3rd-party/libtins
1
0
Fork 0
mirror of https://github.com/mfontanini/libtins synced 2026-01-29 21:14:28 +01:00
Code Issues Releases Wiki Activity

Port all PDUs to use InputMemoryStream on constructors from buffer

Browse Source
This commit is contained in:
Matias Fontanini
2015-12-25 06:30:27 -08:00
parent 13c05fbdb1
commit 9750f46c6d
23 changed files with 786 additions and 874 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
src/dot11/dot11_assoc.cpp
View File

@@ -32,29 +32,26 @@
#include <cassert>
#include <cstring>
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
/* Diassoc */
Dot11Disassoc::Dot11Disassoc(const address_type &dst_hw_addr,
const address_type &src_hw_addr)
: Dot11ManagementFrame(dst_hw_addr, src_hw_addr)
: Dot11ManagementFrame(dst_hw_addr, src_hw_addr), _body()
{
this->subtype(Dot11::DISASSOC);
memset(&_body, 0, sizeof(_body));
}
Dot11Disassoc::Dot11Disassoc(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz) {
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11Disassoc::reason_code(uint16_t new_reason_code) {
@@ -78,24 +75,18 @@ uint32_t Dot11Disassoc::write_fixed_parameters(uint8_t *buffer, uint32_t total_s
Dot11AssocRequest::Dot11AssocRequest(const address_type &dst_hw_addr,
const address_type &src_hw_addr)
: Dot11ManagementFrame(dst_hw_addr, src_hw_addr)
: Dot11ManagementFrame(dst_hw_addr, src_hw_addr), _body()
{
subtype(Dot11::ASSOC_REQ);
memset(&_body, 0, sizeof(_body));
}
Dot11AssocRequest::Dot11AssocRequest(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz)
{
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11AssocRequest::listen_interval(uint16_t new_listen_interval) {
@@ -128,15 +119,10 @@ Dot11AssocResponse::Dot11AssocResponse(const address_type &dst_hw_addr,
Dot11AssocResponse::Dot11AssocResponse(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz)
{
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11AssocResponse::status_code(uint16_t new_status_code) {
@@ -173,15 +159,10 @@ Dot11ReAssocRequest::Dot11ReAssocRequest(const address_type &dst_hw_addr,
Dot11ReAssocRequest::Dot11ReAssocRequest(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz)
{
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11ReAssocRequest::listen_interval(uint16_t new_listen_interval) {
@@ -217,15 +198,10 @@ Dot11ReAssocResponse::Dot11ReAssocResponse(const address_type &dst_hw_addr,
Dot11ReAssocResponse::Dot11ReAssocResponse(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz) {
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11ReAssocResponse::status_code(uint16_t new_status_code) {

29
src/dot11/dot11_auth.cpp
View File

@@ -32,6 +32,9 @@
#include <cassert>
#include <cstring>
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
/* Auth */
@@ -47,15 +50,10 @@ const address_type &src_hw_addr)
Dot11Authentication::Dot11Authentication(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz)
{
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11Authentication::auth_algorithm(uint16_t new_auth_algorithm) {
@@ -95,15 +93,10 @@ Dot11Deauthentication::Dot11Deauthentication(const address_type &dst_hw_addr,
Dot11Deauthentication::Dot11Deauthentication(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz) {
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11Deauthentication::reason_code(uint16_t new_reason_code) {

