diff --git a/lua/zapret-lib.lua b/lua/zapret-lib.lua index d6f334f..03834a6 100644 --- a/lua/zapret-lib.lua +++ b/lua/zapret-lib.lua @@ -628,7 +628,7 @@ end -- find first tcp options of specified kind in dissect.tcp.options function find_tcp_option(options, kind) if options then - for i, opt in pairs(options) do + for i, opt in ipairs(options) do if opt.kind==kind then return i end end end @@ -638,7 +638,7 @@ end -- find first ipv6 extension header of specified protocol in dissect.ip6.exthdr function find_ip6_exthdr(exthdr, proto) if exthdr then - for i, hdr in pairs(exthdr) do + for i, hdr in ipairs(exthdr) do if hdr.type==proto then return i end end end @@ -1052,7 +1052,7 @@ function rawsend_dissect_ipfrag(dis, options) if not rawsend_dissect(fragments[i], options.rawsend, reconstruct_frag) then return false end end else - for i, d in pairs(fragments) do + for i, d in ipairs(fragments) do DLOG("sending ip fragment "..i) -- C function if not rawsend_dissect(d, options.rawsend, reconstruct_frag) then return false end diff --git a/nfq2/darkmagic.c b/nfq2/darkmagic.c index 8e13001..5727641 100644 --- a/nfq2/darkmagic.c +++ b/nfq2/darkmagic.c @@ -339,8 +339,7 @@ void proto_skip_udp(const uint8_t **data, size_t *len) bool proto_check_ipv6(const uint8_t *data, size_t len) { - return len >= sizeof(struct ip6_hdr) && (data[0] & 0xF0) == 0x60 && - (len - sizeof(struct ip6_hdr)) >= ntohs(((struct ip6_hdr*)data)->ip6_ctlun.ip6_un1.ip6_un1_plen); + return len >= sizeof(struct ip6_hdr) && (data[0] & 0xF0) == 0x60; } // move to transport protocol // proto_type = 0 => error diff --git a/nfq2/lua.c b/nfq2/lua.c index 6215046..35aee64 100644 --- a/nfq2/lua.c +++ b/nfq2/lua.c @@ -71,16 +71,20 @@ static int luacall_bitlshift(lua_State *L) { lua_check_argc(L,"bitlshift",2); int64_t v=(int64_t)luaL_checklint(L,1); - if (v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); - lua_pushlint(L,(((uint64_t)v) << luaL_checkinteger(L,2)) & 0xFFFFFFFFFFFF); + lua_Integer shift = luaL_checkinteger(L,2); + if (shift>48 || shift<0 || v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); + uint64_t u = v & 0xFFFFFFFFFFFF; + lua_pushlint(L,(u << shift) & 0xFFFFFFFFFFFF); return 1; } static int luacall_bitrshift(lua_State *L) { lua_check_argc(L,"bitrshift",2); int64_t v=(int64_t)luaL_checklint(L,1); - if (v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); - lua_pushlint(L,((uint64_t)v) >> luaL_checkinteger(L,2)); + lua_Integer shift = luaL_checkinteger(L,2); + if (shift>48 || shift<0 || v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); + uint64_t u = v & 0xFFFFFFFFFFFF; + lua_pushlint(L,u >> shift); return 1; } static int luacall_bitand(lua_State *L) @@ -93,7 +97,7 @@ static int luacall_bitand(lua_State *L) { v=(int64_t)luaL_checklint(L,i); if (v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); - sum&=(uint64_t)v; + sum &= (uint64_t)v; } lua_pushlint(L,sum); return 1; @@ -108,7 +112,22 @@ static int luacall_bitor(lua_State *L) { v=(int64_t)luaL_checklint(L,i); if (v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); - sum|=(uint64_t)v; + sum |= (uint64_t)(v & 0xFFFFFFFFFFFF); + } + lua_pushlint(L,sum); + return 1; +} +static int luacall_bitxor(lua_State *L) +{ + lua_check_argc_range(L,"bitxor",1,100); + int argc = lua_gettop(L); + int64_t v; + uint64_t sum=0; + for(int i=1;i<=argc;i++) + { + v=(int64_t)luaL_checklint(L,i); + if (v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); + sum ^= (uint64_t)(v & 0xFFFFFFFFFFFF); } lua_pushlint(L,sum); return 1; @@ -146,21 +165,6 @@ static int luacall_bitnot48(lua_State *L) lua_check_argc(L,"bitnot48",1); return lua_bitnotx(L, 0xFFFFFFFFFFFF); } -static int luacall_bitxor(lua_State *L) -{ - lua_check_argc_range(L,"bitxor",1,100); - int argc = lua_gettop(L); - int64_t v; - uint64_t sum=0; - for(int i=1;i<=argc;i++) - { - v=(int64_t)luaL_checklint(L,i); - if (v>0xFFFFFFFFFFFF || v<-(int64_t)0xFFFFFFFFFFFF) luaL_error(L, "out of range"); - sum^=(uint64_t)v; - } - lua_pushlint(L,sum); - return 1; -} static int luacall_bitget(lua_State *L) { lua_check_argc(L,"bitget",3); @@ -1599,12 +1603,11 @@ static void lua_reconstruct_extract_options(lua_State *L, int idx, bool *badsum, static bool lua_reconstruct_ip6exthdr(lua_State *L, int idx, struct ip6_hdr *ip6, size_t *len, uint8_t proto, bool preserve_next) { LUA_STACK_GUARD_ENTER(L) - // proto = last header type if (*lenip6_ctlun.ip6_un1.ip6_un1_nxt; - uint8_t filled = sizeof(struct ip6_hdr); + size_t filled = sizeof(struct ip6_hdr); lua_getfield(L,idx,"exthdr"); if (lua_type(L,-1)==LUA_TTABLE) { @@ -2277,7 +2280,7 @@ static int luacall_csum_tcp_fix(lua_State *L) if (proto_check_ipv4(b_ip, l_ip)) ip = (struct ip*)b_ip; - else if (proto_check_ipv6(b_ip, sizeof(struct ip6_hdr) + ntohs(((struct ip6_hdr*)b_ip)->ip6_ctlun.ip6_un1.ip6_un1_plen))) + else if (proto_check_ipv6(b_ip, l_ip)) ip6 = (struct ip6_hdr*)b_ip; else luaL_error(L, "invalid ip header"); @@ -2318,7 +2321,7 @@ static int luacall_csum_udp_fix(lua_State *L) if (proto_check_ipv4(b_ip, l_ip)) ip = (struct ip*)b_ip; - else if (proto_check_ipv6(b_ip, sizeof(struct ip6_hdr) + ntohs(((struct ip6_hdr*)b_ip)->ip6_ctlun.ip6_un1.ip6_un1_plen))) + else if (proto_check_ipv6(b_ip, l_ip)) ip6 = (struct ip6_hdr*)b_ip; else luaL_error(L, "invalid ip header"); diff --git a/nfq2/nfqws.c b/nfq2/nfqws.c index 49fd22d..9cdfa87 100644 --- a/nfq2/nfqws.c +++ b/nfq2/nfqws.c @@ -1169,7 +1169,7 @@ static bool parse_ip_list(char *opt, ipset *pp) static bool parse_strlist(char *opt, struct str_list_head *list) { - char *e, *p = optarg; + char *e, *p = opt; while (p) { e = strchr(p, ','); diff --git a/nfq2/protocol.c b/nfq2/protocol.c index 4279837..2464fcb 100644 --- a/nfq2/protocol.c +++ b/nfq2/protocol.c @@ -394,10 +394,11 @@ ssize_t HttpPos(t_marker posmarker, int16_t pos, const uint8_t *data, size_t sz) case PM_HTTP_METHOD: // recognize some tpws pre-applied hacks method=data; - if (sz<10) break; + if (sz<12) break; if (*method=='\n' || *method=='\r') method++; if (*method=='\n' || *method=='\r') method++; - for (p=method,i=0;i<7;i++) if (*p>='A' && *p<='Z') p++; + // max length is PROPPATCH + for (p=method,i=0;i<9;i++) if (*p>='A' && *p<='Z') p++; if (i<3 || *p!=' ') break; return CheckPos(sz,method-data+pos); case PM_HOST: