_IPIP: {
600 /* spawn off tunnel packet */
601 Packet *tp = PacketTunnelPktSetup(tv, dtv, p, data, data_len, DECODE_TUNNEL_IPV4);
602 if (tp != NULL) {
603 PKT_SET_SRC(tp, PKT_SRC_DECODER_IPV4);
604 PacketEnqueueNoLock(&tv->decode_pq, tp);
605 StatsIncr(tv, dtv->counter_ipv4inipv4);
606 }
607 FlowSetupPacket(p);
608 break;
609 }
610 case IPPROTO_IP:
611 /* check PPP VJ uncompressed packets and decode tcp dummy */
612 if (p->flags & PKT_PPP_VJ_UCOMP) {
613 DecodeTCP(tv, dtv, p, data, data_len);
614 }
615 break;
616 case IPPROTO_ICMPV6:
617 ENGINE_SET_INVALID_EVENT(p, IPV4_WITH_ICMPV6);
618 break;
619 }
620
621 return TM_ECODE_OK;
622}
623
624/* UNITTESTS */
625#ifdef UNITTESTS
626#include "packet.h"
627
628/** \test IPV4 with no options. */
629static int DecodeIPV4OptionsNONETest01(void)
630{
631 uint8_t raw_opts[] = { };
632 Packet *p = PacketGetFromAlloc();
633 FAIL_IF(unlikely(p == NULL));
634
635 IPV4Options opts;
636 memset(&opts, 0x00, sizeof(opts));
637 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
638 FAIL_IF(p->flags & PKT_IS_INVALID);
639
640 SCFree(p);
641 PASS;
642}
643
644/** \test IPV4 with EOL option. */
645static int DecodeIPV4OptionsEOLTest01(void)
646{
647 uint8_t raw_opts[] = {
648 IPV4_OPT_EOL, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
649 };
650 Packet *p = PacketGetFromAlloc();
651 FAIL_IF(unlikely(p == NULL));
652 IPV4Options opts;
653 memset(&opts, 0x00, sizeof(opts));
654 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
655 FAIL_IF(p->flags & PKT_IS_INVALID);
656 SCFree(p);
657 PASS;
658}
659
660/** \test IPV4 with NOP option. */
661static int DecodeIPV4OptionsNOPTest01(void)
662{
663 uint8_t raw_opts[] = {
664 IPV4_OPT_NOP, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
665 };
666 Packet *p = PacketGetFromAlloc();
667 FAIL_IF(unlikely(p == NULL));
668 IPV4Options opts;
669 memset(&opts, 0x00, sizeof(opts));
670 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
671 FAIL_IF(p->flags & PKT_IS_INVALID);
672 SCFree(p);
673 PASS;
674}
675
676/** \test IPV4 with RR option. */
677static int DecodeIPV4OptionsRRTest01(void)
678{
679 uint8_t raw_opts[] = {
680 IPV4_OPT_RR, 0x27, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
681 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
682 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
683 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
684 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
685 };
686 Packet *p = PacketGetFromAlloc();
687 FAIL_IF(unlikely(p == NULL));
688
689 IPV4Options opts;
690 memset(&opts, 0x00, sizeof(opts));
691 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
692 FAIL_IF(p->flags & PKT_IS_INVALID);
693 FAIL_IF(opts.o_rr.type != IPV4_OPT_RR);
694 SCFree(p);
695 PASS;
696}
697
698/** \test IPV4 with RR option (len too large). */
699static int DecodeIPV4OptionsRRTest02(void)
700{
701 uint8_t raw_opts[] = {
702 IPV4_OPT_RR, 0xff, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
703 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
704 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
705 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
706 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
707 };
708 Packet *p = PacketGetFromAlloc();
709 FAIL_IF(unlikely(p == NULL));
710
711 IPV4Options opts;
712 memset(&opts, 0x00, sizeof(opts));
713 FAIL_IF(DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts) != -1);
714 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
715 FAIL_IF(opts.o_rr.type != 0);
716 SCFree(p);
717 PASS;
718}
719
720/** \test IPV4 with RR option (ptr too large). */
721static int DecodeIPV4OptionsRRTest03(void)
722{
723 uint8_t raw_opts[] = {
724 IPV4_OPT_RR, 0x27, 0xff, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
725 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
726 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
727 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
728 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
729 };
730 Packet *p = PacketGetFromAlloc();
731 FAIL_IF(unlikely(p == NULL));
732
733 IPV4Options opts;
734 memset(&opts, 0x00, sizeof(opts));
735 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
736 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
737 FAIL_IF(opts.o_rr.type != 0);
738 SCFree(p);
739 PASS;
740}
741
742/** \test IPV4 with RR option (ptr not in 4 byte increment). */
743static int DecodeIPV4OptionsRRTest04(void)
744{
745 uint8_t raw_opts[] = {
746 IPV4_OPT_RR, 0x27, 0x05, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
747 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
748 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
749 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
750 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
751 };
752 Packet *p = PacketGetFromAlloc();
753 FAIL_IF(unlikely(p == NULL));
754
755 IPV4Options opts;
756 memset(&opts, 0x00, sizeof(opts));
757 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
758 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
759 FAIL_IF(opts.o_rr.type != 0);
760 SCFree(p);
761 PASS;
762}
763
764/** \test IPV4 with QS option. */
765static int DecodeIPV4OptionsQSTest01(void)
766{
767 uint8_t raw_opts[] = {
768 IPV4_OPT_QS, 0x08, 0x0d, 0x00, 0xbe, 0xef, 0x00, 0x00
769 };
770 Packet *p = PacketGetFromAlloc();
771 FAIL_IF(unlikely(p == NULL));
772
773 IPV4Options opts;
774 memset(&opts, 0x00, sizeof(opts));
775 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
776 FAIL_IF(p->flags & PKT_IS_INVALID);
777 FAIL_IF(opts.o_qs.type != IPV4_OPT_QS);
778 SCFree(p);
779 PASS;
780}
781
782/** \test IPV4 with QS option (len too small) */
783static int DecodeIPV4OptionsQSTest02(void)
784{
785 uint8_t raw_opts[] = {
786 IPV4_OPT_QS, 0x07, 0x0d, 0x00, 0xbe, 0xef, 0x00, 0x00
787 };
788 Packet *p = PacketGetFromAlloc();
789 FAIL_IF(unlikely(p == NULL));
790
791 IPV4Options opts;
792 memset(&opts, 0x00, sizeof(opts));
793 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
794 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
795 FAIL_IF(opts.o_qs.type != 0);
796 SCFree(p);
797 PASS;
798}
799
800/** \test IPV4 with TS option. */
801static int DecodeIPV4OptionsTSTest01(void)
802{
803 uint8_t raw_opts[] = {
804 IPV4_OPT_TS, 0x24, 0x0d, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
805 0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
806 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
807 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
808 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
809 };
810 Packet *p = PacketGetFromAlloc();
811 FAIL_IF(unlikely(p == NULL));
812
813 IPV4Options opts;
814 memset(&opts, 0x00, sizeof(opts));
815 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
816 FAIL_IF(p->flags & PKT_IS_INVALID);
817 FAIL_IF(opts.o_ts.type != IPV4_OPT_TS);
818 SCFree(p);
819 PASS;
820}
821
822/** \test IPV4 with TS option (ptr too small). */
823static int DecodeIPV4OptionsTSTest02(void)
824{
825 uint8_t raw_opts[] = {
826 IPV4_OPT_TS, 0x24, 0x04, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
827 0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
828 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
829 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
830 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
831 };
832 Packet *p = PacketGetFromAlloc();
833 FAIL_IF(unlikely(p == NULL));
834
835 IPV4Options opts;
836 memset(&opts, 0x00, sizeof(opts));
837 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
838 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
839 FAIL_IF(opts.o_ts.type != 0);
840 SCFree(p);
841 PASS;
842}
843
844/** \test IPV4 with TS option (ptr too large). */
845static int DecodeIPV4OptionsTSTest03(void)
846{
847 uint8_t raw_opts[] = {
848 IPV4_OPT_TS, 0x24, 0xff, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
849 0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
850 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
851 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
852 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
853 };
854 Packet *p = PacketGetFromAlloc();
855 FAIL_IF(unlikely(p == NULL));
856
857 IPV4Options opts;
858 memset(&opts, 0x00, sizeof(opts));
859 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
860 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
861 FAIL_IF(opts.o_ts.type != 0);
862 SCFree(p);
863 PASS;
864}
865
866/** \test IPV4 with TS option (ptr not valid). */
867static int DecodeIPV4OptionsTSTest04(void)
868{
869 uint8_t raw_opts[] = {
870 IPV4_OPT_TS, 0x24, 0x0a, 0x01, 0x0a, 0x0a, 0x0a, 0x69,
871 0x04, 0xce, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
872 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
873 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
874 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
875 };
876 Packet *p = PacketGetFromAlloc();
877 FAIL_IF(unlikely(p == NULL));
878
879 IPV4Options opts;
880 memset(&opts, 0x00, sizeof(opts));
881 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
882 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
883 FAIL_IF(opts.o_ts.type != 0);
884 SCFree(p);
885 PASS;
886}
887
888/** \test IPV4 with SEC option. */
889static int DecodeIPV4OptionsSECTest01(void)
890{
891 uint8_t raw_opts[] = {
892 IPV4_OPT_SEC, 0x0b, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00,
893 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
894 };
895 Packet *p = PacketGetFromAlloc();
896 FAIL_IF(unlikely(p == NULL));
897
898 IPV4Options opts;
899 memset(&opts, 0x00, sizeof(opts));
900 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
901 FAIL_IF(p->flags & PKT_IS_INVALID);
902 FAIL_IF(opts.o_sec.type != IPV4_OPT_SEC);
903 SCFree(p);
904 PASS;
905}
906
907/** \test IPV4 with SEC option (invalid length). */
908static int DecodeIPV4OptionsSECTest02(void)
909{
910 uint8_t raw_opts[] = { IPV4_OPT_SEC, 0x02, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
911 0x00, 0x00, 0x00, 0x00, 0x00 };
912 Packet *p = PacketGetFromAlloc();
913 FAIL_IF(unlikely(p == NULL));
914
915 IPV4Options opts;
916 memset(&opts, 0x00, sizeof(opts));
917 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
918 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
919 FAIL_IF(opts.o_sec.type != 0);
920 SCFree(p);
921 PASS;
922}
923
924/** \test IPV4 with ESEC option. */
925static int DecodeIPV4OptionsESECTest01(void)
926{
927 uint8_t raw_opts[] = { IPV4_OPT_ESEC, 0x0b, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
928 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
929 Packet *p = PacketGetFromAlloc();
930 FAIL_IF(unlikely(p == NULL));
931
932 IPV4Options opts;
933 memset(&opts, 0x00, sizeof(opts));
934 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
935 FAIL_IF(p->flags & PKT_IS_INVALID);
936 FAIL_IF(opts.o_esec.type != IPV4_OPT_ESEC);
937 SCFree(p);
938 PASS;
939}
940
941/** \test IPV4 with ESEC option (invalid length). */
942static int DecodeIPV4OptionsESECTest02(void)
943{
944 uint8_t raw_opts[] = { IPV4_OPT_ESEC, 0x02, 0xf1, 0x35, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
945 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
946 Packet *p = PacketGetFromAlloc();
947 FAIL_IF(unlikely(p == NULL));
948
949 IPV4Options opts;
950 memset(&opts, 0x00, sizeof(opts));
951 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
952 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
953 FAIL_IF(opts.o_esec.type != 0);
954 SCFree(p);
955 PASS;
956}
957
958/** \test IPV4 with LSRR option. */
959static int DecodeIPV4OptionsLSRRTest01(void)
960{
961 uint8_t raw_opts[] = {
962 IPV4_OPT_LSRR, 0x27, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
963 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
964 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
965 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
966 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
967 };
968 Packet *p = PacketGetFromAlloc();
969 FAIL_IF(unlikely(p == NULL));
970
971 IPV4Options opts;
972 memset(&opts, 0x00, sizeof(opts));
973 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
974 FAIL_IF(p->flags & PKT_IS_INVALID);
975 FAIL_IF(opts.o_lsrr.type != IPV4_OPT_LSRR);
976 SCFree(p);
977 PASS;
978}
979
980/** \test IPV4 with LSRR option (len too large). */
981static int DecodeIPV4OptionsLSRRTest02(void)
982{
983 uint8_t raw_opts[] = {
984 IPV4_OPT_LSRR, 0xff, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
985 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
986 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
987 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
988 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
989 };
990 Packet *p = PacketGetFromAlloc();
991 FAIL_IF(unlikely(p == NULL));
992
993 IPV4Options opts;
994 memset(&opts, 0x00, sizeof(opts));
995 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
996 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
997 FAIL_IF(opts.o_lsrr.type != 0);
998 SCFree(p);
999 PASS;
1000}
1001
1002/** \test IPV4 with LSRR option (ptr too large). */
1003static int DecodeIPV4OptionsLSRRTest03(void)
1004{
1005 uint8_t raw_opts[] = {
1006 IPV4_OPT_LSRR, 0x27, 0xff, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1007 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1008 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1009 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1010 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1011 };
1012 Packet *p = PacketGetFromAlloc();
1013 FAIL_IF(unlikely(p == NULL));
1014
1015 IPV4Options opts;
1016 memset(&opts, 0x00, sizeof(opts));
1017 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1018 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1019 FAIL_IF(opts.o_lsrr.type != 0);
1020 SCFree(p);
1021 PASS;
1022}
1023
1024/** \test IPV4 with LSRR option (ptr not in 4 byte increment). */
1025static int DecodeIPV4OptionsLSRRTest04(void)
1026{
1027 uint8_t raw_opts[] = {
1028 IPV4_OPT_LSRR, 0x27, 0x05, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1029 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1030 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1031 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1032 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1033 };
1034 Packet *p = PacketGetFromAlloc();
1035 FAIL_IF(unlikely(p == NULL));
1036
1037 IPV4Options opts;
1038 memset(&opts, 0x00, sizeof(opts));
1039 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1040 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1041 FAIL_IF(opts.o_lsrr.type != 0);
1042 SCFree(p);
1043 PASS;
1044}
1045
1046/** \test IPV4 with CIPSO option. */
1047static int DecodeIPV4OptionsCIPSOTest01(void)
1048{
1049 uint8_t raw_opts[] = {
1050 IPV4_OPT_CIPSO, 0x18, 0x00, 0x00, 0x00, 0x05, 0x05, 0x12,
1051 0x00, 0x03, 0x00, 0xef, 0x00, 0xef, 0x00, 0x06,
1052 0x00, 0x04, 0x00, 0x02, 0x00, 0x02, 0x00, 0x00
1053 };
1054 Packet *p = PacketGetFromAlloc();
1055 FAIL_IF(unlikely(p == NULL));
1056
1057 IPV4Options opts;
1058 memset(&opts, 0x00, sizeof(opts));
1059 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1060 FAIL_IF(p->flags & PKT_IS_INVALID);
1061 FAIL_IF(opts.o_cipso.type != IPV4_OPT_CIPSO);
1062 SCFree(p);
1063 PASS;
1064}
1065
1066/** \test IPV4 with SID option. */
1067static int DecodeIPV4OptionsSIDTest01(void)
1068{
1069 uint8_t raw_opts[] = {
1070 IPV4_OPT_SID, 0x04, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1071 };
1072 Packet *p = PacketGetFromAlloc();
1073 FAIL_IF(unlikely(p == NULL));
1074
1075 IPV4Options opts;
1076 memset(&opts, 0x00, sizeof(opts));
1077 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1078 FAIL_IF(p->flags & PKT_IS_INVALID);
1079 FAIL_IF(opts.o_sid.type != IPV4_OPT_SID);
1080 SCFree(p);
1081 PASS;
1082}
1083
1084/** \test IPV4 with SID option (len invalid. */
1085static int DecodeIPV4OptionsSIDTest02(void)
1086{
1087 uint8_t raw_opts[] = {
1088 IPV4_OPT_SID, 0x05, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1089 };
1090 Packet *p = PacketGetFromAlloc();
1091 FAIL_IF(unlikely(p == NULL));
1092
1093 IPV4Options opts;
1094 memset(&opts, 0x00, sizeof(opts));
1095 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1096 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1097 FAIL_IF(opts.o_sid.type != 0);
1098 SCFree(p);
1099 PASS;
1100}
1101
1102/** \test IPV4 with SSRR option. */
1103static int DecodeIPV4OptionsSSRRTest01(void)
1104{
1105 uint8_t raw_opts[] = {
1106 IPV4_OPT_SSRR, 0x27, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1107 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1109 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1110 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1111 };
1112 Packet *p = PacketGetFromAlloc();
1113 FAIL_IF(unlikely(p == NULL));
1114
1115 IPV4Options opts;
1116 memset(&opts, 0x00, sizeof(opts));
1117 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1118 FAIL_IF(p->flags & PKT_IS_INVALID);
1119 FAIL_IF(opts.o_ssrr.type != IPV4_OPT_SSRR);
1120 SCFree(p);
1121 PASS;
1122}
1123
1124/** \test IPV4 with SSRR option (len too large). */
1125static int DecodeIPV4OptionsSSRRTest02(void)
1126{
1127 uint8_t raw_opts[] = {
1128 IPV4_OPT_SSRR, 0xff, 0x08, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1129 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1130 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1131 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1132 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1133 };
1134 Packet *p = PacketGetFromAlloc();
1135 FAIL_IF(unlikely(p == NULL));
1136
1137 IPV4Options opts;
1138 memset(&opts, 0x00, sizeof(opts));
1139 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1140 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1141 FAIL_IF(opts.o_ssrr.type != 0);
1142 SCFree(p);
1143 PASS;
1144}
1145
1146/** \test IPV4 with SSRR option (ptr too large). */
1147static int DecodeIPV4OptionsSSRRTest03(void)
1148{
1149 uint8_t raw_opts[] = {
1150 IPV4_OPT_SSRR, 0x27, 0xff, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1151 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1152 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1153 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1154 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1155 };
1156 Packet *p = PacketGetFromAlloc();
1157 FAIL_IF(unlikely(p == NULL));
1158
1159 IPV4Options opts;
1160 memset(&opts, 0x00, sizeof(opts));
1161 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1162 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1163 FAIL_IF(opts.o_ssrr.type != 0);
1164 SCFree(p);
1165 PASS;
1166}
1167
1168/** \test IPV4 with SSRR option (ptr not in 4 byte increment). */
1169static int DecodeIPV4OptionsSSRRTest04(void)
1170{
1171 uint8_t raw_opts[] = {
1172 IPV4_OPT_SSRR, 0x27, 0x05, 0xc0, 0xa8, 0x2a, 0x64, 0x00,
1173 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1174 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1175 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1176 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1177 };
1178 Packet *p = PacketGetFromAlloc();
1179 FAIL_IF(unlikely(p == NULL));
1180
1181 IPV4Options opts;
1182 memset(&opts, 0x00, sizeof(opts));
1183 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1184 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1185 FAIL_IF(opts.o_ssrr.type != 0);
1186 SCFree(p);
1187 PASS;
1188}
1189
1190/** \test IPV4 with RTRALT option. */
1191static int DecodeIPV4OptionsRTRALTTest01(void)
1192{
1193 uint8_t raw_opts[] = {
1194 IPV4_OPT_RTRALT, 0x04, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1195 };
1196 Packet *p = PacketGetFromAlloc();
1197 FAIL_IF(unlikely(p == NULL));
1198
1199 IPV4Options opts;
1200 memset(&opts, 0x00, sizeof(opts));
1201 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1202 FAIL_IF(p->flags & PKT_IS_INVALID);
1203 FAIL_IF(opts.o_rtralt.type != IPV4_OPT_RTRALT);
1204 SCFree(p);
1205 PASS;
1206}
1207
1208/** \test IPV4 with RTRALT option (len invalid. */
1209static int DecodeIPV4OptionsRTRALTTest02(void)
1210{
1211 uint8_t raw_opts[] = {
1212 IPV4_OPT_RTRALT, 0x05, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00
1213 };
1214 Packet *p = PacketGetFromAlloc();
1215 FAIL_IF(unlikely(p == NULL));
1216
1217 IPV4Options opts;
1218 memset(&opts, 0x00, sizeof(opts));
1219 DecodeIPV4Options(p, raw_opts, sizeof(raw_opts), &opts);
1220 FAIL_IF((p->flags & PKT_IS_INVALID) == 0);
1221 FAIL_IF(opts.o_rtralt.type != 0);
1222 SCFree(p);
1223 PASS;
1224}
1225
1226static int IPV4CalculateValidChecksumtest01(void)
1227{
1228 uint16_t csum = 0;
1229
1230 uint8_t raw_ipv4[] = {
1231 0x45, 0x00, 0x00, 0x54, 0x00, 0x00, 0x40, 0x00,
1232 0x40, 0x01, 0xb7, 0x52, 0xc0, 0xa8, 0x01, 0x03,
1233 0xc0, 0xa8, 0x01, 0x03};
1234
1235 csum = *( ((uint16_t *)raw_ipv4) + 5);
1236