31
src/dot11/dot11_base.cpp
View File

@@ -54,14 +54,16 @@
#include "rsn_information.h"
#include "packet_sender.h"
#include "snap.h"
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
const Dot11::address_type Dot11::BROADCAST = "ff:ff:ff:ff:ff:ff";
Dot11::Dot11(const address_type &dst_hw_addr)
: _options_size(0)
: _header(), _options_size(0)
{
memset(&_header, 0, sizeof(ieee80211_header));
addr1(dst_hw_addr);
}
@@ -73,25 +75,20 @@ Dot11::Dot11(const ieee80211_header *header_ptr)
Dot11::Dot11(const uint8_t *buffer, uint32_t total_sz)
: _options_size(0)
{
if(total_sz < sizeof(_header))
throw malformed_packet();
std::memcpy(&_header, buffer, sizeof(_header));
InputMemoryStream stream(buffer, total_sz);
stream.read(_header);
}
void Dot11::parse_tagged_parameters(const uint8_t *buffer, uint32_t total_sz) {
if(total_sz > 0) {
uint8_t opcode, length;
while(total_sz >= 2) {
opcode = buffer[0];
length = buffer[1];
buffer += 2;
total_sz -= 2;
if(length > total_sz) {
void Dot11::parse_tagged_parameters(InputMemoryStream& stream) {
if (stream) {
while (stream.size() >= 2) {
OptionTypes opcode = static_cast<OptionTypes>(stream.read<uint8_t>());
uint8_t length = stream.read<uint8_t>();
if (!stream.can_read(length)) {
throw malformed_packet();
}
add_tagged_option((OptionTypes)opcode, length, buffer);
buffer += length;
total_sz -= length;
add_tagged_option(opcode, length, stream.pointer());
stream.skip(length);
}
}
}

16
src/dot11/dot11_beacon.cpp
View File

@@ -32,6 +32,9 @@
#include <cstring>
#include <cassert>
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
/* Dot11Beacon */
@@ -47,15 +50,10 @@ const address_type &src_hw_addr)
Dot11Beacon::Dot11Beacon(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz)
{
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
std::memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11Beacon::timestamp(uint64_t new_timestamp) {

52
src/dot11/dot11_control.cpp
View File

@@ -32,6 +32,9 @@
#include <cassert>
#include <cstring>
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
/* Dot11Control */
@@ -57,12 +60,9 @@ Dot11ControlTA::Dot11ControlTA(const address_type &dst_addr,
}
Dot11ControlTA::Dot11ControlTA(const uint8_t *buffer, uint32_t total_sz) : Dot11Control(buffer, total_sz) {
buffer += sizeof(ieee80211_header);
total_sz -= sizeof(ieee80211_header);
if(total_sz < sizeof(_taddr))
throw malformed_packet();
//std::memcpy(_taddr, buffer, sizeof(_taddr));
_taddr = buffer;
InputMemoryStream stream(buffer, total_sz);
stream.skip(sizeof(ieee80211_header));
stream.read(_taddr);
}
uint32_t Dot11ControlTA::header_size() const {
@@ -164,14 +164,10 @@ Dot11BlockAckRequest::Dot11BlockAckRequest(const address_type &dst_addr,
Dot11BlockAckRequest::Dot11BlockAckRequest(const uint8_t *buffer, uint32_t total_sz)
: Dot11ControlTA(buffer, total_sz)
{
uint32_t padding = controlta_size();
buffer += padding;
total_sz -= padding;
if(total_sz < sizeof(_bar_control) + sizeof(_start_sequence))
throw malformed_packet();
std::memcpy(&_bar_control, buffer, sizeof(_bar_control));
buffer += sizeof(_bar_control);
std::memcpy(&_start_sequence, buffer, sizeof(_start_sequence));
InputMemoryStream stream(buffer, total_sz);
stream.skip(controlta_size());
stream.read(_bar_control);
stream.read(_start_sequence);
}
void Dot11BlockAckRequest::init_block_ack() {
@@ -228,16 +224,11 @@ Dot11BlockAck::Dot11BlockAck(const address_type &dst_addr,
}
Dot11BlockAck::Dot11BlockAck(const uint8_t *buffer, uint32_t total_sz) : Dot11ControlTA(buffer, total_sz) {
uint32_t padding = controlta_size();
buffer += padding;
total_sz -= padding;
if(total_sz < sizeof(_bitmap) + sizeof(_bar_control) + sizeof(_start_sequence))
throw malformed_packet();
std::memcpy(&_bar_control, buffer, sizeof(_bar_control));
buffer += sizeof(_bar_control);
std::memcpy(&_start_sequence, buffer, sizeof(_start_sequence));
buffer += sizeof(_start_sequence);
std::memcpy(&_bitmap, buffer, sizeof(_bitmap));
InputMemoryStream stream(buffer, total_sz);
stream.skip(controlta_size());
stream.read(_bar_control);
stream.read(_start_sequence);
stream.read(_bitmap);
}
void Dot11BlockAck::bar_control(small_uint<4> bar) {
@@ -270,13 +261,12 @@ void Dot11BlockAck::bitmap(const uint8_t *bit) {
uint32_t Dot11BlockAck::write_ext_header(uint8_t *buffer, uint32_t total_sz) {
uint32_t parent_size = Dot11ControlTA::write_ext_header(buffer, total_sz);
buffer += parent_size;
std::memcpy(buffer, &_bar_control, sizeof(_bar_control));
buffer += sizeof(_bar_control);
std::memcpy(buffer, &_start_sequence, sizeof(_start_sequence));
buffer += sizeof(_start_sequence);
std::memcpy(buffer, _bitmap, sizeof(_bitmap));
return parent_size + sizeof(_bitmap) + sizeof(_bar_control) + sizeof(_start_sequence);
InputMemoryStream stream(buffer, total_sz);
stream.skip(parent_size);
stream.read(_bar_control);
stream.read(_start_sequence);
stream.read(_bitmap);
return total_sz - stream.size();
}
uint32_t Dot11BlockAck::header_size() const {

