Skip to content

Commit

Permalink
Eth decoding: Catch "slice bounds out of range"
Browse files Browse the repository at this point in the history
  • Loading branch information
Oliver Geiselhardt-Herms committed Feb 22, 2022
1 parent 0c2503d commit b7358d9
Showing 1 changed file with 14 additions and 4 deletions.
18 changes: 14 additions & 4 deletions producer/producer_sf.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,16 @@ package producer
import (
"encoding/binary"
"errors"
"fmt"
"net"

"github.com/cloudflare/goflow/v3/decoders/sflow"
flowmessage "github.com/cloudflare/goflow/v3/pb"
log "github.com/sirupsen/logrus"
)

const ethernetHeaderSize = 14

func GetSFlowFlowSamples(packet *sflow.Packet) []interface{} {
flowSamples := make([]interface{}, 0)
for _, sample := range packet.Samples {
Expand Down Expand Up @@ -39,6 +43,9 @@ func ParseSampledHeaderConfig(flowMessage *flowmessage.FlowMessage, sampledHeade
data := (*sampledHeader).HeaderData
switch (*sampledHeader).Protocol {
case 1: // Ethernet
if len(data) < ethernetHeaderSize {
return fmt.Errorf("data shorter than ethernet header (%d<%d bytes)", len(data), ethernetHeaderSize)
}
var hasPPP bool
var pppAddressControl uint16
var hasMPLS bool
Expand All @@ -60,7 +67,7 @@ func ParseSampledHeaderConfig(flowMessage *flowmessage.FlowMessage, sampledHeade
dstIP := net.IP{}
srcIPEncap := net.IP{}
dstIPEncap := net.IP{}
offset := 14
offset := ethernetHeaderSize

var srcMac uint64
var dstMac uint64
Expand Down Expand Up @@ -316,7 +323,7 @@ func SearchSFlowSamples(samples []interface{}) []*flowmessage.FlowMessage {
return SearchSFlowSamples(samples)
}

func SearchSFlowSamplesConfig(samples []interface{}, config *SFlowProducerConfig) []*flowmessage.FlowMessage {
func SearchSFlowSamplesConfig(samples []interface{}, config *SFlowProducerConfig, agent net.IP) []*flowmessage.FlowMessage {
flowMessageSet := make([]*flowmessage.FlowMessage, 0)

for _, flowSample := range samples {
Expand Down Expand Up @@ -346,7 +353,10 @@ func SearchSFlowSamplesConfig(samples []interface{}, config *SFlowProducerConfig
switch recordData := record.Data.(type) {
case sflow.SampledHeader:
flowMessage.Bytes = uint64(recordData.FrameLength)
ParseSampledHeaderConfig(flowMessage, &recordData, config)
err := ParseSampledHeaderConfig(flowMessage, &recordData, config)
if err != nil {
log.Errorf("ParseSampledHeaderConfig failed for %s: %v", agent, err)
}
case sflow.SampledIPv4:
ipSrc = recordData.Base.SrcIP
ipDst = recordData.Base.DstIP
Expand Down Expand Up @@ -407,7 +417,7 @@ func ProcessMessageSFlowConfig(msgDec interface{}, config *SFlowProducerConfig)
agent = packet.AgentIP

flowSamples := GetSFlowFlowSamples(&packet)
flowMessageSet := SearchSFlowSamplesConfig(flowSamples, config)
flowMessageSet := SearchSFlowSamplesConfig(flowSamples, config, agent)
for _, fmsg := range flowMessageSet {
fmsg.SamplerAddress = agent
fmsg.SequenceNum = seqnum
Expand Down

0 comments on commit b7358d9

Please sign in to comment.