1237 FAIL_IF(IPV4Checksum((uint16_t *)raw_ipv4, sizeof(raw_ipv4), csum) != 0);
1238 PASS;
1239}
1240
1241static int IPV4CalculateInvalidChecksumtest02(void)
1242{
1243 uint16_t csum = 0;
1244
1245 uint8_t raw_ipv4[] = {
1246 0x45, 0x00, 0x00, 0x54, 0x00, 0x00, 0x40, 0x00,
1247 0x40, 0x01, 0xb7, 0x52, 0xc0, 0xa8, 0x01, 0x03,
1248 0xc0, 0xa8, 0x01, 0x07};
1249
1250 csum = *( ((uint16_t *)raw_ipv4) + 5);
1251
1252 FAIL_IF(IPV4Checksum((uint16_t *)raw_ipv4, sizeof(raw_ipv4), csum) == 0);
1253 PASS;
1254}
1255
1256/**
1257 * \test IPV4 defrag and packet recursion level test
1258 */
1259static int DecodeIPV4DefragTest01(void)
1260{
1261 uint8_t pkt1[] = {
1262 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1263 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1264 0x00, 0x1c, 0xe9, 0xef, 0x20, 0x00, 0x40, 0x06,
1265 0x9a, 0xc8, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1266 0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1267 0x81, 0x5e
1268 };
1269 uint8_t pkt2[] = {
1270 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1271 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1272 0x00, 0x1c, 0xe9, 0xef, 0x20, 0x01, 0x40, 0x06,
1273 0x9a, 0xc7, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1274 0xe1, 0x0c, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1275 0x80, 0x00
1276 };
1277 uint8_t pkt3[] = {
1278 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1279 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1280 0x00, 0x18, 0xe9, 0xef, 0x00, 0x02, 0x40, 0x06,
1281 0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1282 0xe1, 0x0c, 0xb1, 0xa3, 0x00, 0x00
1283 };
1284 uint8_t tunnel_pkt[] = {
1285 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1286 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1287 0x00, 0x28, 0xe9, 0xef, 0x00, 0x00, 0x40, 0x06,
1288 0xba, 0xbc, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1289 0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1290 0x81, 0x5e, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1291 0x80, 0x00, 0xb1, 0xa3, 0x00, 0x00
1292 };
1293
1294 Packet *p = PacketGetFromAlloc();
1295 FAIL_IF_NULL(p);
1296 ThreadVars tv;
1297 DecodeThreadVars dtv;
1298
1299 memset(&tv, 0, sizeof(ThreadVars));
1300 memset(&dtv, 0, sizeof(DecodeThreadVars));
1301
1302 FlowInitConfig(FLOW_QUIET);
1303 DefragInit();
1304
1305 PacketCopyData(p, pkt1, sizeof(pkt1));
1306 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1307 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1308 FAIL_IF(PacketIsTCP(p));
1309 PacketRecycle(p);
1310
1311 PacketCopyData(p, pkt2, sizeof(pkt2));
1312 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1313 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1314 FAIL_IF(PacketIsTCP(p));
1315 PacketRecycle(p);
1316
1317 PacketCopyData(p, pkt3, sizeof(pkt3));
1318 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1319 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1320 FAIL_IF(PacketIsTCP(p));
1321 Packet *tp = PacketDequeueNoLock(&tv.decode_pq);
1322 FAIL_IF_NULL(tp);
1323 FAIL_IF(tp->recursion_level != p->recursion_level);
1324 FAIL_IF_NOT(PacketIsIPv4(tp));
1325 FAIL_IF_NOT(PacketIsTCP(tp));
1326 FAIL_IF(GET_PKT_LEN(tp) != sizeof(tunnel_pkt));
1327 FAIL_IF(memcmp(GET_PKT_DATA(tp), tunnel_pkt, sizeof(tunnel_pkt)) != 0);
1328 PacketRecycle(tp);
1329 SCFree(tp);
1330
1331 DefragDestroy();
1332 PacketRecycle(p);
1333 FlowShutdown();
1334 SCFree(p);
1335 PASS;
1336}
1337
1338/**
1339 * \test Don't send IPv4 fragments to the upper layer decoder and
1340 * and packet recursion level test.
1341 */
1342static int DecodeIPV4DefragTest02(void)
1343{
1344 uint8_t pkt1[] = {
1345 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1346 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1347 0x00, 0x24, 0xe9, 0xef, 0x20, 0x00, 0x40, 0x06,
1348 0x9a, 0xc8, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1349 0xe1, 0x0c,
1350 /* first frag */
1351 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1352 0x81, 0x5e, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1353 0x80, 0x00,
1354 };
1355 uint8_t pkt2[] = {
1356 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1357 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1358 0x00, 0x2c, 0xe9, 0xef, 0x20, 0x02, 0x40, 0x06,
1359 0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1360 0xe1, 0x0c,
1361 /* second frag */
1362 0xb1, 0xa3, 0x00, 0x10, 0x5b, 0xa3, 0x81, 0x5e,
1363 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10, 0x80, 0x00,
1364 0xb1, 0xa3, 0x00, 0x10, 0x01, 0x02, 0x03, 0x04
1365 };
1366 uint8_t pkt3[] = {
1367 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1368 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1369 0x00, 0x16, 0xe9, 0xef, 0x00, 0x05, 0x40, 0x06,
1370 0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1371 0xe1, 0x0c,
1372 /* final frag */
1373 0xb1, 0xa3,
1374 };
1375
1376 uint8_t tunnel_pkt[] = {
1377 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1378 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1379 0x00, 0x3e, 0xe9, 0xef, 0x00, 0x00, 0x40, 0x06,
1380 0xba, 0xae, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1381 0xe1, 0x0c,
1382 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3, 0x81, 0x5e,
1383 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10, 0x80, 0x00,
1384 0xb1, 0xa3, 0x00, 0x10, 0x5b, 0xa3, 0x81, 0x5e,
1385 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10, 0x80, 0x00,
1386 0xb1, 0xa3, 0x00, 0x10, 0x01, 0x02, 0x03, 0x04,
1387 0xb1, 0xa3,
1388 };
1389
1390 Packet *p = PacketGetFromAlloc();
1391 FAIL_IF_NULL(p);
1392 ThreadVars tv;
1393 DecodeThreadVars dtv;
1394
1395 memset(&tv, 0, sizeof(ThreadVars));
1396 memset(&dtv, 0, sizeof(DecodeThreadVars));
1397
1398 FlowInitConfig(FLOW_QUIET);
1399 DefragInit();
1400
1401 PacketCopyData(p, pkt1, sizeof(pkt1));
1402 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1403 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1404 FAIL_IF(PacketIsTCP(p));
1405 PacketRecycle(p);
1406
1407 PacketCopyData(p, pkt2, sizeof(pkt2));
1408 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1409 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1410 FAIL_IF(PacketIsTCP(p));
1411 PacketRecycle(p);
1412
1413 p->recursion_level = 3;
1414 PacketCopyData(p, pkt3, sizeof(pkt3));
1415 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1416 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1417 FAIL_IF(PacketIsTCP(p));
1418 Packet *tp = PacketDequeueNoLock(&tv.decode_pq);
1419 FAIL_IF_NULL(tp);
1420 FAIL_IF(tp->recursion_level != p->recursion_level);
1421 FAIL_IF_NOT(PacketIsIPv4(tp));
1422 FAIL_IF_NOT(PacketIsTCP(tp));
1423 FAIL_IF(GET_PKT_LEN(tp) != sizeof(tunnel_pkt));
1424 FAIL_IF(memcmp(GET_PKT_DATA(tp), tunnel_pkt, sizeof(tunnel_pkt)) != 0);
1425 PacketRecycle(tp);
1426 SCFree(tp);
1427
1428 DefragDestroy();
1429 PacketRecycle(p);
1430 FlowShutdown();
1431 SCFree(p);
1432 PASS;
1433}
1434
1435/**
1436 * \test IPV4 defrag and flow retrieval test.
1437 */
1438static int DecodeIPV4DefragTest03(void)
1439{
1440 uint8_t pkt[] = {
1441 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1442 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1443 0x00, 0x28, 0xe9, 0xee, 0x00, 0x00, 0x40, 0x06,
1444 0xba, 0xbd, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1445 0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1446 0x81, 0x5d, 0x00, 0x00, 0x00, 0x00, 0x50, 0x02,
1447 0x80, 0x00, 0x0c, 0xee, 0x00, 0x00
1448 };
1449 uint8_t pkt1[] = {
1450 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1451 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1452 0x00, 0x1c, 0xe9, 0xef, 0x20, 0x00, 0x40, 0x06,
1453 0x9a, 0xc8, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1454 0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1455 0x81, 0x5e
1456 };
1457 uint8_t pkt2[] = {
1458 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1459 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1460 0x00, 0x1c, 0xe9, 0xef, 0x20, 0x01, 0x40, 0x06,
1461 0x9a, 0xc7, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1462 0xe1, 0x0c, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1463 0x80, 0x00
1464 };
1465 uint8_t pkt3[] = {
1466 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1467 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1468 0x00, 0x18, 0xe9, 0xef, 0x00, 0x02, 0x40, 0x06,
1469 0xba, 0xca, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1470 0xe1, 0x0c, 0xb1, 0xa3, 0x00, 0x00
1471 };
1472 uint8_t tunnel_pkt[] = {
1473 0x00, 0x50, 0x56, 0x00, 0x03, 0x05, 0xde, 0xad,
1474 0x01, 0xa3, 0xa2, 0x2f, 0x08, 0x00, 0x45, 0x00,
1475 0x00, 0x28, 0xe9, 0xef, 0x00, 0x00, 0x40, 0x06,
1476 0xba, 0xbc, 0x0a, 0x00, 0xe1, 0x17, 0x0a, 0x00,
1477 0xe1, 0x0c, 0x6e, 0x12, 0x01, 0xbd, 0x5b, 0xa3,
1478 0x81, 0x5e, 0xac, 0xb0, 0xae, 0x8a, 0x50, 0x10,
1479 0x80, 0x00, 0xb1, 0xa3, 0x00, 0x00
1480 };
1481
1482 Packet *p = PacketGetFromAlloc();
1483 FAIL_IF_NULL(p);
1484 ThreadVars tv;
1485 DecodeThreadVars dtv;
1486 memset(&tv, 0, sizeof(ThreadVars));
1487 memset(&dtv, 0, sizeof(DecodeThreadVars));
1488
1489 FlowInitConfig(FLOW_QUIET);
1490 DefragInit();
1491
1492 PacketCopyData(p, pkt, sizeof(pkt));
1493 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1494 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1495 FAIL_IF_NOT(PacketIsTCP(p));
1496 FAIL_IF(!(p->flags & PKT_WANTS_FLOW));
1497 PacketRecycle(p);
1498
1499 PacketCopyData(p, pkt1, sizeof(pkt1));
1500 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1501 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1502 FAIL_IF(PacketIsTCP(p));
1503 PacketRecycle(p);
1504
1505 PacketCopyData(p, pkt2, sizeof(pkt2));
1506 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1507 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1508 FAIL_IF(PacketIsTCP(p));
1509 PacketRecycle(p);
1510
1511 PacketCopyData(p, pkt3, sizeof(pkt3));
1512 DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
1513 GET_PKT_LEN(p) - ETHERNET_HEADER_LEN);
1514 FAIL_IF(PacketIsTCP(p));
1515
1516 Packet *tp = PacketDequeueNoLock(&tv.decode_pq);
1517 FAIL_IF_NULL(tp);
1518 FAIL_IF(!(tp->flags & PKT_WANTS_FLOW));
1519 FAIL_IF(tp->flow_hash != p->flow_hash);
1520 FAIL_IF(tp->recursion_level != p->recursion_level);
1521 FAIL_IF_NOT(PacketIsIPv4(tp));
1522 FAIL_IF_NOT(PacketIsTCP(tp));
1523 FAIL_IF(GET_PKT_LEN(tp) != sizeof(tunnel_pkt));
1524 FAIL_IF(memcmp(GET_PKT_DATA(tp), tunnel_pkt, sizeof(tunnel_pkt)) != 0);
1525 PacketRecycle(tp);
1526 SCFree(tp);
1527
1528 DefragDestroy();
1529 PacketRecycle(p);
1530 FlowShutdown();
1531 SCFree(p);
1532 PASS;
1533}
1534
1535/**
1536 */
1537static int DecodeEthernetTestIPv4Opt(void)
1538{
1539 uint8_t raw_eth[] = {
1540 0xae, 0x71, 0x00, 0x00, 0x00, 0x4b, 0x06, 0x90, 0x61, 0x02, 0x00, 0xcd, 0x88, 0x64, 0x11, 0x00,
1541 0x15, 0x00, 0x80, 0x64, 0x00, 0x21, 0x4c, 0x00, 0x00, 0x30, 0x42, 0xd6, 0xff, 0xff, 0xbd, 0x2f,
1542 0x02, 0x02, 0x00, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1543 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1544 0x01, 0x44, 0x05, 0x22, 0x02, 0x01
1545 };
1546
1547 DefragInit();
1548
1549 Packet *p = PacketGetFromAlloc();
1550 FAIL_IF_NULL(p);
1551 ThreadVars tv;
1552 DecodeThreadVars dtv;
1553
1554 memset(&dtv, 0, sizeof(DecodeThreadVars));
1555 memset(&tv, 0, sizeof(ThreadVars));
1556
1557 DecodeEthernet(&tv, &dtv, p, raw_eth, sizeof(raw_eth));
1558
1559 SCFree(p);
1560 DefragDestroy();
1561 PASS;
1562}
1563
1564#endif /* UNITTESTS */
1565
1566void DecodeIPV4RegisterTests(void)
1567{
1568#ifdef UNITTESTS
1569 UtRegisterTest("DecodeIPV4OptionsNONETest01", DecodeIPV4OptionsNONETest01);
1570 UtRegisterTest("DecodeIPV4OptionsEOLTest01", DecodeIPV4OptionsEOLTest01);
1571 UtRegisterTest("DecodeIPV4OptionsNOPTest01", DecodeIPV4OptionsNOPTest01);
1572 UtRegisterTest("DecodeIPV4OptionsRRTest01", DecodeIPV4OptionsRRTest01);
1573 UtRegisterTest("DecodeIPV4OptionsRRTest02", DecodeIPV4OptionsRRTest02);
1574 UtRegisterTest("DecodeIPV4OptionsRRTest03", DecodeIPV4OptionsRRTest03);
1575 UtRegisterTest("DecodeIPV4OptionsRRTest04", DecodeIPV4OptionsRRTest04);
1576 UtRegisterTest("DecodeIPV4OptionsQSTest01", DecodeIPV4OptionsQSTest01);
1577 UtRegisterTest("DecodeIPV4OptionsQSTest02", DecodeIPV4OptionsQSTest02);
1578 UtRegisterTest("DecodeIPV4OptionsTSTest01", DecodeIPV4OptionsTSTest01);
1579 UtRegisterTest("DecodeIPV4OptionsTSTest02", DecodeIPV4OptionsTSTest02);
1580 UtRegisterTest("DecodeIPV4OptionsTSTest03", DecodeIPV4OptionsTSTest03);
1581 UtRegisterTest("DecodeIPV4OptionsTSTest04", DecodeIPV4OptionsTSTest04);
1582 UtRegisterTest("DecodeIPV4OptionsSECTest01", DecodeIPV4OptionsSECTest01);
1583 UtRegisterTest("DecodeIPV4OptionsSECTest02", DecodeIPV4OptionsSECTest02);
1584 UtRegisterTest("DecodeIPV4OptionsESECTest01", DecodeIPV4OptionsESECTest01);
1585 UtRegisterTest("DecodeIPV4OptionsESECTest02", DecodeIPV4OptionsESECTest02);
1586 UtRegisterTest("DecodeIPV4OptionsLSRRTest01", DecodeIPV4OptionsLSRRTest01);
1587 UtRegisterTest("DecodeIPV4OptionsLSRRTest02", DecodeIPV4OptionsLSRRTest02);
1588 UtRegisterTest("DecodeIPV4OptionsLSRRTest03", DecodeIPV4OptionsLSRRTest03);
1589 UtRegisterTest("DecodeIPV4OptionsLSRRTest04", DecodeIPV4OptionsLSRRTest04);
1590 UtRegisterTest("DecodeIPV4OptionsCIPSOTest01",
1591 DecodeIPV4OptionsCIPSOTest01);
1592 UtRegisterTest("DecodeIPV4OptionsSIDTest01", DecodeIPV4OptionsSIDTest01);
1593 UtRegisterTest("DecodeIPV4OptionsSIDTest02", DecodeIPV4OptionsSIDTest02);
1594 UtRegisterTest("DecodeIPV4OptionsSSRRTest01", DecodeIPV4OptionsSSRRTest01);
1595 UtRegisterTest("DecodeIPV4OptionsSSRRTest02", DecodeIPV4OptionsSSRRTest02);
1596 UtRegisterTest("DecodeIPV4OptionsSSRRTest03", DecodeIPV4OptionsSSRRTest03);
1597 UtRegisterTest("DecodeIPV4OptionsSSRRTest04", DecodeIPV4OptionsSSRRTest04);
1598 UtRegisterTest("DecodeIPV4OptionsRTRALTTest01",
1599 DecodeIPV4OptionsRTRALTTest01);
1600 UtRegisterTest("DecodeIPV4OptionsRTRALTTest02",
1601 DecodeIPV4OptionsRTRALTTest02);
1602 UtRegisterTest("IPV4CalculateValidChecksumtest01",
1603 IPV4CalculateValidChecksumtest01);
1604 UtRegisterTest("IPV4CalculateInvalidChecksumtest02",
1605 IPV4CalculateInvalidChecksumtest02);
1606 UtRegisterTest("DecodeIPV4DefragTest01", DecodeIPV4DefragTest01);
1607 UtRegisterTest("DecodeIPV4DefragTest02", DecodeIPV4DefragTest02);
1608 UtRegisterTest("DecodeIPV4DefragTest03", DecodeIPV4DefragTest03);
1609 UtRegisterTest("DecodeEthernetTestIPv4Opt", DecodeEthernetTestIPv4Opt);
1610#endif /* UNITTESTS */
1611}
1612/**
1613 * @}
1614 */
len
uint8_t len
Definition app-layer-dnp3.h:2
StatsIncr
void StatsIncr(ThreadVars *tv, uint16_t id)
Increments the local counter.
Definition counters.c:166
DecodeESP
int DecodeESP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Function to decode IPSEC-ESP packets.
Definition decode-esp.c:64
DecodeEthernet
int DecodeEthernet(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Definition decode-ethernet.c:42
ETHERNET_HEADER_LEN
#define ETHERNET_HEADER_LEN
Definition decode-ethernet.h:27
IPV4_OPT_EOL_REQUIRED
@ IPV4_OPT_EOL_REQUIRED
Definition decode-events.h:44
IPV4_HLEN_TOO_SMALL
@ IPV4_HLEN_TOO_SMALL
Definition decode-events.h:35
IPV4_WITH_ICMPV6
@ IPV4_WITH_ICMPV6
Definition decode-events.h:48
IPV4_OPT_PAD_REQUIRED
@ IPV4_OPT_PAD_REQUIRED
Definition decode-events.h:43
IPV4_OPT_INVALID
@ IPV4_OPT_INVALID
Definition decode-events.h:40
IPV4_OPT_MALFORMED
@ IPV4_OPT_MALFORMED
Definition decode-events.h:42
IPV4_WRONG_IP_VER
@ IPV4_WRONG_IP_VER
Definition decode-events.h:47
IPV4_OPT_DUPLICATE
@ IPV4_OPT_DUPLICATE
Definition decode-events.h:45
IPV4_OPT_INVALID_LEN
@ IPV4_OPT_INVALID_LEN
Definition decode-events.h:41
IPV4_TRUNC_PKT
@ IPV4_TRUNC_PKT
Definition decode-events.h:37
IPV4_IPLEN_SMALLER_THAN_HLEN
@ IPV4_IPLEN_SMALLER_THAN_HLEN
Definition decode-events.h:36
IPV4_PKT_TOO_SMALL
@ IPV4_PKT_TOO_SMALL
Definition decode-events.h:34
IPV4_OPT_UNKNOWN
@ IPV4_OPT_UNKNOWN
Definition decode-events.h:46
DecodeGRE
int DecodeGRE(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Function to decode GRE packets.
Definition decode-gre.c:47
IPPROTO_GRE
#define IPPROTO_GRE
Definition decode-gre.h:30
DecodeICMPV4
int DecodeICMPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint32_t len)
Main ICMPv4 decoding function.
Definition decode-icmpv4.c:143
DecodeIPV4
int DecodeIPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition decode-ipv4.c:520
IPV4Options
struct IPV4Options_ IPV4Options
DecodeIPV4RegisterTests
void DecodeIPV4RegisterTests(void)
Definition decode-ipv4.c:1566
IPV4_OPT_FLAG_RR
#define IPV4_OPT_FLAG_RR
Definition decode-ipv4.h:118
IPV4_OPT_ESEC
#define IPV4_OPT_ESEC
Definition decode-ipv4.h:40
IPV4_OPT_SEC
#define IPV4_OPT_SEC
Definition decode-ipv4.h:38
IPV4_OPT_CIPSO_MIN
#define IPV4_OPT_CIPSO_MIN
Definition decode-ipv4.h:55
IPV4_OPT_FLAG_LSRR
#define IPV4_OPT_FLAG_LSRR
Definition decode-ipv4.h:121
IPV4_OPT_LSRR
#define IPV4_OPT_LSRR
Definition decode-ipv4.h:39
IPV4_OPT_SEC_MIN
#define IPV4_OPT_SEC_MIN
Definition decode-ipv4.h:51
IPV4_OPT_TS
#define IPV4_OPT_TS
Definition decode-ipv4.h:37
IPV4_GET_RAW_FRAGOFFSET
#define IPV4_GET_RAW_FRAGOFFSET(ip4h)
Definition decode-ipv4.h:101
IPV4_OPT_FLAG_QS
#define IPV4_OPT_FLAG_QS
Definition decode-ipv4.h:120
IPV4_OPT_FLAG_TS
#define IPV4_OPT_FLAG_TS
Definition decode-ipv4.h:119
IPV4_GET_RAW_FLAG_DF
#define IPV4_GET_RAW_FLAG_DF(ip4h)
Definition decode-ipv4.h:113
IPV4_GET_RAW_IPLEN
#define IPV4_GET_RAW_IPLEN(ip4h)
Definition decode-ipv4.h:98
IPV4_OPT_SSRR
#define IPV4_OPT_SSRR
Definition decode-ipv4.h:43
IPV4_OPT_RR
#define IPV4_OPT_RR
Definition decode-ipv4.h:35
IPV4_OPT_SID
#define IPV4_OPT_SID
Definition decode-ipv4.h:42
IPV4_OPT_FLAG_SEC
#define IPV4_OPT_FLAG_SEC
Definition decode-ipv4.h:124
IPV4_OPT_TS_MIN
#define IPV4_OPT_TS_MIN
Definition decode-ipv4.h:54
IPV4_OPT_CIPSO
#define IPV4_OPT_CIPSO
Definition decode-ipv4.h:41
IPV4_OPT_FLAG_CIPSO
#define IPV4_OPT_FLAG_CIPSO
Definition decode-ipv4.h:125
IPV4_HEADER_LEN
#define IPV4_HEADER_LEN
Definition decode-ipv4.h:28
IPV4_OPT_QS_MIN
#define IPV4_OPT_QS_MIN
Definition decode-ipv4.h:53
IPV4_GET_RAW_FLAG_RF
#define IPV4_GET_RAW_FLAG_RF(ip4h)
Definition decode-ipv4.h:114
IPV4_OPT_FLAG_EOL
#define IPV4_OPT_FLAG_EOL
Definition decode-ipv4.h:116
IPV4_OPT_RTRALT
#define IPV4_OPT_RTRALT
Definition decode-ipv4.h:44
IPV4_OPT_FLAG_ESEC
#define IPV4_OPT_FLAG_ESEC
Definition decode-ipv4.h:127
IPV4_OPT_SID_LEN
#define IPV4_OPT_SID_LEN
Definition decode-ipv4.h:47
IPV4_OPT_FLAG_SID
#define IPV4_OPT_FLAG_SID
Definition decode-ipv4.h:123
IPV4_GET_RAW_IPOFFSET
#define IPV4_GET_RAW_IPOFFSET(ip4h)
Definition decode-ipv4.h:100
IPV4_OPT_RTRALT_LEN
#define IPV4_OPT_RTRALT_LEN
Definition decode-ipv4.h:48
IPV4_OPT_EOL
#define IPV4_OPT_EOL
Definition decode-ipv4.h:33
IPV4_OPT_FLAG_SSRR
#define IPV4_OPT_FLAG_SSRR
Definition decode-ipv4.h:122
IPV4_GET_RAW_HLEN
#define IPV4_GET_RAW_HLEN(ip4h)
Definition decode-ipv4.h:96
IPV4_GET_RAW_FLAG_MF
#define IPV4_GET_RAW_FLAG_MF(ip4h)
Definition decode-ipv4.h:112
IPV4_OPT_FLAG_NOP
#define IPV4_OPT_FLAG_NOP
Definition decode-ipv4.h:117
IPV4_OPT_QS
#define IPV4_OPT_QS
Definition decode-ipv4.h:36
IPV4_GET_RAW_IPID
#define IPV4_GET_RAW_IPID(ip4h)
Definition decode-ipv4.h:99
IPV4_OPT_FLAG_RTRALT
#define IPV4_OPT_FLAG_RTRALT
Definition decode-ipv4.h:126
IPV4_OPT_ROUTE_MIN
#define IPV4_OPT_ROUTE_MIN
Definition decode-ipv4.h:52
IPV4_GET_RAW_IPPROTO
#define IPV4_GET_RAW_IPPROTO(ip4h)
Definition decode-ipv4.h:103
IPV4_OPT_NOP
#define IPV4_OPT_NOP
Definition decode-ipv4.h:34
DecodeSCTP
int DecodeSCTP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition decode-sctp.c:62
DecodeTCP
int DecodeTCP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition decode-tcp.c:273
DecodeUDP
int DecodeUDP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition decode-udp.c:75
tag
uint32_t tag
Definition decode-vntag.h:0
PKT_WANTS_FLOW
#define PKT_WANTS_FLOW
Definition decode.h:1296
GET_IPV4_SRC_ADDR_PTR
#define GET_IPV4_SRC_ADDR_PTR(p)
Definition decode.h:198
PKT_SET_SRC
#define PKT_SET_SRC(p, src_val)
Definition decode.h:1325
PKT_PPP_VJ_UCOMP
#define PKT_PPP_VJ_UCOMP
Definition decode.h:1249
GET_PKT_DATA
#define GET_PKT_DATA(p)
Definition decode.h:209
DECODE_TUNNEL_IPV6
@ DECODE_TUNNEL_IPV6
Definition decode.h:1107
DECODE_TUNNEL_IPV4
@ DECODE_TUNNEL_IPV4
Definition decode.h:1106
ENGINE_SET_INVALID_EVENT
#define ENGINE_SET_INVALID_EVENT(p, e)
Definition decode.h:1194
SET_IPV4_SRC_ADDR
#define SET_IPV4_SRC_ADDR(ip4h, a)
Definition decode.h:140
PKT_IS_INVALID
#define PKT_IS_INVALID
Definition decode.h:1291
IP_GET_RAW_VER
#define IP_GET_RAW_VER(pkt)
Definition decode.h:232
GET_PKT_LEN
#define GET_PKT_LEN(p)
Definition decode.h:208
SET_IPV4_DST_ADDR
#define SET_IPV4_DST_ADDR(ip4h, a)
Definition decode.h:149
ENGINE_SET_EVENT
#define ENGINE_SET_EVENT(p, e)
Definition decode.h:1186
PKT_IS_FRAGMENT
#define PKT_IS_FRAGMENT
Definition decode.h:1290
PKT_SRC_DECODER_IPV4
@ PKT_SRC_DECODER_IPV4
Definition decode.h:54
GET_IPV4_DST_ADDR_PTR
#define GET_IPV4_DST_ADDR_PTR(p)
Definition decode.h:199
IPPROTO_IPIP
#define IPPROTO_IPIP
Definition decode.h:1212
IPPROTO_SCTP
#define IPPROTO_SCTP
Definition decode.h:1228
DefragInit
void DefragInit(void)
Definition defrag.c:1109
Defrag
Packet * Defrag(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p)
Entry point for IPv4 and IPv6 fragments.
Definition defrag.c:1063
DefragDestroy
void DefragDestroy(void)
Definition defrag.c:1129
FlowSetupPacket
void FlowSetupPacket(Packet *p)
prepare packet for a life with flow Set PKT_WANTS_FLOW flag to indicate workers should do a flow look...
Definition flow-hash.c:533
FlowInitConfig
void FlowInitConfig(bool quiet)
initialize the configuration
Definition flow.c:547
FlowShutdown
void FlowShutdown(void)
shutdown the flow engine
Definition flow.c:691
FLOW_QUIET
#define FLOW_QUIET
Definition flow.h:43
dtv
DecodeThreadVars * dtv
Definition fuzz_decodepcapfile.c:33
tv
ThreadVars * tv
Definition fuzz_decodepcapfile.c:32
FAIL_IF_NULL
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
Definition util-unittest.h:89
UtRegisterTest
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
Definition util-unittest.c:103
FAIL_IF_NOT
#define FAIL_IF_NOT(expr)
Fail a test if expression evaluates to false.
Definition util-unittest.h:82
PASS
#define PASS
Pass the test.
Definition util-unittest.h:105
FAIL_IF
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
Definition util-unittest.h:71
PacketGetFromAlloc
Packet * PacketGetFromAlloc(void)
Get a malloced packet.
Definition decode.c:258
PacketCopyData
int PacketCopyData(Packet *p, const uint8_t *pktdata, uint32_t pktlen)
Copy data to Packet payload and set packet length.
Definition decode.c:377
PacketTunnelPktSetup
Packet * PacketTunnelPktSetup(ThreadVars *tv, DecodeThreadVars *dtv, Packet *parent, const uint8_t *pkt, uint32_t len, enum DecodeTunnelProto proto)
Setup a pseudo packet (tunnel)
Definition decode.c:393
PacketEnqueueNoLock
void PacketEnqueueNoLock(PacketQueueNoLock *qnl, Packet *p)
Definition packet-queue.c:168
PacketDequeueNoLock
Packet * PacketDequeueNoLock(PacketQueueNoLock *qnl)
Definition packet-queue.c:208
PacketRecycle
void PacketRecycle(Packet *p)
Definition packet.c:150
DecodeThreadVars_
Structure to hold thread specific data for all decode modules.
Definition decode.h:963
DecodeThreadVars_::counter_ipv4inipv4
uint16_t counter_ipv4inipv4
Definition decode.h:1010
DecodeThreadVars_::counter_ipv4
uint16_t counter_ipv4
Definition decode.h:979
DecodeThreadVars_::counter_ipv6inipv4
uint16_t counter_ipv6inipv4
Definition decode.h:1011
IPV4Hdr_
Definition decode-ipv4.h:72
IPV4Opt_
Definition decode-ipv4.h:61
IPV4Opt_::len
uint8_t len
Definition decode-ipv4.h:67
IPV4Opt_::data
const uint8_t * data
Definition decode-ipv4.h:68
IPV4Opt_::type
uint8_t type
Definition decode-ipv4.h:66
IPV4Options_
Definition decode-ipv4.c:280
IPV4Options_::o_cipso
IPV4Opt o_cipso
Definition decode-ipv4.c:287
IPV4Options_::o_esec
IPV4Opt o_esec
Definition decode-ipv4.c:286
IPV4Options_::o_rtralt
IPV4Opt o_rtralt
Definition decode-ipv4.c:290
IPV4Options_::o_lsrr
IPV4Opt o_lsrr
Definition decode-ipv4.c:285
IPV4Options_::o_sec
IPV4Opt o_sec
Definition decode-ipv4.c:284
IPV4Options_::o_rr
IPV4Opt o_rr
Definition decode-ipv4.c:281
IPV4Options_::o_qs
IPV4Opt o_qs
Definition decode-ipv4.c:282
IPV4Options_::o_sid
IPV4Opt o_sid
Definition decode-ipv4.c:288
IPV4Options_::o_ts
IPV4Opt o_ts
Definition decode-ipv4.c:283
IPV4Options_::o_ssrr
IPV4Opt o_ssrr
Definition decode-ipv4.c:289
IPV4Vars_::opt_cnt
uint16_t opt_cnt
Definition decode-ipv4.h:131
IPV4Vars_::opts_set
uint16_t opts_set
Definition decode-ipv4.h:132
PacketL3::vars
union PacketL3::@31 vars
PacketL3::ip4
IPV4Vars ip4
Definition decode.h:445
Packet_
Definition decode.h:501
Packet_::src
Address src
Definition decode.h:505
Packet_::recursion_level
uint8_t recursion_level
Definition decode.h:526
Packet_::l3
struct PacketL3 l3
Definition decode.h:600
Packet_::flow_hash
uint32_t flow_hash
Definition decode.h:550
Packet_::flags
uint32_t flags
Definition decode.h:544
Packet_::dst
Address dst
Definition decode.h:506
Packet_::proto
uint8_t proto
Definition decode.h:523
ThreadVars_
Per thread variable structure.
Definition threadvars.h:58
ThreadVars_::decode_pq
PacketQueueNoLock decode_pq
Definition threadvars.h:112
TM_ECODE_FAILED
@ TM_ECODE_FAILED
Definition tm-threads-common.h:82
TM_ECODE_OK
@ TM_ECODE_OK
Definition tm-threads-common.h:81
SCLogDebugEnabled
int SCLogDebugEnabled(void)
Returns whether debug messages are enabled to be logged or not.
Definition util-debug.c:767
SCLogDebug
#define SCLogDebug(...)
Definition util-debug.h:275
SCFree
#define SCFree(p)
Definition util-mem.h:61
unlikely
#define unlikely(expr)
Definition util-optimize.h:35
PrintInet
const char * PrintInet(int af, const void *src, char *dst, socklen_t size)
Definition util-print.c:231
offset
uint64_t offset
Definition util-streaming-buffer.h:0