Add CHANGES for v4.5

Add vxlan.h to CMakeLists.txt (#508 )
Add VXLAN support (#501 )
2026-01-23 10:45:57 +01:00 · 2023-08-20 09:47:12 -07:00 · 2023-06-08 12:39:15 -07:00 · 2023-05-03 18:21:59 -07:00 · 2023-04-30 10:13:56 -07:00 · 2023-04-30 10:11:57 -07:00
26 changed files with 535 additions and 42 deletions
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@@ -0,0 +1,28 @@
+name: Tests
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+jobs:
+  Ubuntu-Tests:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install libpcap
+        run: sudo apt-get install -y libpcap-dev
+
+      - name: Initialize submodules
+        run: git submodule init && git submodule update
+
+      - name: Initialize build system
+        run: mkdir build && cd build && cmake ..
+
+      - name: Build tests
+        run: cmake --build build --target tests
+
+      - name: Run tests
+        run: ctest build
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,31 @@
+##### v4.5 - Sun Aug 20 04:46:53 PM UTC 2023
+
+- Add VXLAN support (#501)
+
+- Add `FileSniffer` constructor taking a `FILE*` (#499).
+
+- Remove use of deprecated `std::iterator` (#481).
+
+- Add missing `algorithm` header include (#497).
+
+- Validate high order two bits of first dns label octet (#494).
+
+- Use `CMAKE_INSTALL_LIBDIR` in `CONF_CMAKE_INSTALL_DIR` (#472).
+
+- Ignore IPv6 packets with payload after one with no Next Header (#500).
+
+- Fix unqualified `std::move` call warnings on clang (#488).
+
+- Fix incorrect IP address range calculation when using /0 prefix (#484) (#486).
+
+- Fall back to system GTest if available (#473).
+
+- Fix compilation issue on android (#471).
+
+- Fix DNS parser reading garbage on misreported packet size (#468).
+
+- Fix DNS parser misinterpreting bad label size (#466).
+
 ##### v4.4 - Thu Feb 17 14:41:59 UTC 2022

 - Add RFC8335 extended echo types to `ICMP` and `ICMPv6` (#426)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -46,7 +46,7 @@ ENDIF(LIBTINS_BUILD_SHARED)

 # The version number.
 SET(TINS_VERSION_MAJOR 4)
-SET(TINS_VERSION_MINOR 4)
+SET(TINS_VERSION_MINOR 5)
 SET(TINS_VERSION_PATCH 0)
 SET(LIBTINS_VERSION "${TINS_VERSION_MAJOR}.${TINS_VERSION_MINOR}")

@@ -303,7 +303,13 @@ IF(LIBTINS_BUILD_TESTS)
        ENABLE_TESTING()
        ADD_SUBDIRECTORY(tests)
    ELSE()
-        MESSAGE(STATUS "googletest git submodule is absent. Run `git submodule init && git submodule update` to get it")
+        FIND_PACKAGE(GTest QUIET)
+        IF(${GTest_FOUND})
+            ENABLE_TESTING()
+            ADD_SUBDIRECTORY(tests)
+        ELSE()
+            MESSAGE(STATUS "googletest git submodule is absent. Run `git submodule init && git submodule update` to get it")
+        ENDIF()
    ENDIF()
 ENDIF()

@@ -312,7 +318,7 @@ ENDIF()
 # **********************************

 if(UNIX)
-    set(CONF_CMAKE_INSTALL_DIR lib/cmake/libtins)
+    set(CONF_CMAKE_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/cmake/libtins")
 else()
    set(CONF_CMAKE_INSTALL_DIR CMake)
 endif()
--- a/include/tins/address_range.h
+++ b/include/tins/address_range.h
@@ -40,9 +40,13 @@ namespace Tins {
 * \brief AddressRange iterator class.
 */
 template<typename Address>
-class AddressRangeIterator : public std::iterator<std::forward_iterator_tag, const Address> {
+class AddressRangeIterator {
 public:
-    typedef typename std::iterator<std::forward_iterator_tag, const Address>::value_type value_type;
+    typedef std::forward_iterator_tag iterator_category;
+    typedef const Address value_type;
+    typedef std::ptrdiff_t difference_type;
+    typedef const Address* pointer;
+    typedef const Address& reference;

    struct end_iterator {

--- a/include/tins/dns.h
+++ b/include/tins/dns.h
@@ -1034,7 +1034,8 @@ private:
    uint32_t compose_name(const uint8_t* ptr, char* out_ptr) const;
    void convert_records(const uint8_t* ptr, 
                         const uint8_t* end,
-                         resources_type& res) const;
+                         resources_type& res,
+                         const uint16_t rr_count) const;
    void skip_to_section_end(Memory::InputMemoryStream& stream, 
                             const uint32_t num_records) const;
    void skip_to_dname_end(Memory::InputMemoryStream& stream) const;
--- a/include/tins/icmpv6.h
+++ b/include/tins/icmpv6.h
@@ -30,6 +30,7 @@
 #ifndef TINS_ICMPV6_H
 #define TINS_ICMPV6_H

+#include <algorithm>
 #include <vector>
 #include <tins/macros.h>
 #include <tins/pdu.h>
--- a/include/tins/ip_address.h
+++ b/include/tins/ip_address.h
@@ -33,7 +33,7 @@
 #include <string>
 #include <iosfwd>
 #include <functional>
-#include <stdint.h>
+#include <cstdint>
 #include <tins/cxxstd.h>
 #include <tins/macros.h>

--- a/include/tins/pdu.h
+++ b/include/tins/pdu.h
@@ -180,6 +180,7 @@ public:
        PKTAP,
        MPLS,
        DOT11_CONTROL_TA,
+        VXLAN,
        UNKNOWN = 999,
        USER_DEFINED_PDU = 1000
    };
--- a/include/tins/rawpdu.h
+++ b/include/tins/rawpdu.h
@@ -115,7 +115,7 @@ public:
         * \param data The payload to use.
         */
        RawPDU(payload_type&& data)
-        : payload_(move(data)) { }
+        : payload_(std::move(data)) { }
    #endif // TINS_IS_CXX11

    /** 
--- a/include/tins/sniffer.h
+++ b/include/tins/sniffer.h
@@ -406,10 +406,17 @@ private:
 */
 class TINS_API FileSniffer : public BaseSniffer {
 public:
+    /**
+     * \brief Constructs an instance of FileSniffer.
+     * \param fp The pcap file which will be parsed.
+     * \param configuration A SnifferConfiguration to be used on the file.
+     */
+    FileSniffer(FILE *fp, const SnifferConfiguration& configuration);
+
    /**
     * \brief Constructs an instance of FileSniffer.
     * \param file_name The pcap file which will be parsed.
-     * \param filter A capture filter to be used on the file.(optional);
+     * \param configuration A SnifferConfiguration to be used on the file.
     */
    FileSniffer(const std::string& file_name, const SnifferConfiguration& configuration);

@@ -418,9 +425,18 @@ public:
     *
     * \brief Constructs an instance of FileSniffer.
     * \param file_name The pcap file which will be parsed.
-     * \param filter A capture filter to be used on the file.(optional);
+     * \param filter A capture filter to be used on the file. (optional)
     */
    FileSniffer(const std::string& file_name, const std::string& filter = "");
+
+    /**
+     * \deprecated Use the constructor that takes a SnifferConfiguration instead.
+     *
+     * \brief Constructs an instance of FileSniffer.
+     * \param fp The pcap file which will be parsed.
+     * \param filter A capture filter to be used on the file. (optional)
+     */
+    FileSniffer(FILE *fp, const std::string& filter = "");
 };

 template <typename T>
@@ -449,8 +465,14 @@ HandlerProxy<T> make_sniffer_handler(T* ptr,
 /**
 * \brief Iterates over packets sniffed by a BaseSniffer.
 */
-class SnifferIterator : public std::iterator<std::forward_iterator_tag, Packet> {
+class SnifferIterator {
 public:
+    typedef std::forward_iterator_tag iterator_category;
+    typedef Packet value_type;
+    typedef std::ptrdiff_t difference_type;
+    typedef Packet* pointer;
+    typedef Packet& reference;
+
    /**
     * Constructs a SnifferIterator.
     * \param sniffer The sniffer to iterate.
--- a/include/tins/tins.h
+++ b/include/tins/tins.h
@@ -78,7 +78,7 @@
 #include <tins/pdu_allocator.h>
 #include <tins/ipsec.h>
 #include <tins/ip_reassembler.h>
-
 #include <tins/pdu_iterator.h>
+#include <tins/vxlan.h>

 #endif // TINS_TINS_H
--- a/include/tins/vxlan.h
+++ b/include/tins/vxlan.h
@@ -0,0 +1,98 @@
+#ifndef TINS_VXLAN_H
+#define TINS_VXLAN_H
+
+#include <tins/pdu.h>
+#include <tins/small_uint.h>
+
+namespace Tins {
+
+/** 
+ * \class VXLAN
+ * \brief Represents a VXLAN PDU.
+ *
+ * This class represents a VXLAN PDU.
+ *
+ * \sa RawPDU
+ */
+class TINS_API VXLAN : public PDU {
+public:
+    /**
+     * \brief This PDU's flag.
+     */
+    static const PDU::PDUType pdu_flag = PDU::VXLAN;
+
+    /**
+     * \brief Constructs a VXLAN PDU.
+     *
+     * \param vni VXLAN Network Identifier.
+     */
+    VXLAN(const small_uint<24> vni = 0);
+
+    /**
+     * \brief Constructs a VXLAN object from a buffer and adds
+     * the Ethernet II PDU.
+     *
+     * \param buffer The buffer from which this PDU will be constructed.
+     * \param total_sz The total size of the buffer.
+     */
+    VXLAN(const uint8_t* buffer, uint32_t total_sz);
+
+    /**
+     * \brief Getter for the flags.
+     */
+    uint8_t get_flags() const { return Endian::be_to_host(header_.flags) >> 24; }
+
+    /**
+     * \brief Getter for the VNI.
+     */
+    small_uint<24> get_vni() const { return Endian::be_to_host(header_.vni) >> 8; }
+
+    /**
+     * \brief Setter for the flags.
+     * \param new_flags The new flags.
+     */
+    void set_flags(uint8_t new_flags) { header_.flags = Endian::host_to_be(new_flags << 24); }
+
+    /**
+     * \brief Setter for the VNI.
+     * \param new_vni The new VNI.
+     */
+    void set_vni(small_uint<24> new_vni) { header_.vni = Endian::host_to_be(new_vni << 8); }
+
+    /**
+     * \brief Returns the VXLAN frame's header length.
+     * 
+     * This method overrides PDU::header_size. This size includes the
+     * payload and options size.
+     *
+     * \return An uint32_t with the header's size.
+     * \sa PDU::header_size
+     */
+    uint32_t header_size() const { return sizeof(header_); }
+
+    /**
+     * \brief Getter for the PDU's type.
+     * \sa PDU::pdu_type
+     */
+    PDUType pdu_type() const { return pdu_flag; }
+
+    /**
+     * \sa PDU::clone
+     */
+    VXLAN *clone() const { return new VXLAN(*this); }
+
+private:
+    TINS_BEGIN_PACK
+    struct vxlan_header {
+        uint32_t flags;
+        uint32_t vni;
+    } TINS_END_PACK;
+
+    void write_serialization(uint8_t* buffer, uint32_t total_sz);
+
+    vxlan_header header_;
+};
+
+} // Tins
+
+#endif // TINS_VXLAN_H
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -73,6 +73,7 @@ set(SOURCES
    utils/routing_utils.cpp
    utils/resolve_utils.cpp
    utils/pdu_utils.cpp
+    vxlan.cpp
 )

