Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug The assertion assert(l2len > 0); in packet2tree() at tree.c is reachable when the user uses tcpprep to open a crafted pcap file. The variable l2len is assigned in get_l2len_protocol() at get.c.
assert(l2len > 0);
l2len
tcpreplay/src/tree.c
Lines 733 to 746 in 09f0774
However, when the datalink is DLT_RAW or DLT_JUNIPER_ETHER, l2len is assigned with 0, and the assertion is triggered.
datalink
DLT_RAW
DLT_JUNIPER_ETHER
tcpreplay/src/common/get.c
Lines 268 to 282 in 09f0774
To Reproduce Steps to reproduce the behavior:
$ tcpprep --auto=bridge --pcap=$POC --cachefile=/dev/null
Expected behavior Program reports assertion failure and is terminated.
Screenshots
The GDB report:
Breakpoint 6, packet2tree (data=0x7ffff7ef8010 "@", len=33, datalink=12) at ../../code/src/tree.c:733 733 res = get_l2len_protocol(data, (gdb) p datalink $8 = 12 (gdb) n 741 if (res == -1) (gdb) 744 node = new_tree(); (gdb) Breakpoint 1, packet2tree (data=0x7ffff7ef8010 "@", len=33, datalink=<optimized out>) at ../../code/src/tree.c:746 746 assert(l2len > 0); (gdb) p l2len $9 = 0 (gdb) c Continuing. tcpprep: ../../code/src/tree.c:746: tcpr_tree_t *packet2tree(const u_char *, const int, int): Assertion `l2len > 0' failed. Program received signal SIGABRT, Aborted. 0x00007ffff7194438 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54 54 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
System (please complete the following information):
The text was updated successfully, but these errors were encountered:
Unable to recreate. What is your ./configure command?
./configure
Here is my log:
$ ./configure --with-testnic=ens33 ... $ make ... $ src/tcpprep --auto=bridge --pcap=$POC --cachefile=/dev/null Fatal Error: Error opening file: invalid file capture length 264194, bigger than maximum of 262144
Sorry, something went wrong.
Closing as "Cannot reproduce" however I believe that whatever you are seeing may be fixed with #716.
Able to reproduce with #746 and to be fixed in 4.4.3.
fklassen
No branches or pull requests
Describe the bug
The assertion
assert(l2len > 0);in packet2tree() at tree.c is reachable when the user uses tcpprep to open a crafted pcap file.The variable
l2lenis assigned in get_l2len_protocol() at get.c.tcpreplay/src/tree.c
Lines 733 to 746 in 09f0774
However, when the
datalinkisDLT_RAWorDLT_JUNIPER_ETHER,l2lenis assigned with 0, and the assertion is triggered.tcpreplay/src/common/get.c
Lines 268 to 282 in 09f0774
To Reproduce
Steps to reproduce the behavior:
$ tcpprep --auto=bridge --pcap=$POC --cachefile=/dev/nullThe POC file could be downloaded here:
POC_file
Expected behavior
Program reports assertion failure and is terminated.
Screenshots

The GDB report:
System (please complete the following information):
The text was updated successfully, but these errors were encountered: