Endless loop when parsing packets

[mfrlin]

I see issues have been open. Copying my email from the sourceforge mailing list here.

https://github.com/osrg/ryu/blob/master/ryu/lib/packet/packet.py#L76

If rest_data returned is the same size as it was when passed to cls.parse(rest_data) this will loop endlessly because parser does not consume any data.

Real world example: In InPacket message we receive a TCP packet on port 6653 that is NOT OpenFlow or corrupted OF packet. We pass data from InPacket message to packet.Packet(msg.data). Ethernet layer gets parsed correctly, IP layer gets parsed correctly, TCP layer gets parsed correctly but because TCP is on port 6653, OpenFlow parser gets called. But because this is not OF message or message is corrupted, there is a chance that msg_length is 0. OpenFlow parser returns UnparsableMsg and rest_data[msg_length:]. https://github.com/osrg/ryu/blob/master/ryu/lib/packet/openflow.py#L67

Because of this parser enters an endless loop since rest_data is never consumed. This in turn hangs the whole ryu process.

My suggestion is that if rest_data is not consumed the loop must be broken:

try:
    proto, cls, unused_data = cls.parser(rest_data)
    if len(unused_data) == len(rest_data):
        break
    else: 
        rest_data = unused_data
except struct.error:
    break