/src/suricata7/rust/src/tftp/tftp.rs

Source
/* Copyright (C) 2017-2021 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
 * Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * version 2 along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301, USA.
 */

// written by Clément Galland <clement.galland@epita.fr>

use std::str;
use std;
use nom7::IResult;
use nom7::combinator::map_res;
use nom7::bytes::streaming::{tag, take_while};
use nom7::number::streaming::be_u8;

use crate::applayer::{AppLayerTxData,AppLayerStateData};

const READREQUEST:  u8 = 1;
const WRITEREQUEST: u8 = 2;
const DATA:         u8 = 3;
const ACK:          u8 = 4;
const ERROR:        u8 = 5;

#[derive(Debug, PartialEq, Eq)]
pub struct TFTPTransaction {
    pub opcode : u8,
    pub filename : String,
    pub mode : String,
    id: u64,
    tx_data: AppLayerTxData,
}

pub struct TFTPState {
    state_data: AppLayerStateData,
    pub transactions : Vec<TFTPTransaction>,
    /// tx counter for assigning incrementing id's to tx's
    tx_id: u64,
}

impl TFTPState {
    fn get_tx_by_id(&mut self, tx_id: u64) -> Option<&TFTPTransaction> {
        self.transactions.iter().find(|&tx| tx.id == tx_id + 1)
    }

    fn free_tx(&mut self, tx_id: u64) {
        let tx = self.transactions.iter().position(|tx| tx.id == tx_id + 1);
        debug_assert!(tx.is_some());
        if let Some(idx) = tx {
            let _ = self.transactions.remove(idx);
        }
    }
}

impl TFTPTransaction {
    pub fn new(opcode : u8, filename : String, mode : String) -> TFTPTransaction {
        TFTPTransaction {
            opcode,
            filename,
            mode : mode.to_lowercase(),
            id : 0,
            tx_data: AppLayerTxData::new(),
        }
    }
    pub fn is_mode_ok(&self) -> bool {
        match self.mode.as_str() {
            "netascii" | "mail" | "octet" => true,
            _ => false
        }
    }
    pub fn is_opcode_ok(&self) -> bool {
        match self.opcode {
            READREQUEST | WRITEREQUEST | ACK | DATA | ERROR => true,
            _ => false
        }
    }
}

#[no_mangle]
pub extern "C" fn rs_tftp_state_alloc() -> *mut std::os::raw::c_void {
    let state = TFTPState { state_data: AppLayerStateData::new(), transactions : Vec::new(), tx_id: 0, };
    let boxed = Box::new(state);
    return Box::into_raw(boxed) as *mut _;
}

#[no_mangle]
pub extern "C" fn rs_tftp_state_free(state: *mut std::os::raw::c_void) {
    std::mem::drop(unsafe { Box::from_raw(state as *mut TFTPState) });
}

#[no_mangle]
pub extern "C" fn rs_tftp_state_tx_free(state: &mut TFTPState,
                                        tx_id: u64) {
    state.free_tx(tx_id);
}

#[no_mangle]
pub extern "C" fn rs_tftp_get_tx(state: &mut TFTPState,
                                    tx_id: u64) -> *mut std::os::raw::c_void {
    match state.get_tx_by_id(tx_id) {
        Some(tx) => tx as *const _ as *mut _,
        None     => std::ptr::null_mut(),
    }
}

#[no_mangle]
pub extern "C" fn rs_tftp_get_tx_cnt(state: &mut TFTPState) -> u64 {
    return state.tx_id;
}

fn getstr(i: &[u8]) -> IResult<&[u8], &str> {
    map_res(
        take_while(|c| c != 0),
        str::from_utf8
    )(i)
}

fn tftp_request(slice: &[u8]) -> IResult<&[u8], TFTPTransaction> {
    let (i, _) = tag([0])(slice)?;
    let (i, opcode) = be_u8(i)?;
    let (i, filename) = getstr(i)?;
    let (i, _) = tag([0])(i)?;
    let (i, mode) = getstr(i)?;
    Ok((i,
        TFTPTransaction::new(opcode, String::from(filename), String::from(mode))
       )
      )
}

fn parse_tftp_request(input: &[u8]) -> Option<TFTPTransaction> {
    match tftp_request(input) {
        Ok((_, tx)) => {
            if !tx.is_mode_ok() {
                return None;
            }
            if !tx.is_opcode_ok() {
                return None;
            }
            return Some(tx);
        }
        Err(_) => {
            return None;
        }
    }
}

#[no_mangle]
pub unsafe extern "C" fn rs_tftp_request(state: &mut TFTPState,
                                  input: *const u8,
                                  len: u32) -> i64 {
    let buf = std::slice::from_raw_parts(input, len as usize);
    match parse_tftp_request(buf) {
        Some(mut tx) => {
            state.tx_id += 1;
            tx.id = state.tx_id;
            state.transactions.push(tx);
            0
        },
        None => {
           -1
        }
    }
}

#[no_mangle]
pub unsafe extern "C" fn rs_tftp_get_tx_data(
    tx: *mut std::os::raw::c_void)
    -> *mut AppLayerTxData
{
    let tx = cast_pointer!(tx, TFTPTransaction);
    return &mut tx.tx_data;
}

#[no_mangle]
pub unsafe extern "C" fn rs_tftp_get_state_data(
    state: *mut std::os::raw::c_void)
    -> *mut AppLayerStateData
{
    let state = cast_pointer!(state, TFTPState);
    return &mut state.state_data;
}

#[cfg(test)]
mod test {
    use super::*;
    static READ_REQUEST: [u8; 20] = [
            0x00, 0x01, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x00, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
    ];
    /* filename not terminated */
    static READ_REQUEST_INVALID_1: [u8; 20] = [
            0x00, 0x01, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x6e, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
    ];
    /* garbage */
    static READ_REQUEST_INVALID_2: [u8; 3] = [
            0xff, 0xff, 0xff,
    ];
    static WRITE_REQUEST: [u8; 20] = [
            0x00, 0x02, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x00, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
    ];
    /* filename not terminated */
    static INVALID_OPCODE: [u8; 20] = [
            0x00, 0x06, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x6e, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
    ];
    static INVALID_MODE: [u8; 20] = [
            0x00, 0x01, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x00, 0x63, 0x63, 0x63, 0x63, 0x63, 0x00,
    ];

    #[test]
    pub fn test_parse_tftp_read_request_1() {
        let tx = TFTPTransaction {
            opcode: READREQUEST,
            filename: String::from("rfc1350.txt"),
            mode: String::from("octet"),
            id: 0,
            tx_data: AppLayerTxData::new(),
        };

        let txp = parse_tftp_request(&READ_REQUEST[..]).unwrap();
        assert_eq!(tx, txp);
    }

    #[test]
    pub fn test_parse_tftp_write_request_1() {
        let tx = TFTPTransaction {
            opcode: WRITEREQUEST,
            filename: String::from("rfc1350.txt"),
            mode: String::from("octet"),
            id: 0,
            tx_data: AppLayerTxData::new(),
        };

        let txp = parse_tftp_request(&WRITE_REQUEST[..]).unwrap();
        assert_eq!(tx, txp);
    }

    // Invalid request: filename not terminated
    #[test]
    pub fn test_parse_tftp_read_request_2() {
        assert_eq!(None, parse_tftp_request(&READ_REQUEST_INVALID_1[..]));
    }

    // Invalid request: garbage input
    #[test]
    pub fn test_parse_tftp_read_request_3() {
        assert_eq!(None, parse_tftp_request(&READ_REQUEST_INVALID_2[..]));
    }

    #[test]
    pub fn test_parse_tftp_invalid_opcode_1() {
        assert_eq!(None, parse_tftp_request(&INVALID_OPCODE[..]));
    }

    #[test]
    pub fn test_parse_tftp_invalid_mode() {

        assert_eq!(None, parse_tftp_request(&INVALID_MODE[..]));
    }
}

Coverage Report

Created: 2026-06-07 07:05

Line	Count	Source
1		/* Copyright (C) 2017-2021 Open Information Security Foundation
2		*
3		* You can copy, redistribute or modify this Program under the terms of
4		* the GNU General Public License version 2 as published by the Free
5		* Software Foundation.
6		*
7		* This program is distributed in the hope that it will be useful,
8		* but WITHOUT ANY WARRANTY; without even the implied warranty of
9		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10		* GNU General Public License for more details.
11		*
12		* You should have received a copy of the GNU General Public License
13		* version 2 along with this program; if not, write to the Free Software
14		* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15		* 02110-1301, USA.
16		*/
17
18		// written by Clément Galland <clement.galland@epita.fr>
19
20		use std::str;
21		use std;
22		use nom7::IResult;
23		use nom7::combinator::map_res;
24		use nom7::bytes::streaming::{tag, take_while};
25		use nom7::number::streaming::be_u8;
26
27		use crate::applayer::{AppLayerTxData,AppLayerStateData};
28
29		const READREQUEST: u8 = 1;
30		const WRITEREQUEST: u8 = 2;
31		const DATA: u8 = 3;
32		const ACK: u8 = 4;
33		const ERROR: u8 = 5;
34
35		#[derive(Debug, PartialEq, Eq)]
36		pub struct TFTPTransaction {
37		pub opcode : u8,
38		pub filename : String,
39		pub mode : String,
40		id: u64,
41		tx_data: AppLayerTxData,
42		}
43
44		pub struct TFTPState {
45		state_data: AppLayerStateData,
46		pub transactions : Vec<TFTPTransaction>,
47		/// tx counter for assigning incrementing id's to tx's
48		tx_id: u64,
49		}
50
51		impl TFTPState {
52	497k	fn get_tx_by_id(&mut self, tx_id: u64) -> Option<&TFTPTransaction> {
53	602k	self.transactions.iter().find(\|&tx\| tx.id == tx_id + 1)
54	497k	}
55
56	491k	fn free_tx(&mut self, tx_id: u64) {
57	491k	let tx = self.transactions.iter().position(\|tx\| tx.id == tx_id + 1);
58	491k	debug_assert!(tx.is_some());
59	491k	if let Some(idx) = tx {
60	491k	let _ = self.transactions.remove(idx);
61	491k	}
62	491k	}
63		}
64
65		impl TFTPTransaction {
66	494k	pub fn new(opcode : u8, filename : String, mode : String) -> TFTPTransaction {
67	494k	TFTPTransaction {
68	494k	opcode,
69	494k	filename,
70	494k	mode : mode.to_lowercase(),
71	494k	id : 0,
72	494k	tx_data: AppLayerTxData::new(),
73	494k	}
74	494k	}
75	494k	pub fn is_mode_ok(&self) -> bool {
76	494k	match self.mode.as_str() {
77	494k	"netascii" \| "mail" \| "octet" => true,
78	2.28k	_ => false
79		}
80	494k	}
81	492k	pub fn is_opcode_ok(&self) -> bool {
82	492k	match self.opcode {
83	492k	READREQUEST \| WRITEREQUEST \| ACK \| DATA \| ERROR => true,
84	21	_ => false
85		}
86	492k	}
87		}
88
89		#[no_mangle]
90	697	pub extern "C" fn rs_tftp_state_alloc() -> *mut std::os::raw::c_void {
91	697	let state = TFTPState { state_data: AppLayerStateData::new(), transactions : Vec::new(), tx_id: 0, };
92	697	let boxed = Box::new(state);
93	697	return Box::into_raw(boxed) as *mut _;
94	697	}
95
96		#[no_mangle]
97	697	pub extern "C" fn rs_tftp_state_free(state: *mut std::os::raw::c_void) {
98	697	std::mem::drop(unsafe { Box::from_raw(state as *mut TFTPState) });
99	697	}
100
101		#[no_mangle]
102	491k	pub extern "C" fn rs_tftp_state_tx_free(state: &mut TFTPState,
103	491k	tx_id: u64) {
104	491k	state.free_tx(tx_id);
105	491k	}
106
107		#[no_mangle]
108	497k	pub extern "C" fn rs_tftp_get_tx(state: &mut TFTPState,
109	497k	tx_id: u64) -> *mut std::os::raw::c_void {
110	497k	match state.get_tx_by_id(tx_id) {
111	497k	Some(tx) => tx as const _ as mut _,
112	0	None => std::ptr::null_mut(),
113		}
114	497k	}
115
116		#[no_mangle]
117	1.57M	pub extern "C" fn rs_tftp_get_tx_cnt(state: &mut TFTPState) -> u64 {
118	1.57M	return state.tx_id;
119	1.57M	}
120
121	991k	fn getstr(i: &[u8]) -> IResult<&[u8], &str> {
122	991k	map_res(
123	9.72M	take_while(\|c\| c != 0),
124		str::from_utf8
125	991k	)(i)
126	991k	}
127
128	495k	fn tftp_request(slice: &[u8]) -> IResult<&[u8], TFTPTransaction> {