64
src/dot11/dot11_data.cpp
View File

@@ -34,6 +34,9 @@
#include <cassert>
#include "rawpdu.h"
#include "snap.h"
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
/* Dot11Data */
@@ -42,14 +45,16 @@ Dot11Data::Dot11Data(const uint8_t *buffer, uint32_t total_sz)
: Dot11(buffer, total_sz)
{
const uint32_t offset = init(buffer, total_sz);
buffer += offset;
total_sz -= offset;
if(total_sz) {
InputMemoryStream stream(buffer, total_sz);
stream.skip(offset);
if (stream) {
// If the wep bit is on, then just use a RawPDU
if(wep())
inner_pdu(new Tins::RawPDU(buffer, total_sz));
else
inner_pdu(new Tins::SNAP(buffer, total_sz));
if(wep()) {
inner_pdu(new Tins::RawPDU(stream.pointer(), stream.size()));
}
else {
inner_pdu(new Tins::SNAP(stream.pointer(), stream.size()));
}
}
}
@@ -60,23 +65,13 @@ Dot11Data::Dot11Data(const uint8_t *buffer, uint32_t total_sz, no_inner_pdu)
}
uint32_t Dot11Data::init(const uint8_t *buffer, uint32_t total_sz) {
const uint8_t *start_ptr = buffer;
uint32_t sz = Dot11::header_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_ext_header))
throw malformed_packet();
std::memcpy(&_ext_header, buffer, sizeof(_ext_header));
buffer += sizeof(_ext_header);
total_sz -= sizeof(_ext_header);
if(from_ds() && to_ds()) {
if(total_sz < _addr4.size())
throw malformed_packet();
_addr4 = buffer;
buffer += _addr4.size();
total_sz -= static_cast<uint32_t>(_addr4.size());
InputMemoryStream stream(buffer, total_sz);
stream.skip(Dot11::header_size());
stream.read(_ext_header);
if (from_ds() && to_ds()) {
stream.read(_addr4);
}
return static_cast<uint32_t>(buffer - start_ptr);
return total_sz - stream.size();
}
Dot11Data::Dot11Data(const address_type &dst_hw_addr,
@@ -148,20 +143,17 @@ Dot11QoSData::Dot11QoSData(const address_type &dst_hw_addr,
Dot11QoSData::Dot11QoSData(const uint8_t *buffer, uint32_t total_sz)
// Am I breaking something? :S
: Dot11Data(buffer, total_sz, no_inner_pdu()) {
uint32_t sz = data_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_qos_control))
throw malformed_packet();
std::memcpy(&_qos_control, buffer, sizeof(uint16_t));
total_sz -= sizeof(uint16_t);
buffer += sizeof(uint16_t);
if(total_sz) {
InputMemoryStream stream(buffer, total_sz);
stream.skip(data_frame_size());
stream.read(_qos_control);
if (total_sz) {
// If the wep bit is on, then just use a RawPDU
if(wep())
inner_pdu(new Tins::RawPDU(buffer, total_sz));
else
inner_pdu(new Tins::SNAP(buffer, total_sz));
if (wep()) {
inner_pdu(new Tins::RawPDU(stream.pointer(), stream.size()));
}
else {
inner_pdu(new Tins::SNAP(stream.pointer(), stream.size()));
}
}
}

25
src/dot11/dot11_mgmt.cpp
View File

@@ -32,6 +32,9 @@
#include <cstring>
#include "rsn_information.h"
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
/* Dot11ManagementFrame */
@@ -39,33 +42,27 @@ namespace Tins {
Dot11ManagementFrame::Dot11ManagementFrame(const uint8_t *buffer, uint32_t total_sz)
: Dot11(buffer, total_sz)
{
buffer += sizeof(ieee80211_header);
total_sz -= sizeof(ieee80211_header);
if(total_sz < sizeof(_ext_header))
throw malformed_packet();
std::memcpy(&_ext_header, buffer, sizeof(_ext_header));
total_sz -= sizeof(_ext_header);
if(from_ds() && to_ds()) {
if(total_sz >= _addr4.size())
_addr4 = buffer + sizeof(_ext_header);
else
throw malformed_packet();
InputMemoryStream stream(buffer, total_sz);
stream.skip(sizeof(ieee80211_header));
stream.read(_ext_header);
if (from_ds() && to_ds()) {
stream.read(_addr4);
}
}
Dot11ManagementFrame::Dot11ManagementFrame(const address_type &dst_hw_addr,
const address_type &src_hw_addr)
: Dot11(dst_hw_addr)
: Dot11(dst_hw_addr), _ext_header()
{
type(Dot11::MANAGEMENT);
memset(&_ext_header, 0, sizeof(_ext_header));
addr2(src_hw_addr);
}
uint32_t Dot11ManagementFrame::header_size() const {
uint32_t sz = Dot11::header_size() + sizeof(_ext_header);
if (this->from_ds() && this->to_ds())
if (this->from_ds() && this->to_ds()) {
sz += 6;
}
return sz;
}

26
src/dot11/dot11_probe.cpp
View File

@@ -33,6 +33,9 @@
#include <cstring>
#include <cassert>
#include "memory_helpers.h"
using Tins::Memory::InputMemoryStream;
namespace Tins {
/* Probe Request */
@@ -47,34 +50,27 @@ Dot11ProbeRequest::Dot11ProbeRequest(const address_type &dst_hw_addr,
Dot11ProbeRequest::Dot11ProbeRequest(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz)
{
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
parse_tagged_parameters(stream);
}
/* Probe Response */
Dot11ProbeResponse::Dot11ProbeResponse(const address_type &dst_hw_addr,
const address_type &src_hw_addr)
: Dot11ManagementFrame(dst_hw_addr, src_hw_addr)
: Dot11ManagementFrame(dst_hw_addr, src_hw_addr), _body()
{
this->subtype(Dot11::PROBE_RESP);
memset(&_body, 0, sizeof(_body));
}
Dot11ProbeResponse::Dot11ProbeResponse(const uint8_t *buffer, uint32_t total_sz)
: Dot11ManagementFrame(buffer, total_sz)
{
uint32_t sz = management_frame_size();
buffer += sz;
total_sz -= sz;
if(total_sz < sizeof(_body))
throw malformed_packet();
memcpy(&_body, buffer, sizeof(_body));
buffer += sizeof(_body);
total_sz -= sizeof(_body);
parse_tagged_parameters(buffer, total_sz);
InputMemoryStream stream(buffer, total_sz);
stream.skip(management_frame_size());
stream.read(_body);
parse_tagged_parameters(stream);
}
void Dot11ProbeResponse::timestamp(uint64_t new_timestamp) {