d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vendor import of tcpdump 4.9.3

Browse Source
This commit is contained in:
Philip Paeps 2019-10-06 04:36:53 +00:00
parent 810711ec13
commit f91036a44a
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor/tcpdump/dist/; revision=353144
207 changed files with 3382 additions and 1909 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
CHANGES
View File

@ -1,3 +1,36 @@
Friday, September 20, 2019, by mcr@sandelman.ca
A huge thank you to Denis, Francois-Xavier and Guy who did much of the heavy lifting.
Summary for 4.9.3 tcpdump release
Fix buffer overflow/overread vulnerabilities:
CVE-2017-16808 (AoE)
CVE-2018-14468 (FrameRelay)
CVE-2018-14469 (IKEv1)
CVE-2018-14470 (BABEL)
CVE-2018-14466 (AFS/RX)
CVE-2018-14461 (LDP)
CVE-2018-14462 (ICMP)
CVE-2018-14465 (RSVP)
CVE-2018-14881 (BGP)
CVE-2018-14464 (LMP)
CVE-2018-14463 (VRRP)
CVE-2018-14467 (BGP)
CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
CVE-2018-14880 (OSPF6)
CVE-2018-16451 (SMB)
CVE-2018-14882 (RPL)
CVE-2018-16227 (802.11)
CVE-2018-16229 (DCCP)
CVE-2018-16301 (was fixed in libpcap)
CVE-2018-16230 (BGP)
CVE-2018-16452 (SMB)
CVE-2018-16300 (BGP)
CVE-2018-16228 (HNCP)
CVE-2019-15166 (LMP)
CVE-2019-15167 (VRRP)
Fix for cmdline argument/local issues:
CVE-2018-14879 (tcpdump -V)
Sunday September 3, 2017 denis@ovsienko.info
Summary for 4.9.2 tcpdump release
Do not use getprotobynumber() for protocol name resolution. Do not do

2
CONTRIBUTING
View File

@ -31,7 +31,7 @@ Please note that if you know exactly how to solve the problem and the solution
would not be too intrusive, it would be best to contribute some development time
and open a pull request instead as discussed below.
Still not sure how to do? Feel free to [subscribe](http://www.tcpdump.org/#mailing-lists)
Still not sure how to do? Feel free to [subscribe](https://www.tcpdump.org/#mailing-lists)
to the mailing list tcpdump-workers@lists.tcpdump.org and ask!

2
INSTALL.txt
View File

@ -63,7 +63,7 @@ config.guess - autoconf support
config.h.in - autoconf input
config.sub - autoconf support
configure - configure script (run this first)
configure.in - configure script source
configure.ac - configure script source
ether.h - Ethernet definitions
ethertype.h - Ethernet type value definitions
extract.h - alignment definitions

4
Makefile-devel-adds
View File

@ -2,12 +2,12 @@
# Auto-regenerate configure script or Makefile when things change.
# From autoconf.info . Works best with GNU Make.
#
${srcdir}/configure: configure.in aclocal.m4
${srcdir}/configure: configure.ac aclocal.m4
cd ${srcdir} && autoconf
# autoheader might not change config.h.in, so touch a stamp file.
${srcdir}/config.h.in: ${srcdir}/stamp-h.in
${srcdir}/stamp-h.in: configure.in aclocal.m4
${srcdir}/stamp-h.in: configure.ac aclocal.m4
cd ${srcdir} && autoheader
echo timestamp > ${srcdir}/stamp-h.in

6
Makefile.in
View File

@ -334,7 +334,7 @@ EXTRA_DIST = \
config.h.in \
config.sub \
configure \
configure.in \
configure.ac \
install-sh \
lbl/os-osf4.h \
lbl/os-solaris2.h \
@ -366,7 +366,7 @@ EXTRA_DIST = \
win32/prj/WinDump.vcproj \
win32/src/ether_ntohost.c
TEST_DIST= `find tests \( -name 'DIFF' -prune \) -o \( -name NEW -prune \) -o -type f \! -name '.*' \! -name '*~' -print`
TEST_DIST= `git ls-files tests | grep -v 'tests/\..*'`
all: $(PROG) $(LIBNETDISSECT)
@ -438,7 +438,7 @@ distclean:
rm -rf autom4te.cache tests/DIFF tests/NEW
check: tcpdump
(cd tests && ./TESTrun.sh)
(mkdir -p tests && SRCDIR=`cd ${srcdir}; pwd` && export SRCDIR && $$SRCDIR/tests/TESTrun.sh )
extags: $(TAGFILES)
ctags $(TAGFILES)

2
Readme.Win32
View File

@ -7,7 +7,7 @@ Software Development Kit (SDK), that contains some necessary includes
for IPv6 support. You can download it from http://www.microsoft.com/sdk
- the WinPcap source code, that includes libpcap for win32. Download it
from http://winpcap.polito.it or download libpcap sources from
http://www.tcpdump.org and follow the instructions in the README.Win32
https://www.tcpdump.org and follow the instructions in the README.Win32
file.
First, extract tcpdump and WinPcap in the same folder, and build WinPcap.

2
VERSION
View File

@ -1 +1 @@
4.9.2
4.9.3

7
addrtoname.c
View File

@ -120,7 +120,7 @@ win32_gethostbyaddr(const char *addr, int len, int type)
hname, sizeof(hname), NULL, 0, 0)) {
return NULL;
} else {
strcpy(host.h_name, hname);
strlcpy(host.h_name, hname, NI_MAXHOST);
return &host;
}
break;
@ -1226,10 +1226,7 @@ dnaddr_string(netdissect_options *ndo, u_short dnaddr)
tp->addr = dnaddr;
tp->nxt = newhnamemem(ndo);
if (ndo->ndo_nflag)
tp->name = dnnum_string(ndo, dnaddr);
else
tp->name = dnname_string(ndo, dnaddr);
tp->name = dnnum_string(ndo, dnaddr);
return(tp->name);
}

685
config.guess vendored
View File

File diff suppressed because it is too large Load Diff

11
config.h.in
View File

@ -1,4 +1,4 @@
/* config.h.in. Generated from configure.in by autoheader. */
/* config.h.in. Generated from configure.ac by autoheader. */
/* define if you want to build the possibly-buggy SMB printer */
#undef ENABLE_SMB
@ -28,9 +28,6 @@
don't. */
#undef HAVE_DECL_ETHER_NTOHOST
/* define if you have the dnet_htoa function */
#undef HAVE_DNET_HTOA
/* Define to 1 if you have the `ether_ntohost' function. */
#undef HAVE_ETHER_NTOHOST
@ -67,12 +64,6 @@
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the <netdnet/dnetdb.h> header file. */
#undef HAVE_NETDNET_DNETDB_H
/* define if you have a dnet_htoa declaration in <netdnet/dnetdb.h> */
#undef HAVE_NETDNET_DNETDB_H_DNET_HTOA
/* Define to 1 if you have the <netinet/ether.h> header file. */
#undef HAVE_NETINET_ETHER_H

1695
config.sub vendored
View File

File diff suppressed because it is too large Load Diff

108
configure vendored
View File

@ -675,6 +675,7 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
@ -755,6 +756,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE}'
@ -1007,6 +1009,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@ -1144,7 +1155,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir
libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@ -1297,6 +1308,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@ -1329,7 +1341,7 @@ Optional Features:
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--disable-universal don't build universal on OS X
--enable-smb enable possibly-buggy SMB printer default=yes
--enable-smb enable possibly-buggy SMB printer default=no
--disable-smb disable possibly-buggy SMB printer
Optional Packages:
@ -4193,7 +4205,7 @@ fi
done
for ac_header in fcntl.h rpc/rpc.h rpc/rpcent.h netdnet/dnetdb.h
for ac_header in fcntl.h rpc/rpc.h rpc/rpcent.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
@ -4492,14 +4504,12 @@ $as_echo_n "checking whether to enable the possibly-buggy SMB printer... " >&6;
if test "${enable_smb+set}" = set; then :
enableval=$enable_smb;
else
enableval=yes
enableval=no
fi
case "$enableval" in
yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: The SMB printer may have exploitable buffer overflows!!!" >&5
$as_echo "$as_me: WARNING: The SMB printer may have exploitable buffer overflows!!!" >&2;}
$as_echo "#define ENABLE_SMB 1" >>confdefs.h
@ -5059,33 +5069,6 @@ if test "$ipv6" = "yes" -a "$ipv6lib" != "none"; then
fi
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dnet_htoa declaration in netdnet/dnetdb.h" >&5
$as_echo_n "checking for dnet_htoa declaration in netdnet/dnetdb.h... " >&6; }
if ${td_cv_decl_netdnet_dnetdb_h_dnet_htoa+:} false; then :
$as_echo_n "(cached) " >&6
else
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
#include <netdnet/dnetdb.h>
_ACEOF
if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
$EGREP "dnet_htoa" >/dev/null 2>&1; then :
td_cv_decl_netdnet_dnetdb_h_dnet_htoa=yes
else
td_cv_decl_netdnet_dnetdb_h_dnet_htoa=no
fi
rm -f conftest*
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $td_cv_decl_netdnet_dnetdb_h_dnet_htoa" >&5
$as_echo "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" >&6; }
if test "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" = yes; then
$as_echo "#define HAVE_NETDNET_DNETDB_H_DNET_HTOA 1" >>confdefs.h
fi
ac_fn_c_check_func "$LINENO" "vfprintf" "ac_cv_func_vfprintf"
if test "x$ac_cv_func_vfprintf" = xyes; then :
$as_echo "#define HAVE_VFPRINTF 1" >>confdefs.h
@ -5293,65 +5276,6 @@ done
;;
esac
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dnet_htoa" >&5
$as_echo_n "checking for library containing dnet_htoa... " >&6; }
if ${ac_cv_search_dnet_htoa+:} false; then :
$as_echo_n "(cached) " >&6
else
ac_func_search_save_LIBS=$LIBS
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char dnet_htoa ();
int
main ()
{
return dnet_htoa ();
;
return 0;
}
_ACEOF
for ac_lib in '' dnet; do
if test -z "$ac_lib"; then
ac_res="none required"
else
ac_res=-l$ac_lib
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
fi
if ac_fn_c_try_link "$LINENO"; then :
ac_cv_search_dnet_htoa=$ac_res
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext
if ${ac_cv_search_dnet_htoa+:} false; then :
break
fi
done
if ${ac_cv_search_dnet_htoa+:} false; then :
else
ac_cv_search_dnet_htoa=no
fi
rm conftest.$ac_ext
LIBS=$ac_func_search_save_LIBS
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dnet_htoa" >&5
$as_echo "$ac_cv_search_dnet_htoa" >&6; }
ac_res=$ac_cv_search_dnet_htoa
if test "$ac_res" != no; then :
test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
$as_echo "#define HAVE_DNET_HTOA 1" >>confdefs.h
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lrpc" >&5
$as_echo_n "checking for main in -lrpc... " >&6; }
if ${ac_cv_lib_rpc_main+:} false; then :

20
configure.in → configure.ac Executable file → Normal file
View File

@ -32,7 +32,7 @@ if test "$ac_cv___attribute__" = "yes"; then
fi
fi
AC_CHECK_HEADERS(fcntl.h rpc/rpc.h rpc/rpcent.h netdnet/dnetdb.h)
AC_CHECK_HEADERS(fcntl.h rpc/rpc.h rpc/rpcent.h)
AC_CHECK_HEADERS(net/pfvar.h, , , [#include <sys/types.h>
#include <sys/socket.h>
#include <net/if.h>])
@ -169,12 +169,11 @@ fi
AC_MSG_CHECKING([whether to enable the possibly-buggy SMB printer])
AC_ARG_ENABLE(smb,
[ --enable-smb enable possibly-buggy SMB printer [default=yes]
[ --enable-smb enable possibly-buggy SMB printer [default=no]
--disable-smb disable possibly-buggy SMB printer],,
enableval=yes)
enableval=no)
case "$enableval" in
yes) AC_MSG_RESULT(yes)
AC_WARN([The SMB printer may have exploitable buffer overflows!!!])
AC_DEFINE(ENABLE_SMB, 1,
[define if you want to build the possibly-buggy SMB printer])
LOCALSRC="print-smb.c smbutil.c $LOCALSRC"
@ -386,16 +385,6 @@ if test "$ipv6" = "yes" -a "$ipv6lib" != "none"; then
fi
fi
AC_CACHE_CHECK([for dnet_htoa declaration in netdnet/dnetdb.h],
[td_cv_decl_netdnet_dnetdb_h_dnet_htoa],
[AC_EGREP_HEADER(dnet_htoa, netdnet/dnetdb.h,
td_cv_decl_netdnet_dnetdb_h_dnet_htoa=yes,
td_cv_decl_netdnet_dnetdb_h_dnet_htoa=no)])
if test "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" = yes; then
AC_DEFINE(HAVE_NETDNET_DNETDB_H_DNET_HTOA, 1,
[define if you have a dnet_htoa declaration in <netdnet/dnetdb.h>])
fi
AC_REPLACE_FUNCS(vfprintf strlcat strlcpy strdup strsep getopt_long)
AC_CHECK_FUNCS(fork vfork strftime)
AC_CHECK_FUNCS(setlinebuf alarm)
@ -409,9 +398,6 @@ fi
AC_LBL_TYPE_SIGNAL
AC_SEARCH_LIBS(dnet_htoa, dnet,
AC_DEFINE(HAVE_DNET_HTOA, 1, [define if you have the dnet_htoa function]))
AC_CHECK_LIB(rpc, main) dnl It's unclear why we might need -lrpc
dnl Some platforms may need -lnsl for getrpcbynumber.

2
netdissect.h
View File

@ -514,6 +514,7 @@ extern void hsrp_print(netdissect_options *, const u_char *, u_int);
extern void http_print(netdissect_options *, const u_char *, u_int);
extern void icmp6_print(netdissect_options *, const u_char *, u_int, const u_char *, int);
extern void icmp_print(netdissect_options *, const u_char *, u_int, const u_char *, int);
extern u_int ieee802_11_radio_print(netdissect_options *, const u_char *, u_int, u_int);
extern void igmp_print(netdissect_options *, const u_char *, u_int);
extern void igrp_print(netdissect_options *, const u_char *, u_int);
extern void ip6_print(netdissect_options *, const u_char *, u_int);
@ -640,7 +641,6 @@ extern int nextproto6_cksum(netdissect_options *, const struct ip6_hdr *, const
extern int mask2plen(uint32_t);
extern int mask62plen(const u_char *);
extern const char *dnname_string(netdissect_options *, u_short);
extern const char *dnnum_string(netdissect_options *, u_short);
extern char *smb_errstr(int, int);

15
print-802_11.c
View File

@ -2058,6 +2058,10 @@ ieee802_11_print(netdissect_options *ndo,
hdrlen = roundup2(hdrlen, 4);
if (ndo->ndo_Hflag && FC_TYPE(fc) == T_DATA &&
DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) {
if (caplen < hdrlen + 1) {
ND_PRINT((ndo, "%s", tstr));
return hdrlen;
}
meshdrlen = extract_mesh_header_length(p+hdrlen);
hdrlen += meshdrlen;
} else
@ -3071,7 +3075,7 @@ print_in_radiotap_namespace(netdissect_options *ndo,
return 0;
}
static u_int
u_int
ieee802_11_radio_print(netdissect_options *ndo,
const u_char *p, u_int length, u_int caplen)
{
@ -3101,6 +3105,15 @@ ieee802_11_radio_print(netdissect_options *ndo,
hdr = (const struct ieee80211_radiotap_header *)p;
len = EXTRACT_LE_16BITS(&hdr->it_len);
if (len < sizeof(*hdr)) {
/*
* The length is the length of the entire header, so
* it must be as large as the fixed-length part of
* the header.
*/
ND_PRINT((ndo, "%s", tstr));
return caplen;
}
/*
* If we don't have the entire radiotap header, just give up.

2
print-aoe.c
View File

@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
goto invalid;
/* addresses */
for (i = 0; i < nmacs; i++) {
ND_TCHECK2(*cp, ETHER_ADDR_LEN);
ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
cp += ETHER_ADDR_LEN;
}
@ -350,6 +351,7 @@ aoev1_print(netdissect_options *ndo,
if (len < AOEV1_COMMON_HDR_LEN)
goto invalid;
/* Flags */
ND_TCHECK2(*cp, 1);
flags = *cp & 0x0F;
ND_PRINT((ndo, ", Flags: [%s]", bittok2str(aoev1_flag_str, "none", flags)));
cp += 1;

4
print-babel.c
View File

@ -352,6 +352,8 @@ babel_print_v2(netdissect_options *ndo,
goto invalid;
bodylen = EXTRACT_16BITS(cp + 2);
ND_PRINT((ndo, " (%u)", bodylen));
if (4U + bodylen > length)
goto invalid;
/* Process the TLVs in the body */
i = 0;
@ -480,7 +482,7 @@ babel_print_v2(netdissect_options *ndo,
case MESSAGE_UPDATE: {
if (!ndo->ndo_vflag) {
ND_PRINT((ndo, " update"));
if(len < 1)
if(len < 10)
ND_PRINT((ndo, "/truncated"));
else
ND_PRINT((ndo, "%s%s%s",

223
print-bfd.c
View File

@ -15,7 +15,10 @@
/* \summary: Bidirectional Forwarding Detection (BFD) printer */
/* specification: RFC 5880 (for version 1) and RFC 5881 */
/*
* specification: draft-ietf-bfd-base-01 for version 0,
* RFC 5880 for version 1, and RFC 5881
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
@ -29,12 +32,12 @@
#include "udp.h"
/*
* Control packet, BFDv0, draft-katz-ward-bfd-01.txt
* Control packet, BFDv0, draft-ietf-bfd-base-01
*
* 0 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* |Vers | Diag |H|D|P|F| Rsvd | Detect Mult | Length |
* |Vers | Diag |H|D|P|F|C|A|Rsv| Detect Mult | Length |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | My Discriminator |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
@ -126,12 +129,6 @@ enum auth_length {
#define BFD_EXTRACT_VERSION(x) (((x)&0xe0)>>5)
#define BFD_EXTRACT_DIAG(x) ((x)&0x1f)
static const struct tok bfd_port_values[] = {
{ BFD_CONTROL_PORT, "Control" },
{ BFD_ECHO_PORT, "Echo" },
{ 0, NULL }
};
static const struct tok bfd_diag_values[] = {
{ 0, "No Diagnostic" },
{ 1, "Control Detection Time Expired" },
@ -145,20 +142,20 @@ static const struct tok bfd_diag_values[] = {
{ 0, NULL }
};
#define BFD_FLAG_AUTH 0x04
static const struct tok bfd_v0_flag_values[] = {
{ 0x80, "I Hear You" },
{ 0x40, "Demand" },
{ 0x20, "Poll" },
{ 0x10, "Final" },
{ 0x08, "Reserved" },
{ 0x04, "Reserved" },
{ 0x08, "Control Plane Independent" },
{ BFD_FLAG_AUTH, "Authentication Present" },
{ 0x02, "Reserved" },
{ 0x01, "Reserved" },
{ 0, NULL }
};
#define BFD_FLAG_AUTH 0x04
static const struct tok bfd_v1_flag_values[] = {
{ 0x20, "Poll" },
{ 0x10, "Final" },
@ -292,106 +289,124 @@ void
bfd_print(netdissect_options *ndo, register const u_char *pptr,
register u_int len, register u_int port)
{
const struct bfd_header_t *bfd_header;
uint8_t version = 0;
bfd_header = (const struct bfd_header_t *)pptr;
if (port == BFD_CONTROL_PORT) {
/*
* Control packet.
*/
const struct bfd_header_t *bfd_header;
uint8_t version_diag;
uint8_t version = 0;
uint8_t flags;
bfd_header = (const struct bfd_header_t *)pptr;
ND_TCHECK(*bfd_header);
version = BFD_EXTRACT_VERSION(bfd_header->version_diag);
version_diag = bfd_header->version_diag;
version = BFD_EXTRACT_VERSION(version_diag);
flags = bfd_header->flags;
switch (version) {
/* BFDv0 */
case 0:
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv0, Control, Flags: [%s], length: %u",
bittok2str(bfd_v0_flag_values, "none", flags),
len));
return;
}
ND_PRINT((ndo, "BFDv0, length: %u\n\tControl, Flags: [%s], Diagnostic: %s (0x%02x)",
len,
bittok2str(bfd_v0_flag_values, "none", flags),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
BFD_EXTRACT_DIAG(version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
if (flags & BFD_FLAG_AUTH) {
if (auth_print(ndo, pptr))
goto trunc;
}
break;
/* BFDv1 */
case 1:
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv1, Control, State %s, Flags: [%s], length: %u",
tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
len));
return;
}
ND_PRINT((ndo, "BFDv1, length: %u\n\tControl, State %s, Flags: [%s], Diagnostic: %s (0x%02x)",
len,
tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
BFD_EXTRACT_DIAG(version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
if (flags & BFD_FLAG_AUTH) {
if (auth_print(ndo, pptr))
goto trunc;
}
break;
default:
ND_PRINT((ndo, "BFDv%u, Control, length: %u",
version,
len));
if (ndo->ndo_vflag >= 1) {
if(!print_unknown_data(ndo, pptr,"\n\t",len))
return;
}
break;
}
} else if (port == BFD_ECHO_PORT) {
/* Echo is BFD v1 only */
version = 1;
}
switch ((port << 8) | version) {
/* BFDv0 */
case (BFD_CONTROL_PORT << 8):
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv%u, %s, Flags: [%s], length: %u",
version,
tok2str(bfd_port_values, "unknown (%u)", port),
bittok2str(bfd_v0_flag_values, "none", bfd_header->flags),
len));
return;
/*
* Echo packet.
*/
ND_PRINT((ndo, "BFD, Echo, length: %u",
len));
if (ndo->ndo_vflag >= 1) {
if(!print_unknown_data(ndo, pptr,"\n\t",len))
return;
}
ND_PRINT((ndo, "BFDv%u, length: %u\n\t%s, Flags: [%s], Diagnostic: %s (0x%02x)",
version,
len,
tok2str(bfd_port_values, "unknown (%u)", port),
bittok2str(bfd_v0_flag_values, "none", bfd_header->flags),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(bfd_header->version_diag)),
BFD_EXTRACT_DIAG(bfd_header->version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
break;
/* BFDv1 */
case (BFD_CONTROL_PORT << 8 | 1):
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv%u, %s, State %s, Flags: [%s], length: %u",
version,
tok2str(bfd_port_values, "unknown (%u)", port),
tok2str(bfd_v1_state_values, "unknown (%u)", (bfd_header->flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", bfd_header->flags & 0x3f),
len));
return;
}
ND_PRINT((ndo, "BFDv%u, length: %u\n\t%s, State %s, Flags: [%s], Diagnostic: %s (0x%02x)",
version,
len,
tok2str(bfd_port_values, "unknown (%u)", port),
tok2str(bfd_v1_state_values, "unknown (%u)", (bfd_header->flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", bfd_header->flags & 0x3f),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(bfd_header->version_diag)),
BFD_EXTRACT_DIAG(bfd_header->version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
if (bfd_header->flags & BFD_FLAG_AUTH) {
if (auth_print(ndo, pptr))
goto trunc;
}
break;
/* BFDv0 */
case (BFD_ECHO_PORT << 8): /* not yet supported - fall through */
/* BFDv1 */
case (BFD_ECHO_PORT << 8 | 1):
default:
ND_PRINT((ndo, "BFD, %s, length: %u",
tok2str(bfd_port_values, "unknown (%u)", port),
} else {
/*
* Unknown packet type.
*/
ND_PRINT((ndo, "BFD, unknown (%u), length: %u",
port,
len));
if (ndo->ndo_vflag >= 1) {
if(!print_unknown_data(ndo, pptr,"\n\t",len))
return;
}
break;
}
return;

49
print-bgp.c
View File

@ -47,6 +47,8 @@
#include "af.h"
#include "l2vpn.h"
static const char tstr[] = "[|BGP]";
struct bgp {
uint8_t bgp_marker[16];
uint16_t bgp_len;
@ -1013,7 +1015,7 @@ decode_multicast_vpn(netdissect_options *ndo,
*/
#define UPDATE_BUF_BUFLEN(buf, buflen, stringlen) \
if (stringlen<0) \
buflen=0; \
buflen=0; \
else if ((u_int)stringlen>buflen) \
buflen=0; \
else { \
@ -1359,7 +1361,7 @@ bgp_attr_get_as_size(netdissect_options *ndo,
static int
bgp_attr_print(netdissect_options *ndo,
u_int atype, const u_char *pptr, u_int len)
u_int atype, const u_char *pptr, u_int len, const unsigned attr_set_level)
{
int i;
uint16_t af;
@ -1482,7 +1484,7 @@ bgp_attr_print(netdissect_options *ndo,
}
ND_TCHECK2(tptr[0], 8);
ND_PRINT((ndo, " AS #%s, origin %s",
as_printf(ndo, astostr, sizeof(astostr), EXTRACT_32BITS(tptr)),
as_printf(ndo, astostr, sizeof(astostr), EXTRACT_32BITS(tptr)),
ipaddr_string(ndo, tptr + 4)));
break;
case BGPTYPE_COMMUNITIES:
@ -1698,10 +1700,12 @@ bgp_attr_print(netdissect_options *ndo,
bgp_vpn_rd_print(ndo, tptr),
isonsap_string(ndo, tptr+BGP_VPN_RD_LEN,tlen-BGP_VPN_RD_LEN)));
/* rfc986 mapped IPv4 address ? */
if (EXTRACT_32BITS(tptr+BGP_VPN_RD_LEN) == 0x47000601)
if (tlen == BGP_VPN_RD_LEN + 4 + sizeof(struct in_addr)
&& EXTRACT_32BITS(tptr+BGP_VPN_RD_LEN) == 0x47000601)
ND_PRINT((ndo, " = %s", ipaddr_string(ndo, tptr+BGP_VPN_RD_LEN+4)));
/* rfc1888 mapped IPv6 address ? */
else if (EXTRACT_24BITS(tptr+BGP_VPN_RD_LEN) == 0x350000)
else if (tlen == BGP_VPN_RD_LEN + 3 + sizeof(struct in6_addr)
&& EXTRACT_24BITS(tptr+BGP_VPN_RD_LEN) == 0x350000)
ND_PRINT((ndo, " = %s", ip6addr_string(ndo, tptr+BGP_VPN_RD_LEN+3)));
tptr += tlen;
tlen = 0;
@ -2280,8 +2284,16 @@ bgp_attr_print(netdissect_options *ndo,
ND_PRINT((ndo, "+%x", aflags & 0xf));
ND_PRINT((ndo, "]: "));
}
/* FIXME check for recursion */
if (!bgp_attr_print(ndo, atype, tptr, alen))
/* The protocol encoding per se allows ATTR_SET to be nested as many times
* as the message can accommodate. This printer used to be able to recurse
* into ATTR_SET contents until the stack exhaustion, but now there is a
* limit on that (if live protocol exchange goes that many levels deep,
* something is probably wrong anyway). Feel free to refine this value if
* you can find the spec with respective normative text.
*/
if (attr_set_level == 10)
ND_PRINT((ndo, "(too many nested levels, not recursing)"));
else if (!bgp_attr_print(ndo, atype, tptr, alen, attr_set_level + 1))
return 0;
tptr += alen;
len -= alen;
@ -2342,6 +2354,8 @@ bgp_capabilities_print(netdissect_options *ndo,
ND_TCHECK2(opt[i+2], cap_len);
switch (cap_type) {
case BGP_CAPCODE_MP:
/* AFI (16 bits), Reserved (8 bits), SAFI (8 bits) */
ND_TCHECK_8BITS(opt + i + 5);
ND_PRINT((ndo, "\n\t\tAFI %s (%u), SAFI %s (%u)",
tok2str(af_values, "Unknown",
EXTRACT_16BITS(opt+i+2)),
@ -2351,12 +2365,15 @@ bgp_capabilities_print(netdissect_options *ndo,
opt[i+5]));
break;
case BGP_CAPCODE_RESTART:
/* Restart Flags (4 bits), Restart Time in seconds (12 bits) */
ND_TCHECK_16BITS(opt + i + 2);
ND_PRINT((ndo, "\n\t\tRestart Flags: [%s], Restart Time %us",
((opt[i+2])&0x80) ? "R" : "none",
EXTRACT_16BITS(opt+i+2)&0xfff));
tcap_len-=2;
cap_offset=4;
while(tcap_len>=4) {
ND_TCHECK_8BITS(opt + i + cap_offset + 3);
ND_PRINT((ndo, "\n\t\t AFI %s (%u), SAFI %s (%u), Forwarding state preserved: %s",
tok2str(af_values,"Unknown",
EXTRACT_16BITS(opt+i+cap_offset)),
@ -2420,7 +2437,7 @@ bgp_capabilities_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2483,7 +2500,7 @@ bgp_open_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2583,7 +2600,7 @@ bgp_update_print(netdissect_options *ndo,
goto trunc;
if (length < alen)
goto trunc;
if (!bgp_attr_print(ndo, atype, p, alen))
if (!bgp_attr_print(ndo, atype, p, alen, 0))
goto trunc;
p += alen;
len -= alen;
@ -2620,7 +2637,7 @@ bgp_update_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2701,7 +2718,7 @@ bgp_notification_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2735,7 +2752,7 @@ bgp_route_refresh_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static int
@ -2775,7 +2792,7 @@ bgp_header_print(netdissect_options *ndo,
}
return 1;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
return 0;
}
@ -2824,7 +2841,7 @@ bgp_print(netdissect_options *ndo,
memcpy(&bgp, p, BGP_SIZE);
if (start != p)
ND_PRINT((ndo, " [|BGP]"));
ND_PRINT((ndo, " %s", tstr));
hlen = ntohs(bgp.bgp_len);
if (hlen < BGP_SIZE) {
@ -2850,7 +2867,7 @@ bgp_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, " [|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
/*

7
print-bootp.c
View File

@ -358,7 +358,7 @@ bootp_print(netdissect_options *ndo,
if (*bp->bp_sname) {
ND_PRINT((ndo, "\n\t sname \""));
if (fn_printztn(ndo, bp->bp_sname, (u_int)sizeof bp->bp_sname,
ndo->ndo_snapend)) {
ndo->ndo_snapend) == 0) {
ND_PRINT((ndo, "\""));
ND_PRINT((ndo, "%s", tstr + 1));
return;
@ -369,7 +369,7 @@ bootp_print(netdissect_options *ndo,
if (*bp->bp_file) {
ND_PRINT((ndo, "\n\t file \""));
if (fn_printztn(ndo, bp->bp_file, (u_int)sizeof bp->bp_file,
ndo->ndo_snapend)) {
ndo->ndo_snapend) == 0) {
ND_PRINT((ndo, "\""));
ND_PRINT((ndo, "%s", tstr + 1));
return;
@ -378,7 +378,7 @@ bootp_print(netdissect_options *ndo,
}
/* Decode the vendor buffer */
ND_TCHECK(bp->bp_vend[0]);
ND_TCHECK2(bp->bp_vend[0], 4);
if (memcmp((const char *)bp->bp_vend, vm_rfc1048,
sizeof(uint32_t)) == 0)
rfc1048_print(ndo, bp->bp_vend);
@ -388,6 +388,7 @@ bootp_print(netdissect_options *ndo,
else {
uint32_t ul;
ND_TCHECK_32BITS(&bp->bp_vend);
ul = EXTRACT_32BITS(&bp->bp_vend);
if (ul != 0)
ND_PRINT((ndo, "\n\t Vendor-#0x%x", ul));

53
print-dccp.c
View File

@ -530,7 +530,8 @@ static const struct tok dccp_option_values[] = {
{ 0, NULL }
};
static int dccp_print_option(netdissect_options *ndo, const u_char *option, u_int hlen)
static int
dccp_print_option(netdissect_options *ndo, const u_char *option, u_int hlen)
{
uint8_t optlen, i;
@ -623,16 +624,54 @@ static int dccp_print_option(netdissect_options *ndo, const u_char *option, u_in
}
break;
case 41:
if (optlen == 4)
/*
* 13.1. Timestamp Option
*
* +--------+--------+--------+--------+--------+--------+
* |00101001|00000110| Timestamp Value |
* +--------+--------+--------+--------+--------+--------+
* Type=41 Length=6
*/
if (optlen == 6)
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
else
ND_PRINT((ndo, " optlen != 4"));
ND_PRINT((ndo, " [optlen != 6]"));
break;
case 42:
if (optlen == 4)
/*
* 13.3. Timestamp Echo Option
*
* +--------+--------+--------+--------+--------+--------+
* |00101010|00000110| Timestamp Echo |
* +--------+--------+--------+--------+--------+--------+
* Type=42 Len=6
*
* +--------+--------+------- ... -------+--------+--------+
* |00101010|00001000| Timestamp Echo | Elapsed Time |
* +--------+--------+------- ... -------+--------+--------+
* Type=42 Len=8 (4 bytes)
*
* +--------+--------+------- ... -------+------- ... -------+
* |00101010|00001010| Timestamp Echo | Elapsed Time |
* +--------+--------+------- ... -------+------- ... -------+
* Type=42 Len=10 (4 bytes) (4 bytes)
*/
switch (optlen) {
case 6:
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
else
ND_PRINT((ndo, " optlen != 4"));
break;
case 8:
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
ND_PRINT((ndo, " (elapsed time %u)", EXTRACT_16BITS(option + 6)));
break;
case 10:
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
ND_PRINT((ndo, " (elapsed time %u)", EXTRACT_32BITS(option + 6)));
break;
default:
ND_PRINT((ndo, " [optlen != 6 or 8 or 10]"));
break;
}
break;
case 43:
if (optlen == 6)
@ -640,7 +679,7 @@ static int dccp_print_option(netdissect_options *ndo, const u_char *option, u_in
else if (optlen == 4)
ND_PRINT((ndo, " %u", EXTRACT_16BITS(option + 2)));
else
ND_PRINT((ndo, " optlen != 4 or 6"));
ND_PRINT((ndo, " [optlen != 4 or 6]"));
break;
case 44:
if (optlen > 2) {

33
print-decnet.c
View File

@ -30,10 +30,6 @@
struct mbuf;
struct rtentry;
#ifdef HAVE_NETDNET_DNETDB_H
#include <netdnet/dnetdb.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -75,12 +71,6 @@ typedef union etheraddress etheraddr; /* Ethernet address */
#define AREASHIFT 10 /* bit-offset for area field */
#define NODEMASK 01777 /* mask for node address field */
#define DN_MAXADDL 20 /* max size of DECnet address */
struct dn_naddr {
uint16_t a_len; /* length of address */
uint8_t a_addr[DN_MAXADDL]; /* address as bytes */
};
/*
* Define long and short header formats.
*/
@ -492,10 +482,6 @@ static int print_elist(const char *, u_int);
static int print_nsp(netdissect_options *, const u_char *, u_int);
static void print_reason(netdissect_options *, int);
#ifndef HAVE_NETDNET_DNETDB_H_DNET_HTOA
extern char *dnet_htoa(struct dn_naddr *);
#endif
void
decnet_print(netdissect_options *ndo,
register const u_char *ap, register u_int length,
@ -1252,22 +1238,3 @@ dnnum_string(netdissect_options *ndo, u_short dnaddr)
snprintf(str, siz, "%d.%d", area, node);
return(str);
}
const char *
dnname_string(netdissect_options *ndo, u_short dnaddr)
{
#ifdef HAVE_DNET_HTOA
struct dn_naddr dna;
char *dnname;
dna.a_len = sizeof(short);
memcpy((char *)dna.a_addr, (char *)&dnaddr, sizeof(short));
dnname = dnet_htoa(&dna);
if(dnname != NULL)
return (strdup(dnname));
else
return(dnnum_string(ndo, dnaddr));
#else
return(dnnum_string(ndo, dnaddr)); /* punt */
#endif
}

7
print-domain.c
View File

@ -582,6 +582,13 @@ ns_print(netdissect_options *ndo,
register const u_char *cp;
uint16_t b2;
if(length < sizeof(*np)) {
ND_PRINT((ndo, "domain"));
ND_PRINT((ndo, " [length %u < %zu]", length, sizeof(*np)));
ND_PRINT((ndo, " (invalid)"));
return;
}
np = (const HEADER *)bp;
ND_TCHECK(*np);
/* get the byte-order right */

26
print-dvmrp.c
View File

@ -32,6 +32,8 @@
#include "addrtoname.h"
/*
* See: RFC 1075 and draft-ietf-idmr-dvmrp-v3
*
* DVMRP message types and flag values shamelessly stolen from
* mrouted/dvmrp.h.
*/
@ -58,19 +60,18 @@
static int print_probe(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_report(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_neighbors(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_neighbors2(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_neighbors2(netdissect_options *, const u_char *, const u_char *, u_int, uint8_t, uint8_t);
static int print_prune(netdissect_options *, const u_char *);
static int print_graft(netdissect_options *, const u_char *);
static int print_graft_ack(netdissect_options *, const u_char *);
static uint32_t target_level;
void
dvmrp_print(netdissect_options *ndo,
register const u_char *bp, register u_int len)
{
register const u_char *ep;
register u_char type;
uint8_t major_version, minor_version;
ep = (const u_char *)ndo->ndo_snapend;
if (bp >= ep)
@ -118,15 +119,15 @@ dvmrp_print(netdissect_options *ndo,
case DVMRP_NEIGHBORS2:
ND_PRINT((ndo, " Neighbors2"));
/*
* extract version and capabilities from IGMP group
* address field
* extract version from IGMP group address field
*/
bp -= 4;
ND_TCHECK2(bp[0], 4);
target_level = (bp[0] << 24) | (bp[1] << 16) |
(bp[2] << 8) | bp[3];
major_version = *(bp + 3);
minor_version = *(bp + 2);
bp += 4;
if (print_neighbors2(ndo, bp, ep, len) < 0)
if (print_neighbors2(ndo, bp, ep, len, major_version,
minor_version) < 0)
goto trunc;
break;
@ -230,7 +231,7 @@ print_probe(netdissect_options *ndo,
ND_PRINT((ndo, " [|}"));
return (0);
}
genid = (bp[0] << 24) | (bp[1] << 16) | (bp[2] << 8) | bp[3];
genid = EXTRACT_32BITS(bp);
bp += 4;
len -= 4;
ND_PRINT((ndo, ndo->ndo_vflag > 1 ? "\n\t" : " "));
@ -283,15 +284,14 @@ print_neighbors(netdissect_options *ndo,
static int
print_neighbors2(netdissect_options *ndo,
register const u_char *bp, register const u_char *ep,
register u_int len)
register u_int len, uint8_t major_version,
uint8_t minor_version)
{
const u_char *laddr;
register u_char metric, thresh, flags;
register int ncount;
ND_PRINT((ndo, " (v %d.%d):",
(int)target_level & 0xff,
(int)(target_level >> 8) & 0xff));
ND_PRINT((ndo, " (v %d.%d):", major_version, minor_version));
while (len > 0 && bp < ep) {
ND_TCHECK2(bp[0], 8);

