summaryrefslogtreecommitdiff
path: root/regress/sys/net/pf_opts
diff options
context:
space:
mode:
authorAlexander Bluhm <bluhm@cvs.openbsd.org>2022-04-29 18:58:34 +0000
committerAlexander Bluhm <bluhm@cvs.openbsd.org>2022-04-29 18:58:34 +0000
commit6a35bb26fd716030cbacadc2d7e89cb234c1fc94 (patch)
treed917438a49da782a96537dcf2a2761f834cc5972 /regress/sys/net/pf_opts
parent748d3ea8c2c9cc181ea24b415a184009316c4835 (diff)
Send IP options with maximum length to check for overflow.
Diffstat (limited to 'regress/sys/net/pf_opts')
-rw-r--r--regress/sys/net/pf_opts/Makefile24
-rw-r--r--regress/sys/net/pf_opts/icmp6_hop_max.py29
-rw-r--r--regress/sys/net/pf_opts/icmp6_hop_pad.py2
-rw-r--r--regress/sys/net/pf_opts/icmp6_hop_ra.py3
-rw-r--r--regress/sys/net/pf_opts/icmp_max.py24
5 files changed, 74 insertions, 8 deletions
diff --git a/regress/sys/net/pf_opts/Makefile b/regress/sys/net/pf_opts/Makefile
index 1917596dfc4..55088a8596c 100644
--- a/regress/sys/net/pf_opts/Makefile
+++ b/regress/sys/net/pf_opts/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.4 2022/04/29 17:27:37 bluhm Exp $
+# $OpenBSD: Makefile,v 1.5 2022/04/29 18:58:33 bluhm Exp $
# Copyright (c) 2022 Alexander Bluhm <bluhm@openbsd.org>
#
@@ -235,8 +235,8 @@ run-icmp6-dst: stamp-bpf
REGRESS_TARGETS += run-bpf-ext
run-bpf-ext: stamp-stop
# Check that icmp6 packet with extension headers were blocked
- fgrep ' fe80::${N2}: HBH icmp6' pflog0.tcpdump
- fgrep ' fe80::${N2}: DSTOPT icmp6' pflog0.tcpdump
+ fgrep ' fe80::${N2}: HBH icmp6:' pflog0.tcpdump
+ fgrep ' fe80::${N2}: DSTOPT icmp6:' pflog0.tcpdump
! grep fe80::${N1} pflog0.tcpdump
# icmp with options
@@ -256,6 +256,16 @@ run-icmp6-pad: stamp-bpf
${SUDO} /sbin/route -T ${N1} exec ${PYTHON}icmp6_hop_pad.py N1
${SUDO} /sbin/route -T ${N2} exec ${PYTHON}icmp6_hop_pad.py N2
+REGRESS_TARGETS += run-icmp-max
+run-icmp-max: stamp-bpf
+ ${SUDO} /sbin/route -T ${N1} exec ${PYTHON}icmp_max.py N1
+ ${SUDO} /sbin/route -T ${N2} exec ${PYTHON}icmp_max.py N2
+
+REGRESS_TARGETS += run-icmp6-max
+run-icmp6-max: stamp-bpf
+ ${SUDO} /sbin/route -T ${N1} exec ${PYTHON}icmp6_hop_max.py N1
+ ${SUDO} /sbin/route -T ${N2} exec ${PYTHON}icmp6_hop_max.py N2
+
REGRESS_TARGETS += run-icmp-ra
run-icmp-ra: stamp-bpf
${SUDO} /sbin/route -T ${N1} exec ${PYTHON}icmp_ra.py N1
@@ -281,11 +291,13 @@ run-bpf-opts: stamp-stop
# Check that icmp packet with options were blocked
grep ' 127.0.0.${N2}:.* optlen=4 NOP NOP NOP NOP)' pflog0.tcpdump
grep ' 127.0.0.${N2}:.* optlen=4 NOP EOL-2)' pflog0.tcpdump
+ grep ' 127.0.0.${N2}:.* optlen=40 NOP ' pflog0.tcpdump
grep ' 127.0.0.${N2}:.* optlen=8 NOP IPOPT-148{4} NOP ' pflog0.tcpdump
grep ' 127.0.0.${N2}:.* optlen=4 IPOPT-3{4})' pflog0.tcpdump
- grep ' fe80::${N2}: HBH icmp6' pflog0.tcpdump
- grep ' fe80::${N2}: HBH (rtalert: 0x0000) icmp6' pflog0.tcpdump
- grep ' fe80::${N2}: HBH (type 0x03: len=0) icmp6' pflog0.tcpdump
+ grep ' fe80::${N2}: HBH icmp6:.* (len 28,' pflog0.tcpdump
+ grep ' fe80::${N2}: HBH icmp6:.* (len 284,' pflog0.tcpdump
+ grep ' fe80::${N2}: HBH (rtalert: 0x0000) icmp6:' pflog0.tcpdump
+ grep ' fe80::${N2}: HBH (type 0x03: len=0) icmp6:' pflog0.tcpdump
! grep '127.0.0.${N1}' pflog0.tcpdump
! grep 'fe80::${N1}' pflog0.tcpdump
diff --git a/regress/sys/net/pf_opts/icmp6_hop_max.py b/regress/sys/net/pf_opts/icmp6_hop_max.py
new file mode 100644
index 00000000000..9ebed74e3d0
--- /dev/null
+++ b/regress/sys/net/pf_opts/icmp6_hop_max.py
@@ -0,0 +1,29 @@
+#!/usr/local/bin/python3
+
+print("send icmp6 with hop by hop header with maxium padding")
+
+import os
+import sys
+from struct import pack
+from addr import *
+from scapy.all import *
+
+if len(sys.argv) != 2:
+ print("usage: icmp6_hop_max.py Nn")
+ exit(2)
+
+N=sys.argv[1]
+IF=eval("IF_"+N);
+ADDR6=eval("ADDR6_"+N);
+
+pid=os.getpid()
+eid=pid & 0xffff
+payload=b"ABCDEFGHIJKLMNOP"
+packet=IPv6(src=ADDR6, dst=ADDR6)/ \
+ IPv6ExtHdrHopByHop(options=[PadN(optdata=255*b"\x11")])/ \
+ ICMPv6Unknown(type=6, code=0, msgbody=payload)
+
+# send does not work for some reason, add the bpf loopback layer manually
+#send(packet)
+bpf=pack('!I', 24) + bytes(packet)
+sendp(bpf, iface=IF)
diff --git a/regress/sys/net/pf_opts/icmp6_hop_pad.py b/regress/sys/net/pf_opts/icmp6_hop_pad.py
index 4e996ca53a8..0629a284883 100644
--- a/regress/sys/net/pf_opts/icmp6_hop_pad.py
+++ b/regress/sys/net/pf_opts/icmp6_hop_pad.py
@@ -20,7 +20,7 @@ pid=os.getpid()
eid=pid & 0xffff
payload=b"ABCDEFGHIJKLMNOP"
packet=IPv6(src=ADDR6, dst=ADDR6)/ \
- IPv6ExtHdrHopByHop(options=[Pad1(),PadN(optlen=2),Pad1()])/ \
+ IPv6ExtHdrHopByHop(options=[Pad1(),PadN(optdata=b"\x11\x22"),Pad1()])/ \
ICMPv6Unknown(type=6, code=0, msgbody=payload)
# send does not work for some reason, add the bpf loopback layer manually
diff --git a/regress/sys/net/pf_opts/icmp6_hop_ra.py b/regress/sys/net/pf_opts/icmp6_hop_ra.py
index 43b03e2458c..04027e2964a 100644
--- a/regress/sys/net/pf_opts/icmp6_hop_ra.py
+++ b/regress/sys/net/pf_opts/icmp6_hop_ra.py
@@ -20,7 +20,8 @@ pid=os.getpid()
eid=pid & 0xffff
payload=b"ABCDEFGHIJKLMNOP"
packet=IPv6(src=ADDR6, dst=ADDR6)/ \
- IPv6ExtHdrHopByHop(options=[Pad1(),Pad1(),RouterAlert(),PadN(optlen=6)])/ \
+ IPv6ExtHdrHopByHop(options=[Pad1(),Pad1(),RouterAlert(),\
+ PadN(optdata=b"\x11\x22\x33\x44\x55\x66")])/ \
ICMPv6Unknown(type=6, code=0, msgbody=payload)
# send does not work for some reason, add the bpf loopback layer manually
diff --git a/regress/sys/net/pf_opts/icmp_max.py b/regress/sys/net/pf_opts/icmp_max.py
new file mode 100644
index 00000000000..8c5aaee338f
--- /dev/null
+++ b/regress/sys/net/pf_opts/icmp_max.py
@@ -0,0 +1,24 @@
+#!/usr/local/bin/python3
+
+print("send icmp with maximum length option")
+
+import os
+import sys
+from addr import *
+from scapy.all import *
+
+if len(sys.argv) != 2:
+ print("usage: icmp_max.py Nn")
+ exit(2)
+
+N=sys.argv[1]
+IF=eval("IF_"+N);
+ADDR=eval("ADDR_"+N);
+
+pid=os.getpid()
+eid=pid & 0xffff
+payload=b"ABCDEFGHIJKLMNOP"
+packet=IP(src=ADDR, dst=ADDR, options=40*b"\001")/ \
+ ICMP(type=6, id=eid)/payload
+
+send(packet, iface=IF)