-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tolerate malformed server_name TLS extensions #4001
base: master
Are you sure you want to change the base?
Conversation
The servernames packet list field can contain "Raw" instances when server_name extenstions are malformed. The "i2repr" method doesn't expect that and ends up throwing exceptions when it can't find the "servername" attribute. This patch addresses that by removing the ServerListField class and relying on PacketListField doing the right thing. Another option would be to use something like ``` [getattr(p, "servername", p) for p in x] ``` in the "ServerListField.i2repr" method but I think full server names along with their types and lengths are more helpful. Fixes: ``` File "scapy/packet.py", line 563, in __repr__ val = f.i2repr(self, fval) ^^^^^^^^^^^^^^^^^^^^ File "scapy/layers/tls/extensions.py", line 180, in i2repr res = [p.servername for p in x] ^^^^^^^^^^^^^^^^^^^^^^^^^ File "scapy/layers/tls/extensions.py", line 180, in <listcomp> res = [p.servername for p in x] ^^^^^^^^^^^^ File "scapy/packet.py", line 467, in __getattr__ return self.payload.__getattr__(attr) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "scapy/packet.py", line 465, in __getattr__ fld, v = self.getfield_and_val(attr) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "scapy/packet.py", line 1788, in getfield_and_val raise AttributeError(attr) AttributeError: servername ```
Codecov Report
@@ Coverage Diff @@
## master #4001 +/- ##
==========================================
- Coverage 81.93% 81.92% -0.01%
==========================================
Files 328 328
Lines 75404 75400 -4
==========================================
- Hits 61783 61773 -10
- Misses 13621 13627 +6
|
@@ -175,12 +175,6 @@ def guess_payload_class(self, p): | |||
return Padding | |||
|
|||
|
|||
class ServerListField(PacketListField): | |||
def i2repr(self, pkt, x): | |||
res = [p.servername for p in x] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Something like res = [getattr(p, "servername", p) for p in x]
should work too (and it would be more in line with the other extensions). Looking at its base class it seems the idea is to always show names only:
the final field is showed as a 1-line list rather than as lots of packets
|
The servernames packet list field can contain "Raw" instances when server_name extenstions are malformed. The "i2repr" method doesn't expect that and ends up throwing exceptions when it can't find the "servername" attribute. This patch addresses that by removing the ServerListField class and relying on PacketListField doing the right thing. Another option would be to use something like
in the "ServerListField.i2repr" method but I think full server names along with their types and lengths are more helpful.
Fixes: