suricata
decode-sctp.c
Go to the documentation of this file.
1 /* Copyright (C) 2011-2021 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \ingroup decode
20  *
21  * @{
22  */
23 
24 
25 /**
26  * \file
27  *
28  * \author Eric Leblond <eric@regit.org>
29  *
30  * Decode SCTP
31  */
32 
33 #include "suricata-common.h"
34 #include "decode.h"
35 #include "decode-sctp.h"
36 #include "decode-events.h"
37 
38 #include "util-validate.h"
39 #include "util-unittest.h"
40 #include "util-debug.h"
41 #include "util-optimize.h"
42 #include "flow.h"
43 
44 static int DecodeSCTPPacket(ThreadVars *tv, Packet *p, const uint8_t *pkt, uint16_t len)
45 {
46  DEBUG_VALIDATE_BUG_ON(pkt == NULL);
47 
48  if (unlikely(len < SCTP_HEADER_LEN)) {
49  ENGINE_SET_INVALID_EVENT(p, SCTP_PKT_TOO_SMALL);
50  return -1;
51  }
52 
53  p->sctph = (SCTPHdr *)pkt;
54 
55  SET_SCTP_SRC_PORT(p,&p->sp);
56  SET_SCTP_DST_PORT(p,&p->dp);
57 
58  p->payload = (uint8_t *)pkt + sizeof(SCTPHdr);
59  p->payload_len = len - sizeof(SCTPHdr);
60 
61  p->proto = IPPROTO_SCTP;
62 
63  return 0;
64 }
65 
66 int DecodeSCTP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
67  const uint8_t *pkt, uint16_t len)
68 {
69  StatsIncr(tv, dtv->counter_sctp);
70 
71  if (unlikely(DecodeSCTPPacket(tv, p,pkt,len) < 0)) {
72  CLEAR_SCTP_PACKET(p);
73  return TM_ECODE_FAILED;
74  }
75 
76 #ifdef DEBUG
77  SCLogDebug("SCTP sp: %" PRIu32 " -> dp: %" PRIu32,
78  SCTP_GET_SRC_PORT(p), SCTP_GET_DST_PORT(p));
79 #endif
80 
81  FlowSetupPacket(p);
82 
83  return TM_ECODE_OK;
84 }
85 /**
86  * @}
87  */
Packet_::proto
uint8_t proto
Definition: decode.h:447
len
uint8_t len
Definition: app-layer-dnp3.h:2
SET_SCTP_DST_PORT
#define SET_SCTP_DST_PORT(pkt, prt)
Definition: decode.h:198
StatsIncr
void StatsIncr(ThreadVars *tv, uint16_t id)
Increments the local counter.
Definition: counters.c:167
Packet_::sctph
SCTPHdr * sctph
Definition: decode.h:551
unlikely
#define unlikely(expr)
Definition: util-optimize.h:35
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:296
Packet_::payload
uint8_t * payload
Definition: decode.h:567
SCTP_HEADER_LEN
#define SCTP_HEADER_LEN
Definition: decode-sctp.h:28
SCTP_GET_SRC_PORT
#define SCTP_GET_SRC_PORT(p)
Definition: decode-sctp.h:34
TM_ECODE_FAILED
@ TM_ECODE_FAILED
Definition: tm-threads-common.h:83
Packet_::payload_len
uint16_t payload_len
Definition: decode.h:568
util-unittest.h
DecodeSCTP
int DecodeSCTP(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, const uint8_t *pkt, uint16_t len)
Definition: decode-sctp.c:66
TM_ECODE_OK
@ TM_ECODE_OK
Definition: tm-threads-common.h:82
decode.h
util-debug.h
SCTP_GET_DST_PORT
#define SCTP_GET_DST_PORT(p)
Definition: decode-sctp.h:35
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:57
Packet_::sp
Port sp
Definition: decode.h:432
SCTP_PKT_TOO_SMALL
@ SCTP_PKT_TOO_SMALL
Definition: decode-events.h:162
Packet_
Definition: decode.h:425
DecodeThreadVars_::counter_sctp
uint16_t counter_sctp
Definition: decode.h:685
decode-events.h
dtv
DecodeThreadVars * dtv
Definition: fuzz_decodepcapfile.c:33
SET_SCTP_SRC_PORT
#define SET_SCTP_SRC_PORT(pkt, prt)
Definition: decode.h:194
suricata-common.h
decode-sctp.h
tv
ThreadVars * tv
Definition: fuzz_decodepcapfile.c:32
util-optimize.h
util-validate.h
DecodeThreadVars_
Structure to hold thread specific data for all decode modules.
Definition: decode.h:659
ENGINE_SET_INVALID_EVENT
#define ENGINE_SET_INVALID_EVENT(p, e)
Definition: decode.h:888
IPPROTO_SCTP
#define IPPROTO_SCTP
Definition: decode.h:924
flow.h
Packet_::dp
Port dp
Definition: decode.h:440
CLEAR_SCTP_PACKET
#define CLEAR_SCTP_PACKET(p)
Definition: decode-sctp.h:45
DEBUG_VALIDATE_BUG_ON
#define DEBUG_VALIDATE_BUG_ON(exp)
Definition: util-validate.h:111
FlowSetupPacket
void FlowSetupPacket(Packet *p)
prepare packet for a life with flow Set PKT_WANTS_FLOW flag to incidate workers should do a flow look...
Definition: flow-hash.c:424