129	495k	let (i, _) = tag([0])(slice)?;
130	495k	let (i, opcode) = be_u8(i)?;
131	495k	let (i, filename) = getstr(i)?;
132	495k	let (i, _) = tag([0])(i)?;
133	495k	let (i, mode) = getstr(i)?;
134	494k	Ok((i,
135	494k	TFTPTransaction::new(opcode, String::from(filename), String::from(mode))
136	494k	)
137	494k	)
138	495k	}
139
140	495k	fn parse_tftp_request(input: &[u8]) -> Option<TFTPTransaction> {
141	495k	match tftp_request(input) {
142	494k	Ok((_, tx)) => {
143	494k	if !tx.is_mode_ok() {
144	2.28k	return None;
145	492k	}
146	492k	if !tx.is_opcode_ok() {
147	21	return None;
148	492k	}
149	492k	return Some(tx);
150		}
151		Err(_) => {
152	1.06k	return None;
153		}
154		}
155	495k	}
156
157		#[no_mangle]
158	495k	pub unsafe extern "C" fn rs_tftp_request(state: &mut TFTPState,
159	495k	input: *const u8,
160	495k	len: u32) -> i64 {
161	495k	let buf = std::slice::from_raw_parts(input, len as usize);
162	495k	match parse_tftp_request(buf) {
163	492k	Some(mut tx) => {
164	492k	state.tx_id += 1;
165	492k	tx.id = state.tx_id;
166	492k	state.transactions.push(tx);
167	492k	0
168		},
169		None => {
170	3.36k	-1
171		}
172		}
173	495k	}
174
175		#[no_mangle]
176	498k	pub unsafe extern "C" fn rs_tftp_get_tx_data(
177	498k	tx: *mut std::os::raw::c_void)
178	498k	-> *mut AppLayerTxData
179		{
180	498k	let tx = cast_pointer!(tx, TFTPTransaction);
181	498k	return &mut tx.tx_data;
182	498k	}
183
184		#[no_mangle]
185	171	pub unsafe extern "C" fn rs_tftp_get_state_data(
186	171	state: *mut std::os::raw::c_void)
187	171	-> *mut AppLayerStateData
188		{
189	171	let state = cast_pointer!(state, TFTPState);
190	171	return &mut state.state_data;
191	171	}
192
193		#[cfg(test)]
194		mod test {
195		use super::*;
196		static READ_REQUEST: [u8; 20] = [
197		0x00, 0x01, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x00, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
198		];
199		/* filename not terminated */
200		static READ_REQUEST_INVALID_1: [u8; 20] = [
201		0x00, 0x01, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x6e, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
202		];
203		/* garbage */
204		static READ_REQUEST_INVALID_2: [u8; 3] = [
205		0xff, 0xff, 0xff,
206		];
207		static WRITE_REQUEST: [u8; 20] = [
208		0x00, 0x02, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x00, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
209		];
210		/* filename not terminated */
211		static INVALID_OPCODE: [u8; 20] = [
212		0x00, 0x06, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x6e, 0x6f, 0x63, 0x74, 0x65, 0x74, 0x00,
213		];
214		static INVALID_MODE: [u8; 20] = [
215		0x00, 0x01, 0x72, 0x66, 0x63, 0x31, 0x33, 0x35, 0x30, 0x2e, 0x74, 0x78, 0x74, 0x00, 0x63, 0x63, 0x63, 0x63, 0x63, 0x00,
216		];
217
218		#[test]
219		pub fn test_parse_tftp_read_request_1() {
220		let tx = TFTPTransaction {
221		opcode: READREQUEST,
222		filename: String::from("rfc1350.txt"),
223		mode: String::from("octet"),
224		id: 0,
225		tx_data: AppLayerTxData::new(),
226		};
227
228		let txp = parse_tftp_request(&READ_REQUEST[..]).unwrap();
229		assert_eq!(tx, txp);
230		}
231
232		#[test]
233		pub fn test_parse_tftp_write_request_1() {
234		let tx = TFTPTransaction {
235		opcode: WRITEREQUEST,
236		filename: String::from("rfc1350.txt"),
237		mode: String::from("octet"),
238		id: 0,
239		tx_data: AppLayerTxData::new(),
240		};
241
242		let txp = parse_tftp_request(&WRITE_REQUEST[..]).unwrap();
243		assert_eq!(tx, txp);
244		}
245
246		// Invalid request: filename not terminated
247		#[test]
248		pub fn test_parse_tftp_read_request_2() {
249		assert_eq!(None, parse_tftp_request(&READ_REQUEST_INVALID_1[..]));
250		}
251
252		// Invalid request: garbage input
253		#[test]
254		pub fn test_parse_tftp_read_request_3() {
255		assert_eq!(None, parse_tftp_request(&READ_REQUEST_INVALID_2[..]));
256		}
257
258		#[test]
259		pub fn test_parse_tftp_invalid_opcode_1() {
260		assert_eq!(None, parse_tftp_request(&INVALID_OPCODE[..]));
261		}
262
263		#[test]
264		pub fn test_parse_tftp_invalid_mode() {
265
266		assert_eq!(None, parse_tftp_request(&INVALID_MODE[..]));
267		}
268		}