Tolerate malformed server_name TLS extensions #4001
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The servernames packet list field can contain "Raw" instances when
server_name extenstions are malformed. The "i2repr" method doesn't
expect that and ends up throwing exceptions when it can't find the
"servername" attribute. This patch addresses that by removing the
ServerListField class and relying on PacketListField doing the right
thing. Another option would be to use something like
```
[getattr(p, "servername", p) for p in x]
```
in the "ServerListField.i2repr" method but I think full server names
along with their types and lengths are more helpful.
Fixes:
```
File "scapy/packet.py", line 563, in __repr__
val = f.i2repr(self, fval)
^^^^^^^^^^^^^^^^^^^^
File "scapy/layers/tls/extensions.py", line 180, in i2repr
res = [p.servername for p in x]
^^^^^^^^^^^^^^^^^^^^^^^^^
File "scapy/layers/tls/extensions.py", line 180, in <listcomp>
res = [p.servername for p in x]
^^^^^^^^^^^^
File "scapy/packet.py", line 467, in __getattr__
return self.payload.__getattr__(attr)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "scapy/packet.py", line 465, in __getattr__
fld, v = self.getfield_and_val(attr)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "scapy/packet.py", line 1788, in getfield_and_val
raise AttributeError(attr)
AttributeError: servername
```
Codecov Report
@@ Coverage Diff @@
## master #4001 +/- ##
==========================================
- Coverage 81.93% 81.92% -0.01%
==========================================
Files 328 328
Lines 75404 75400 -4
==========================================
- Hits 61783 61773 -10
- Misses 13621 13627 +6
|
evverx
commented
May 2, 2023
| @@ -175,12 +175,6 @@ def guess_payload_class(self, p): | |||
| return Padding | |||
|
|
|||
|
|
|||
| class ServerListField(PacketListField): | |||
| def i2repr(self, pkt, x): | |||
| res = [p.servername for p in x] | |||
There was a problem hiding this comment.
Something like res = [getattr(p, "servername", p) for p in x] should work too (and it would be more in line with the other extensions). Looking at its base class it seems the idea is to always show names only:
the final field is showed as a 1-line list rather than as lots of packets
|
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The servernames packet list field can contain "Raw" instances when server_name extenstions are malformed. The "i2repr" method doesn't expect that and ends up throwing exceptions when it can't find the "servername" attribute. This patch addresses that by removing the ServerListField class and relying on PacketListField doing the right thing. Another option would be to use something like
in the "ServerListField.i2repr" method but I think full server names along with their types and lengths are more helpful.
Fixes: