[Owasp-proxy] Defragmenting tcp packets

Rogan Dawes rogan at dawes.za.net
Sun Apr 3 16:27:54 EDT 2011


On 2011/04/03 10:12 PM, Martin Holst Swende wrote:
> Hi Rogan et al,
> 
> Some time ago we discussed defragmentation of intercepted tcp packets.
> Just wanted to make a 'ping' about this proposed patched version of
> run() for the RelayInterceptor. It would be really nice to get it in
> there, so I can use a 'vanilla' version of owasp-proxy instead of a
> patched one.
> Regards,
> Martin Swende
> 

> Alternative diff-version:
> ---------------------------------
> 
> --- a/src/main/java/org/owasp/proxy/tcp/RelayInterceptor.java
> +++ b/src/main/java/org/owasp/proxy/tcp/RelayInterceptor.java
> @@ -1,5 +1,6 @@
>  package org.owasp.proxy.tcp;
>  
> +import java.io.ByteArrayOutputStream;
>  import java.io.IOException;
>  import java.io.InputStream;
>  import java.io.OutputStream;
> @@ -36,10 +37,30 @@ class RelayInterceptor<C, S> extends Thread
> implements Strea
>  
>         public void run() {
>                 try {
> -                       byte[] buff = new byte[4096];
> +                       ByteArrayOutputStream baos = new
> ByteArrayOutputStream(4
> +                       byte[] readBuffer = new byte[4096];
> +                       byte[] finalBuffer;
>                         int got;
> -                       while ((got = in.read(buff)) > -1 && !done) {
> -                               interceptor.received(this, buff, 0, got);
> +                       while ((got = in.read(readBuffer)) > -1 && !done) {
> +                               baos.write(readBuffer,0,got);
> +                               try {
> +                                       Thread.sleep(5);
> +                               } catch (InterruptedException e) {
> +                                       e.printStackTrace();
> +                               }

Have you tried it without the sleep(5)?

What happens?

It seems to me that if there are bytes available, it must be because
they arrived in the same packet as the one we just read from. In which
case, in.available() should return > 0 immediately, and if it doesn't,
then the data was not sent in the same packet, and should not be
defragmented.

Similarly, perhaps we should note the value of available, and simply
read that many bytes from the stream, regardless of how many bytes
become available later.

i.e.

while ((got = in.read(readBuffer)) > -1 && !done) {
    baos.write(readBuffer,0,got);
    int a = in.available();
    while (a > 0) {
        got = in.read(readBuffer, 0, Math.min(readBuffer.length,a));
        baos.write(readBuffer,0,got);
        a = a - got;
    }
    interceptor.received(this, baos.toByteArray());
    baos.reset();
}

What do you think?

Rogan


More information about the Owasp-proxy-project mailing list