On 02/25/2017 02:43 PM, Hailiang Zhang wrote:
Hi,
On 2017/2/25 11:32, Zhang Chen wrote:
Add packet minimum size check in colo_packet_compare_udp()
and colo_packet_compare_udp() like colo_packet_compare_icmp(),
rename function colo_packet_compare() to colo_packet_compare_common()
that we will reuse it later.
Signed-off-by: Zhang Chen <zhangchen.f...@cn.fujitsu.com>
---
net/colo-compare.c | 30 ++++++++++++++++++++++--------
1 file changed, 22 insertions(+), 8 deletions(-)
diff --git a/net/colo-compare.c b/net/colo-compare.c
index 300f017..e75f0ae 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -180,7 +180,7 @@ static int packet_enqueue(CompareState *s, int mode)
* return: 0 means packet same
* > 0 || < 0 means packet different
*/
-static int colo_packet_compare(Packet *ppkt, Packet *spkt)
+static int colo_packet_compare_common(Packet *ppkt, Packet *spkt)
{
trace_colo_compare_ip_info(ppkt->size,
inet_ntoa(ppkt->ip->ip_src),
inet_ntoa(ppkt->ip->ip_dst), spkt->size,
@@ -190,6 +190,7 @@ static int colo_packet_compare(Packet *ppkt,
Packet *spkt)
if (ppkt->size == spkt->size) {
return memcmp(ppkt->data, spkt->data, spkt->size);
} else {
+ trace_colo_compare_main("Net packet size are not the same");
return -1;
}
}
@@ -202,9 +203,10 @@ static int colo_packet_compare(Packet *ppkt,
Packet *spkt)
static int colo_packet_compare_tcp(Packet *spkt, Packet *ppkt)
{
struct tcphdr *ptcp, *stcp;
- int res;
+ int res, network_length;
trace_colo_compare_main("compare tcp");
+
if (ppkt->size != spkt->size) {
if (trace_event_get_state(TRACE_COLO_COMPARE_MISCOMPARE)) {
trace_colo_compare_main("pkt size not same");
@@ -212,6 +214,12 @@ static int colo_packet_compare_tcp(Packet *spkt,
Packet *ppkt)
return -1;
}
+ network_length = ppkt->ip->ip_hl * 4;
+ if (ppkt->size < network_length + ETH_HLEN) {
I think the check here is useless, because you have such check in
parse_packet_early() which is been called before these helpers.
And what check you need to add is, to check if the packet's size
= packet's length been record in ip header.
Like:
+++ b/net/colo.c
@@ -78,6 +78,12 @@ int parse_packet_early(Packet *pkt)
trace_colo_proxy_main("pkt->size < network_header +
network_length");
return 1;
}
+
+ if (pkt->size < ETH_HLEN + ntohs(pkt->ip->ip_len)) {
+ fprintf(stderr, "pkt->size %d < pkt expect total len %ld\n",
pkt->size,
+ pkt_MAChdr_len + ntohs(pkt->ip->ip_len));
+ return -1;
+ }
This check we also have done in parse_packet_early()
network_length = pkt->ip->ip_hl * 4;
if (pkt->size < l2hdr_len + network_length) {
trace_colo_proxy_main("pkt->size < network_header +
network_length");
return 1;
}
So, maybe I need remove my before change and the compare_icmp() check.
Thanks
Zhang Chen
+ trace_colo_compare_main("tcp packet size error");
+ return -1;
+ }
+
ptcp = (struct tcphdr *)ppkt->transport_header;
stcp = (struct tcphdr *)spkt->transport_header;
@@ -260,10 +268,16 @@ static int colo_packet_compare_tcp(Packet
*spkt, Packet *ppkt)
*/
static int colo_packet_compare_udp(Packet *spkt, Packet *ppkt)
{
- int ret;
+ int ret, network_length;
trace_colo_compare_main("compare udp");
- ret = colo_packet_compare(ppkt, spkt);
+ network_length = ppkt->ip->ip_hl * 4;
+ if (ppkt->size < network_length + ETH_HLEN) {
+ trace_colo_compare_main("udp packet size error");
+ return -1;
+ }
+
+ ret = colo_packet_compare_common(ppkt, spkt);
if (ret) {
trace_colo_compare_udp_miscompare("primary pkt size",
ppkt->size);
@@ -285,12 +299,12 @@ static int colo_packet_compare_icmp(Packet
*spkt, Packet *ppkt)
trace_colo_compare_main("compare icmp");
network_length = ppkt->ip->ip_hl * 4;
- if (ppkt->size != spkt->size ||
- ppkt->size < network_length + ETH_HLEN) {
+ if (ppkt->size < network_length + ETH_HLEN) {
+ trace_colo_compare_main("icmp packet size error");
return -1;
}
- if (colo_packet_compare(ppkt, spkt)) {
+ if (colo_packet_compare_common(ppkt, spkt)) {
trace_colo_compare_icmp_miscompare("primary pkt size",
ppkt->size);
qemu_hexdump((char *)ppkt->data, stderr, "colo-compare",
@@ -316,7 +330,7 @@ static int colo_packet_compare_other(Packet
*spkt, Packet *ppkt)
inet_ntoa(ppkt->ip->ip_dst), spkt->size,
inet_ntoa(spkt->ip->ip_src),
inet_ntoa(spkt->ip->ip_dst));
- return colo_packet_compare(ppkt, spkt);
+ return colo_packet_compare_common(ppkt, spkt);
}
static int colo_old_packet_check_one(Packet *pkt, int64_t *check_time)
.
--
Thanks
Zhang Chen