 set(HEADERS
@@ -151,6 +152,7 @@ set(HEADERS
    ${LIBTINS_INCLUDE_DIR}/tins/utils/routing_utils.h
    ${LIBTINS_INCLUDE_DIR}/tins/utils/resolve_utils.h
    ${LIBTINS_INCLUDE_DIR}/tins/utils/pdu_utils.h
+    ${LIBTINS_INCLUDE_DIR}/tins/vxlan.h
 )

 SET(DOT11_DEPENDENT_SOURCES
--- a/src/dns.cpp
+++ b/src/dns.cpp
@@ -86,14 +86,18 @@ void DNS::skip_to_dname_end(InputMemoryStream& stream) const {
            break;
        }
        else {
-            if ((value & 0xc0)) {
-                // This is an offset label, skip the second byte and we're done
+            const uint8_t offset_discriminator = value & 0xc0;
+            if (offset_discriminator == 0xc0) {
+                // This is an offset pointer, skip the second byte and we're done
                stream.skip(1);
                break;
            }
-            else {
+            else if (offset_discriminator == 0) {
                // This is an actual label, skip its contents
                stream.skip(value);
+            } else {
+                // high order two bits of the first octet of a label must be either 11 or 00
+                throw malformed_packet();
            }
        }
    }
@@ -342,7 +346,7 @@ uint32_t DNS::compose_name(const uint8_t* ptr, char* out_ptr) const {
            throw dns_decompression_pointer_loops();
        }
        // It's an offset
-        if ((*ptr & 0xc0)) {
+        if (((*ptr & 0xc0) == 0xc0)) {
            if (TINS_UNLIKELY(ptr + sizeof(uint16_t) > end)) {
                throw malformed_packet();
            }
@@ -414,10 +418,11 @@ void DNS::inline_convert_v4(uint32_t value, char* output) {
 // Parses records in some section.
 void DNS::convert_records(const uint8_t* ptr,
                          const uint8_t* end,
-                          resources_type& res) const {
+                          resources_type& res,
+                          const uint16_t rr_count) const {
    InputMemoryStream stream(ptr, end - ptr);
    char dname[256], small_addr_buf[256];
-    while (stream) {
+    while (stream && (res.size() < rr_count)) {
        string data;
        bool used_small_buffer = false;
        // Retrieve the record's domain name.
@@ -577,7 +582,8 @@ DNS::resources_type DNS::answers() const {
        convert_records(
            &records_data_[0] + answers_idx_, 
            &records_data_[0] + authority_idx_, 
-            res
+            res,
+            answers_count()
        );
    }
    return res;
@@ -589,7 +595,8 @@ DNS::resources_type DNS::authority() const {
        convert_records(
            &records_data_[0] + authority_idx_, 
            &records_data_[0] + additional_idx_, 
-            res
+            res,
+            authority_count()
        );
    }
    return res;
@@ -601,7 +608,8 @@ DNS::resources_type DNS::additional() const {
        convert_records(
            &records_data_[0] + additional_idx_, 
            &records_data_[0] + records_data_.size(), 
-            res
+            res,
+            additional_count()
        );
    }
    return res;
--- a/src/ip_address.cpp
+++ b/src/ip_address.cpp
@@ -62,7 +62,7 @@ const AddressRange<IPv4Address> loopback_range = IPv4Address("127.0.0.0") / 8;
 const AddressRange<IPv4Address> multicast_range = IPv4Address("224.0.0.0") / 4;

 IPv4Address IPv4Address::from_prefix_length(uint32_t prefix_length) {
-    return IPv4Address(Endian::host_to_be(0xffffffff << (32 - prefix_length)));
+    return IPv4Address(prefix_length ? Endian::host_to_be(0xffffffff << (32 - prefix_length)) : 0u);
 }

 IPv4Address::IPv4Address(uint32_t ip) 
--- a/src/ipv6.cpp
+++ b/src/ipv6.cpp
@@ -130,7 +130,7 @@ IPv6::IPv6(const uint8_t* buffer, uint32_t total_sz) {
    uint32_t actual_payload_length = payload_length();
    bool is_payload_fragmented = false;
    while (stream) {
-        if (is_extension_header(current_header)) {
+        if (is_extension_header(current_header) && current_header != NO_NEXT_HEADER) {
            if (current_header == FRAGMENT) {
                is_payload_fragmented = true;
            }
--- a/src/network_interface.cpp
+++ b/src/network_interface.cpp
@@ -331,7 +331,7 @@ NetworkInterface::Info NetworkInterface::info() const {
    }

    #else // _WIN32
-
+    #ifndef ANDROID 
    struct ifaddrs* ifaddrs = 0;
    struct ifaddrs* if_it = 0;
    getifaddrs(&ifaddrs);
@@ -341,7 +341,9 @@ NetworkInterface::Info NetworkInterface::info() const {
    if (ifaddrs) {
        freeifaddrs(ifaddrs);
    }
-
+    #else
+    throw new std::runtime_error("android ifaddr not supported");
+    #endif
    #endif // _WIN32
    
     // If we didn't even get the hw address or ip address, this went wrong
--- a/src/sniffer.cpp
+++ b/src/sniffer.cpp
@@ -391,6 +391,20 @@ void Sniffer::set_rfmon(bool rfmon_enabled) {

 // **************************** FileSniffer ****************************

+FileSniffer::FileSniffer(FILE *fp,
+                         const SnifferConfiguration& configuration) {
+    char error[PCAP_ERRBUF_SIZE];
+    pcap_t* phandle = pcap_fopen_offline(fp, error);
+    if (!phandle) {
+        throw pcap_error(error);
+    }
+    set_pcap_handle(phandle);
+
+    // Configure the sniffer
+    configuration.configure_sniffer_pre_activation(*this);
+
+}
+
 FileSniffer::FileSniffer(const string& file_name, 
                         const SnifferConfiguration& configuration) {
    char error[PCAP_ERRBUF_SIZE];
@@ -420,6 +434,22 @@ FileSniffer::FileSniffer(const string& file_name, const string& filter) {
    config.configure_sniffer_pre_activation(*this);
 }

+FileSniffer::FileSniffer(FILE *fp, const string& filter) {
+    SnifferConfiguration config;
+    config.set_filter(filter);
+
+    char error[PCAP_ERRBUF_SIZE];
+    pcap_t* phandle = pcap_fopen_offline(fp, error);
+    if (!phandle) {
+        throw pcap_error(error);
+    }
+    set_pcap_handle(phandle);
+
+    // Configure the sniffer
+    config.configure_sniffer_pre_activation(*this);
+}
+
+
 // ************************ SnifferConfiguration ************************

 const unsigned SnifferConfiguration::DEFAULT_SNAP_LEN = 65535;
--- a/src/tcp_ip/data_tracker.cpp
+++ b/src/tcp_ip/data_tracker.cpp
@@ -33,8 +33,6 @@

 #include <tins/detail/sequence_number_helpers.h>

-using std::move;
-
 using Tins::Internals::seq_compare;

 namespace Tins {
@@ -67,7 +65,7 @@ bool DataTracker::process_payload(uint32_t seq, payload_type payload) {
    }
    bool added_some = false;
    // Store this payload
-    store_payload(seq, move(payload));
+    store_payload(seq, std::move(payload));
    // Keep looping while the fragments seq is lower or equal to our seq
    buffered_payload_type::iterator iter = buffered_payload_.find(seq_number_);
    while (iter != buffered_payload_.end() && seq_compare(iter->first, seq_number_) <= 0) {
@@ -85,7 +83,7 @@ bool DataTracker::process_payload(uint32_t seq, payload_type payload) {
                    payload.begin(),
                    payload.begin() + (seq_number_ - iter->first)
                );
-                store_payload(seq_number_, move(iter->second));
+                store_payload(seq_number_, std::move(iter->second));
                iter = erase_iterator(iter);
            }
            else {
@@ -158,14 +156,14 @@ void DataTracker::store_payload(uint32_t seq, payload_type payload) {
    // New segment, store it
    if (iter == buffered_payload_.end()) {
        total_buffered_bytes_ += payload.size();
-        buffered_payload_.insert(make_pair(seq, move(payload)));
+        buffered_payload_.insert(make_pair(seq, std::move(payload)));
    }
    else if (iter->second.size() < payload.size()) {
        // Increment by the diff between sizes
        total_buffered_bytes_ += (payload.size() - iter->second.size());
        // If we already have payload on this position but it's a shorter
        // chunk than the new one, replace it
-        iter->second = move(payload);
+        iter->second = std::move(payload);
    }
 }

--- a/src/tcp_ip/flow.cpp
+++ b/src/tcp_ip/flow.cpp
@@ -115,7 +115,7 @@ void Flow::process_packet(PDU& pdu) {
    }

