search

warjiang / dpkt

Automatically exported from code.google.com/p/dpkt
Other
0 stars 0 forks source link

BGP (v4) Open typed packet failing to parse. #91

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Packet received was:

\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x00'\x01\x04\xf
d\xe8\x00\xb4\xc0\xa8\x02\x01\n\x02\x08\x01\x04\x00\x01\x00\x01\x02\x00

call dpkt.bgp.BGP(buf)

Raises exception:

Traceback (most recent call last):
  File "bgp_dump.py", line 11, in <module>
    p = bgp.BGP(data)
  File "/usr/local/lib/python2.7/site-packages/dpkt/dpkt.py", line 75, in __init__
    self.unpack(args[0])
  File "/usr/local/lib/python2.7/site-packages/dpkt/bgp.py", line 130, in unpack
    self.data = self.open = self.Open(self.data)
  File "/usr/local/lib/python2.7/site-packages/dpkt/dpkt.py", line 75, in __init__
    self.unpack(args[0])
  File "/usr/local/lib/python2.7/site-packages/dpkt/bgp.py", line 157, in unpack
    param = self.Parameter(self.data)
  File "/usr/local/lib/python2.7/site-packages/dpkt/dpkt.py", line 75, in __init__
    self.unpack(args[0])
  File "/usr/local/lib/python2.7/site-packages/dpkt/bgp.py", line 188, in unpack
    self.data = self.capability = self.Capability(self.data)
  File "/usr/local/lib/python2.7/site-packages/dpkt/dpkt.py", line 78, in __init__
    raise NeedData
dpkt.dpkt.NeedData

What is the expected output? What do you see instead?
The expected output is that the packet is parsed, with the ROUTE REFRESH 
capability enabled.

What version of the product are you using? On what operating system?
# $Id: bgp.py 52 2008-08-25 22:22:34Z jon.oberheide $

On Ubuntu, but I don't think it's a platform dependent issue.

Please provide any additional information below.

I believe the cause to be is if the packet contains a zero-length capabilities 
(route refresh), the resulting data is 0, but it tries to unpack it anyways, 
causing the exception.

According to the RFC (http://tools.ietf.org/html/rfc2918) the zero-length 
capabilities is expected.  

A solution I came up with was to check if self.data is length 0, and if so, 
return before calling unpack.  Added this to line 183 in bgp.py:

                if len(self.data) == 0:
                    return

Original issue reported on code.google.com by Mawr...@gmail.com on 22 Jun 2012 at 3:38