Ensure that packet is set to p param to type of bytes. In certain sit… #3909
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…uations where bgp fields for open messages where being set, this function was initializing packet variable to a str and returning. Fix bgp path_attrib length field. Should be type byte, not int. Adding fuzz() support to bgp open and update. Allow for BGPFieldLenField len to be fuzzed, but fixed when recalled.
gpotter2
requested changes
Mar 5, 2023
| @@ -633,7 +660,7 @@ class _BGPCapability_metaclass(_BGPCap_metaclass, Packet_metaclass): | |||
| pass | |||
|
|
|||
|
|
|||
| class BGPCapability(Packet, metaclass=_BGPCapability_metaclass): | |||
| class BGPCapability(six.with_metaclass(_BGPCapability_metaclass, Packet)): # type: ignore | |||
There was a problem hiding this comment.
We just dropped Python 2 support so you shouldn't need to use six
| return enum.get(i, i) | ||
| if self.enum_from: | ||
| enum = self.enum_from(pkt) | ||
| return enum.get(i, i) |
| subpacklen = lambda p: len(p) | ||
| packet = "" |
There was a problem hiding this comment.
good catch. Could you add a unit test?
https://github.com/secdev/scapy/tree/master/test/contrib/bgp.uts
| @@ -449,7 +476,7 @@ class BGPHeader(Packet): | |||
| 0xffffffffffffffffffffffffffffffff, | |||
| 0x80 | |||
| ), | |||
| ShortField("len", None), | |||
There was a problem hiding this comment.
This is very not scapy-like. Don't do that. It is commonly understood that len=None -> auto-computed.
You can always set this to 0 before calling fuzz
| :param int min: Minimum range for random value. | ||
| :param int max: Maximum range for random value. | ||
| """ | ||
| RandNum.__init__(self, min, max) |
| @@ -117,25 +119,50 @@ def i2m(self, pkt, i): | |||
| """"Internal" (IP as bytes, mask as int) to "machine" | |||
| representation.""" | |||
| mask, ip = i | |||
| ip = socket.inet_aton(ip) | |||
| ip = socket.inet_aton(str(ip)) | |||
There was a problem hiding this comment.
inet_aton expects a string representation of an ip address.
I'm ensuring that is the case, and any errors will make this obvious.
| "withdrawn_routes_len", | ||
| None, | ||
| 0, |
| "path_attr_len", | ||
| None, | ||
| 0, |
| subpacklen = lambda p: len(p) | ||
| packet = "" | ||
| packet = p | ||
|
|
||
| if self.withdrawn_routes_len is None: |
There was a problem hiding this comment.
Leave None here...
...otherwise this won't work
Co-authored-by: gpotter2 <[email protected]>
Removed extra double quote comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist:
cd test && ./run_testsortox)Ensure that params that representing packets are set to type bytes. In certain situations where bgp fields for open messages were being set, this function was initializing packet variable to a str and returning.
Fix bgp path_attrib length field. Should be type byte, not int.
Adding fuzz() support to bgp open and update.
Allow for BGPFieldLenField len to be fuzzed, but fixed when recalled.