    // can process either way, since it will abort immediately if not needed
-    if (data_tracker_.process_payload(tcp->seq(), move(raw->payload()))) {
+    if (data_tracker_.process_payload(tcp->seq(), std::move(raw->payload()))) {
        if (on_data_callback_) {
            on_data_callback_(*this);
        }
--- a/src/utils/routing_utils.cpp
+++ b/src/utils/routing_utils.cpp
@@ -413,17 +413,21 @@ set<string> network_interfaces() {
 }
 #else
 set<string> network_interfaces() {
-    set<string> output;
-    struct ifaddrs* ifaddrs = 0;
-    struct ifaddrs* if_it = 0;
-    getifaddrs(&ifaddrs);
-    for (if_it = ifaddrs; if_it; if_it = if_it->ifa_next) {
-        output.insert(if_it->ifa_name);
-    }
-    if (ifaddrs) {
-        freeifaddrs(ifaddrs);
-    }
+    #ifndef ANDROID 
+        set<string> output;
+        struct ifaddrs* ifaddrs = 0;
+        struct ifaddrs* if_it = 0;
+        getifaddrs(&ifaddrs);
+        for (if_it = ifaddrs; if_it; if_it = if_it->ifa_next) {
+            output.insert(if_it->ifa_name);
+        }
+        if (ifaddrs) {
+            freeifaddrs(ifaddrs);
+        }
    return output;
+    #else
+        throw std::runtime_error("android ifaddr not supported");
+    #endif
 }
 #endif // _WIN32

--- a/src/vxlan.cpp
+++ b/src/vxlan.cpp
@@ -0,0 +1,36 @@
+#include <tins/internals.h>
+#include <tins/memory_helpers.h>
+#include <tins/small_uint.h>
+#include <tins/vxlan.h>
+
+using Tins::Memory::InputMemoryStream;
+using Tins::Memory::OutputMemoryStream;
+
+namespace Tins {
+
+VXLAN::VXLAN(const small_uint<24> vni) {
+    set_flags(8);
+    set_vni(vni);
+}
+
+VXLAN::VXLAN(const uint8_t* buffer, uint32_t total_sz) {
+    InputMemoryStream stream(buffer, total_sz);
+    stream.read(header_);
+    // If there is any size left
+    if (stream) {
+        inner_pdu(
+            Internals::pdu_from_flag(
+                PDU::ETHERNET_II,
+                stream.pointer(),
+                stream.size()
+            )
+        );
+    }
+}
+
+void VXLAN::write_serialization(uint8_t* buffer, uint32_t total_sz) {
+    OutputMemoryStream stream(buffer, total_sz);
+    stream.write(header_);
+}
+
+} // Tins
--- a/tests/src/CMakeLists.txt
+++ b/tests/src/CMakeLists.txt
@@ -70,6 +70,7 @@ CREATE_TEST(tcp)
 CREATE_TEST(tcp_ip)
 CREATE_TEST(udp)
 CREATE_TEST(utils)
+CREATE_TEST(vxlan)

 IF(LIBTINS_ENABLE_PCAP)
    CREATE_TEST(offline_packet_filter)
--- a/tests/src/address_range_test.cpp
+++ b/tests/src/address_range_test.cpp
@@ -12,11 +12,19 @@ using namespace Tins;

 class AddressRangeTest : public testing::Test {
 public:
+    void contain_tests0(const IPv4Range& range);
+    void contain_tests0(const IPv6Range& range);
    void contain_tests24(const IPv4Range& range);
    void contain_tests24(const IPv6Range& range);
    void contain_tests26(const IPv4Range& range);
 };

+void AddressRangeTest::contain_tests0(const IPv4Range& range) {
+    EXPECT_TRUE(range.contains("0.0.0.0"));
+    EXPECT_TRUE(range.contains("192.168.1.1"));
+    EXPECT_TRUE(range.contains("255.255.255.255"));
+}
+
 void AddressRangeTest::contain_tests24(const IPv4Range& range) {
    EXPECT_TRUE(range.contains("192.168.0.0"));
    EXPECT_TRUE(range.contains("192.168.0.1"));
@@ -33,6 +41,12 @@ void AddressRangeTest::contain_tests26(const IPv4Range& range) {
    EXPECT_FALSE(range.contains("192.168.254.191"));
 }

+void AddressRangeTest::contain_tests0(const IPv6Range& range) {
+    EXPECT_TRUE(range.contains("::"));
+    EXPECT_TRUE(range.contains("dead::1:1"));
+    EXPECT_TRUE(range.contains("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"));
+}
+
 void AddressRangeTest::contain_tests24(const IPv6Range& range) {
    EXPECT_TRUE(range.contains("dead::1"));
    EXPECT_TRUE(range.contains("dead::1fee"));
@@ -42,13 +56,22 @@ void AddressRangeTest::contain_tests24(const IPv6Range& range) {
 }

 TEST_F(AddressRangeTest, Contains) {
+    contain_tests0(IPv4Range("0.0.0.0", "255.255.255.255"));
+    contain_tests0(IPv4Range::from_mask("0.0.0.0", "0.0.0.0"));
+    contain_tests0(IPv4Range::from_mask("0.0.0.0", IPv4Address::from_prefix_length(0)));
    contain_tests24(IPv4Range("192.168.0.0", "192.168.0.255"));
    contain_tests24(IPv4Range::from_mask("192.168.0.0", "255.255.255.0"));
+    contain_tests24(IPv4Range::from_mask("192.168.0.0", IPv4Address::from_prefix_length(24)));
    contain_tests26(IPv4Range("192.168.254.192", "192.168.254.255"));
    contain_tests26(IPv4Range::from_mask("192.168.254.192", "255.255.255.192"));
+    contain_tests26(IPv4Range::from_mask("192.168.254.192", IPv4Address::from_prefix_length(26)));
    
+    contain_tests0(IPv6Range("::0", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"));
+    contain_tests0(IPv6Range::from_mask("::", "::"));
+    contain_tests0(IPv6Range::from_mask("::", IPv6Address::from_prefix_length(0)));
    contain_tests24(IPv6Range("dead::0", "dead::ffff"));
    contain_tests24(IPv6Range::from_mask("dead::0", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:0"));
+    contain_tests24(IPv6Range::from_mask("dead::0", IPv6Address::from_prefix_length(112)));
    
    {
        AddressRange<HWAddress<6> > range("00:00:00:00:00:00", "00:00:00:00:00:ff");
--- a/tests/src/dns_test.cpp
+++ b/tests/src/dns_test.cpp
@@ -551,3 +551,113 @@ TEST_F(DNSTest, SOARecordSerialize) {
    EXPECT_EQ(0x8ad71928U, r2.expire());
    EXPECT_EQ(0x1ad92871U, r2.minimum_ttl());
 }
+
+TEST_F(DNSTest, BadLabelSize) {
+    const uint8_t header[] = {
+                       0x45, 0xbc,    // ID
+                       0x81, 0x80,    // response, recursion desired, recursion available, no error
+                       0x00, 0x01,    // QDCOUNT
+                       0x00, 0x00,    // ANCOUNT
+                       0x00, 0x00,    // NSCOUNT
+                       0x00, 0x00     // ARCOUNT
+    };
+    size_t payload_sz{sizeof(header)};
+    uint8_t payload[512];
+
+    // copy header
+    std::copy(header, 
+              header + payload_sz, 
+              payload);
+
+    // add bad length
+    const size_t bad_label_len{0x80};
+    const size_t label_offset = payload_sz;
+    payload[payload_sz++] = bad_label_len; 
+        
+    // fill label for incorrect length and terminate
+    std::fill(payload + payload_sz,
+              payload + payload_sz + bad_label_len, 
+              'a');
+    payload_sz += bad_label_len;
+    payload[payload_sz++] = 0x0;
+
+    // add type and class
+    const uint8_t type_class[] = {
+        0x00, 0x01,
+        0x00, 0x01
+    };
+    std::copy(type_class, 
+              type_class + sizeof(type_class), 
+              payload + payload_sz);
+    payload_sz += sizeof(type_class);
+
+    // invalid high two bits of label first octest is detected early now
+    try {
+        const DNS packet(payload, payload_sz);
+        FAIL();
+    } catch (malformed_packet& mp) {
+        SUCCEED();
+    }
+
+    // check the other invalid value of high two bits in label size
+    payload[label_offset] = 0x10;
+    try {
+        const DNS packet(payload, payload_sz);
+        FAIL();
+    } catch (malformed_packet& mp) {
+        SUCCEED();
+    }
+}
+
+TEST_F(DNSTest, BadPacketLength) {
+
+    // valid response packet with RR's in all sections
+    const uint8_t payload[] = {
+        0x74,0xa9,0x85,0x80,0x00,0x01,0x00,0x02,0x00,0x01,0x00,0x04,0x08,0x5f,0x73,0x65,0x72,
+        0x76,0x69,0x63,0x65,0x04,0x5f,0x74,0x63,0x70,0x05,0x77,0x69,0x66,0x69,0x36,0x03,
+        0x6c,0x61,0x6e,0x00,0x00,0x21,0x00,0x01,0xc0,0x0c,0x00,0x21,0x00,0x01,0x00,0x01,
+        0x51,0x80,0x00,0x16,0x00,0x00,0x00,0x03,0x00,0x09,0x04,0x66,0x61,0x73,0x74,0x05,
+        0x77,0x69,0x66,0x69,0x36,0x03,0x6c,0x61,0x6e,0x00,0xc0,0x0c,0x00,0x21,0x00,0x01,
+        0x00,0x01,0x51,0x80,0x00,0x16,0x00,0x00,0x00,0x01,0x00,0x09,0x04,0x73,0x6c,0x6f,
+        0x77,0x05,0x77,0x69,0x66,0x69,0x36,0x03,0x6c,0x61,0x6e,0x00,0xc0,0x62,0x00,0x02,
+        0x00,0x01,0x00,0x01,0x51,0x80,0x00,0x05,0x02,0x70,0x69,0xc0,0x62,0xc0,0x5d,0x00,
+        0x01,0x00,0x01,0x00,0x01,0x51,0x80,0x00,0x04,0x0a,0x18,0x00,0x02,0xc0,0x3b,0x00,
+        0x01,0x00,0x01,0x00,0x01,0x51,0x80,0x00,0x04,0x0a,0x18,0x00,0x02,0xc0,0x79,0x00,
+        0x01,0x00,0x01,0x00,0x01,0x51,0x80,0x00,0x04,0x0a,0x18,0x00,0x02,0x00,0x00,0x29,
+        0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x1c,0x00,0x0a,0x00,0x18,0x86,0x1f,0x14,0x0f,
+        0x41,0xfa,0xf3,0x95,0x48,0x6e,0x79,0x61,0x61,0x78,0x32,0x0f,0x44,0x5d,0x21,0x47,
+        0x85,0x83,0x9a,0x95
+    };
+
+    // valid DNS message but misreport packet size;
+    // before fix, parser headed into uncharted waters on requesting additional section
+
+    // buffer with space for valid packet plus garbage bytes
+    const size_t bigsz{512};
+    uint8_t big_packet[bigsz];
+
+    // copy valid packet
+    std::copy(payload, 
+              payload + sizeof(payload), 
+              big_packet);
+
+    // fill additional bytes with junk 
+    std::fill(big_packet + sizeof(payload), 
+              big_packet + bigsz, 
+              0x5A);
+        
+    // initial packet parse ok
+    const DNS packet(big_packet, bigsz);
+
+    // RR's parse ok now
+    EXPECT_EQ(packet.questions_count(), 1);
+    EXPECT_EQ(packet.answers_count(), 2);
+    EXPECT_EQ(packet.authority_count(), 1);
+    EXPECT_EQ(packet.additional_count(), 4);
+    EXPECT_EQ(packet.queries().size(), 1U);
+    EXPECT_EQ(packet.answers().size(), 2U);
+    EXPECT_EQ(packet.authority().size(), 1U);
+    EXPECT_EQ(packet.additional().size(), 4U);
+}
+
+
--- a/tests/src/vxlan_test.cpp
+++ b/tests/src/vxlan_test.cpp
@@ -0,0 +1,90 @@
+#include <gtest/gtest.h>
+#include <string>
+#include <tins/ethernetII.h>
+#include <tins/ip.h>
+#include <tins/tcp.h>
+#include <tins/udp.h>
+#include <tins/pdu.h>
+#include <tins/small_uint.h>
+#include <tins/vxlan.h>
+
+#define PACKET_SIZE 68ul
+
+using namespace std;
+using namespace Tins;
+
+class VXLANTest : public testing::Test {
+public:
+    static const uint8_t expected_packet[PACKET_SIZE];
+    static const uint8_t flags;
+    static const uint16_t dport, sport, p_type;
+    static const small_uint<24> vni;
+    static const IP::address_type dst_ip, src_ip;
+    static const EthernetII::address_type dst_addr, src_addr;
+};
+
+const uint8_t VXLANTest::expected_packet[PACKET_SIZE] = {
+    0x08, 0x00, 0x00, 0x00,
+    0xff, 0xff, 0xff, 0x00,
+    0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
+    0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+const uint8_t VXLANTest::flags = 8;
+const uint16_t VXLANTest::dport = 19627;
+const uint16_t VXLANTest::sport = 4789;
+const uint16_t VXLANTest::p_type = 0xd0ab;
+const small_uint<24> VXLANTest::vni = 0xffffff;
+const IP::address_type VXLANTest::dst_ip = IP::address_type{"2.2.2.2"};
+const IP::address_type VXLANTest::src_ip = IP::address_type{"1.1.1.1"};
+const EthernetII::address_type VXLANTest::dst_addr = EthernetII::address_type{"aa:bb:cc:dd:ee:ff"};
+const EthernetII::address_type VXLANTest::src_addr = EthernetII::address_type{"8a:8b:8c:8d:8e:8f"};
+
+TEST_F(VXLANTest, Flags) {
+    auto const vxlan = VXLAN{};
+    EXPECT_EQ(vxlan.get_flags(), flags);
+}
+
+TEST_F(VXLANTest, VNI) {
+    auto const vxlan = VXLAN{vni};
+    EXPECT_EQ(vxlan.get_vni(), vni);
+}
+
+TEST_F(VXLANTest, Find) {
+    auto const pdu = VXLAN{} / EthernetII{dst_addr, src_addr};
+    auto const eth = pdu.find_pdu<EthernetII>();
+    ASSERT_TRUE(eth != nullptr);
+    EXPECT_EQ(eth->dst_addr(), dst_addr);
+    EXPECT_EQ(eth->src_addr(), src_addr);
+}
+
+TEST_F(VXLANTest, Serialize) {
+    auto eth = EthernetII{dst_addr, src_addr};
+    eth.payload_type(p_type);
+    auto vxlan = VXLAN{vni};
+    vxlan.inner_pdu(eth);
+    auto serialized = vxlan.serialize();
+    ASSERT_EQ(serialized.size(), PACKET_SIZE);
+    EXPECT_TRUE(std::equal(serialized.begin(), serialized.end(), expected_packet));
+}
+
+TEST_F(VXLANTest, ConstructorFromBuffer) {
+    auto vxlan = VXLAN{expected_packet, PACKET_SIZE};
+    EXPECT_EQ(vxlan.get_vni(), vni);
+    EXPECT_EQ(vxlan.get_flags(), flags);
+    auto const eth = vxlan.find_pdu<EthernetII>();
+    ASSERT_TRUE(eth != nullptr);
+    EXPECT_EQ(eth->dst_addr(), dst_addr);
+    EXPECT_EQ(eth->src_addr(), src_addr);
+}
+
+TEST_F(VXLANTest, OuterUDP) {
+    auto pkt = IP{dst_ip, src_ip} / UDP{dport, sport} / VXLAN{expected_packet, PACKET_SIZE};
+    auto const vxlan = pkt.find_pdu<VXLAN>();
+    ASSERT_TRUE(vxlan != nullptr);
+    EXPECT_EQ(vxlan->get_flags(), flags);
+    EXPECT_EQ(vxlan->get_vni(), vni);
+}
Author	SHA1	Message	Date
Matias Fontanini	142b6f62cb	Add CHANGES for v4.5	2023-08-20 09:47:12 -07:00
James R T	dfd2701ee4	Add vxlan.h to CMakeLists.txt (#508 )	2023-06-08 12:39:15 -07:00
James R T	850bb9b642	Add VXLAN support (#501 ) This patch adds a new PDU class to support VXLAN. Several VXLAN-related tests have also been added. Signed-off-by: James Raphael Tiovalen <jamestiotio@gmail.com>	2023-05-03 18:21:59 -07:00
Ed Catmur	b7e61f4c76	Qualify calls to std::move (clang 15) (#488 ) Co-authored-by: Ed Catmur <edward.catmur@mavensecurities.com>	2023-04-30 10:13:56 -07:00
Ed Catmur	e2a14d8898	Remove use of deprecated std::iterator (#481 ) Co-authored-by: Ed Catmur <edward.catmur@mavensecurities.com>	2023-04-30 10:11:57 -07:00
Tobias Specht	ba0c820852	Add FileSniffer constructor with FILE pointer as pcap source (#499 )	2023-04-30 09:44:49 -07:00
James R T	df509e7e36	Ignore IPv6 packets with payload after one with no Next Header (#500 ) IPv6 data packets with payload or padded bytes received after one with no Next Header were not being parsed correctly, resulting in NULL PDU. This commit fixes the IPv6 parser to be compliant with RFC 2460 Section 4.7 by adding a check in the IPv6 constructor to ignore the subsequent packets if an IPv6 packet contains no Next Header. Signed-off-by: James Raphael Tiovalen <jamestiotio@gmail.com>	2023-04-20 21:22:01 -07:00
Ed Catmur	fa87e1b6f6	Add missing include (#497 ) `<algorithm>` is needed for std::fill (error in clang-16)	2023-01-31 10:02:50 -08:00
Vasiliy Glazov	812be7966d	Fix build with GCC13 (#496 ) Due to changes in GCC13 need fix include.	2023-01-24 08:29:36 -08:00
Bill Willcox	f89cc9f076	Validate high order two bits of first dns label octet (#494 )	2023-01-03 09:10:41 -08:00
Matias Fontanini	638bf9b34b	Trigger actions on pull requests (#495 )	2023-01-03 09:04:03 -08:00
mbcdev	eb997f5438	fix incorrect IP address range calculation when using /0 prefix (#484 ) (#486 ) According to the C/C++ Standard, for shift operations, the behavior is undefined if the right operand is equal to the width of the promoted left operand. On a 64-bit Windows machine, this causes IP addresses 0.0.0.0 and 255.255.255.255 to have the same internal representation, leading to various issues when using a /0 prefix.	2022-08-30 08:27:42 -07:00
Scott K Logan	18cbab4fc7	Use CMAKE_INSTALL_LIBDIR in CONF_CMAKE_INSTALL_DIR (#472 ) On some platforms (like RedHat ones), CMAKE_INSTALL_LIBDIR is set to `lib64` instead of `lib`. The CMake files should also be installed to `lib64`, but because CONF_CMAKE_INSTALL_DIR is set unconditionally to use `lib`, the proper path can't be configured. This change makes CONF_CMAKE_INSTALL_DIR use the configured CMAKE_INSTALL_LIBDIR value, which defaults to `lib`.	2022-05-14 11:09:58 -07:00
Scott K Logan	7cd2b2c396	Fall back to system GTest if available (#473 ) Using a submodule to download and build GTest is a great approach for most circumstances, but some may prefer to use the system-provided GTest if it is available. This change adds a fallback to using the system's GTest if the submodule is absent.	2022-05-14 11:07:39 -07:00
Lattice 0	2601493752	android workaround (#471 )	2022-04-24 08:44:52 -07:00
Bill Willcox	7204fbd688	dns: parser reads into garbage on misreported packet size (#468 ) Co-authored-by: Bill Willcox <billwcorp@gmail.com>	2022-02-26 14:29:22 -08:00
Bill Willcox	c302e659d7	dns: bad label size interpreted as decompression pointer (#466 ) Co-authored-by: Bill Willcox <billwcorp@gmail.com>	2022-02-20 15:18:00 -08:00
Matias Fontanini	54e4e4b0f4	Add github actions for ubuntu (#467 )	2022-02-19 17:01:37 -08:00
Matias Fontanini	6a17e59032	Bump version to 4.5	2022-02-17 06:55:48 -08:00