From 441537680793e62f594397e504776b9dd684ec4a Mon Sep 17 00:00:00 2001 From: gpotter2 <10530980+gpotter2@users.noreply.github.com> Date: Fri, 6 Sep 2024 23:37:42 +0200 Subject: [PATCH] When not in app mode, tcp_reassemble sub-packets --- scapy/sessions.py | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/scapy/sessions.py b/scapy/sessions.py index 01e005505e5..a02a7fbf55d 100644 --- a/scapy/sessions.py +++ b/scapy/sessions.py @@ -367,11 +367,20 @@ def process(self, metadata.clear() # Check for padding padding = self._strip_padding(packet) - if padding: + while padding: # There is remaining data for the next payload. full_length = data.content_len - len(padding) metadata["relative_seq"] = relative_seq + full_length data.shiftleft(full_length) + # There might be a sub-payload hidden in the padding + sub_packet = tcp_reassemble( + bytes(data), + metadata, + tcp_session + ) + if sub_packet: + packet /= sub_packet + padding = self._strip_padding(sub_packet) else: # No padding (data) left. Clear data.clear() @@ -397,10 +406,15 @@ def recv(self, sock: 'SuperSocket') -> Iterator[Packet]: """ pkt = sock.recv(stop_dissection_after=self.stop_dissection_after) # Now handle TCP reassembly - while pkt is not None: + if self.app: + while pkt is not None: + pkt = self.process(pkt) + if pkt: + yield pkt + # keep calling process as there might be more + pkt = b"" # type: ignore + else: pkt = self.process(pkt) if pkt: yield pkt - # keep calling process as there might be more - pkt = b"" # type: ignore return None