2
print-eigrp.c
View File

@ -353,6 +353,7 @@ eigrp_print(netdissect_options *ndo, register const u_char *pptr, register u_int
}
byte_length = (bit_length + 7) / 8; /* variable length encoding */
memset(prefix, 0, 4);
ND_TCHECK2(tlv_ptr.eigrp_tlv_ip_int->destination, byte_length);
memcpy(prefix,&tlv_ptr.eigrp_tlv_ip_int->destination,byte_length);
ND_PRINT((ndo, "\n\t IPv4 prefix: %15s/%u, nexthop: ",
@ -387,6 +388,7 @@ eigrp_print(netdissect_options *ndo, register const u_char *pptr, register u_int
}
byte_length = (bit_length + 7) / 8; /* variable length encoding */
memset(prefix, 0, 4);
ND_TCHECK2(tlv_ptr.eigrp_tlv_ip_ext->destination, byte_length);
memcpy(prefix,&tlv_ptr.eigrp_tlv_ip_ext->destination,byte_length);
ND_PRINT((ndo, "\n\t IPv4 prefix: %15s/%u, nexthop: ",

95
print-esp.c
View File

@ -191,8 +191,8 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
const u_char *iv;
unsigned int len;
EVP_CIPHER_CTX *ctx;
unsigned int block_size, output_buffer_size;
u_char *output_buffer;
unsigned int block_size, buffer_size;
u_char *input_buffer, *output_buffer;
/* initiator arg is any non-zero value */
if(initiator) initiator=1;
@ -227,19 +227,39 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
(*ndo->ndo_warning)(ndo, "espkey init failed");
set_cipher_parameters(ctx, NULL, NULL, iv, 0);
/*
* Allocate a buffer for the decrypted data.
* The output buffer must be separate from the input buffer, and
* its size must be a multiple of the cipher block size.
* Allocate buffers for the encrypted and decrypted data.
* Both buffers' sizes must be a multiple of the cipher block
* size, and the output buffer must be separate from the input
* buffer.
*/
block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
output_buffer_size = len + (block_size - len % block_size);
output_buffer = (u_char *)malloc(output_buffer_size);
if (output_buffer == NULL) {
(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
buffer_size = len + (block_size - len % block_size);
/*
* Attempt to allocate the input buffer.
*/
input_buffer = (u_char *)malloc(buffer_size);
if (input_buffer == NULL) {
EVP_CIPHER_CTX_free(ctx);
return 0;
(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
}
EVP_Cipher(ctx, output_buffer, buf, len);
/*
* Copy the input data to the encrypted data buffer, and pad it
* with zeroes.
*/
memcpy(input_buffer, buf, len);
memset(input_buffer + len, 0, buffer_size - len);
/*
* Attempt to allocate the output buffer.
*/
output_buffer = (u_char *)malloc(buffer_size);
if (output_buffer == NULL) {
free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
(*ndo->ndo_error)(ndo, "can't allocate memory for decryption buffer");
}
EVP_Cipher(ctx, output_buffer, input_buffer, len);
EVP_CIPHER_CTX_free(ctx);
/*
@ -247,6 +267,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
* but changing this would require a more complicated fix.
*/
memcpy(buf, output_buffer, len);
free(input_buffer);
free(output_buffer);
ndo->ndo_packetp = buf;
@ -287,7 +308,6 @@ static u_int hexdigit(netdissect_options *ndo, char hex)
return (hex - 'a' + 10);
else {
(*ndo->ndo_error)(ndo, "invalid hex digit %c in espsecret\n", hex);
return 0;
}
}
@ -398,7 +418,7 @@ espprint_decode_encalgo(netdissect_options *ndo,
USES_APPLE_RST
/*
* for the moment, ignore the auth algorith, just hard code the authenticator
* for the moment, ignore the auth algorithm, just hard code the authenticator
* length. Need to research how openssl looks up HMAC stuff.
*/
static int
@ -521,7 +541,6 @@ static void esp_print_decode_onesecret(netdissect_options *ndo, char *line,
if (secretfile == NULL) {
(*ndo->ndo_error)(ndo, "print_esp: can't open %s: %s\n",
filename, strerror(errno));
return;
}
while (fgets(fileline, sizeof(fileline)-1, secretfile) != NULL) {
@ -551,6 +570,10 @@ static void esp_print_decode_onesecret(netdissect_options *ndo, char *line,
uint32_t spino;
spistr = strsep(&spikey, "@");
if (spistr == NULL) {
(*ndo->ndo_warning)(ndo, "print_esp: failed to find the @ token");
return;
}
spino = strtoul(spistr, &foo, 0);
if (spistr == foo || !spikey) {
@ -660,8 +683,8 @@ esp_print(netdissect_options *ndo,
const u_char *ivoff;
const u_char *p;
EVP_CIPHER_CTX *ctx;
unsigned int block_size, output_buffer_size;
u_char *output_buffer;
unsigned int block_size, buffer_size;
u_char *input_buffer, *output_buffer;
#endif
esp = (const struct newesp *)bp;
@ -777,21 +800,41 @@ esp_print(netdissect_options *ndo,
len = ep - (p + ivlen);
/*
* Allocate a buffer for the decrypted data.
* The output buffer must be separate from the
* input buffer, and its size must be a multiple
* of the cipher block size.
* Allocate buffers for the encrypted and decrypted
* data. Both buffers' sizes must be a multiple of
* the cipher block size, and the output buffer must
* be separate from the input buffer.
*/
block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
output_buffer_size = len + (block_size - len % block_size);
output_buffer = (u_char *)malloc(output_buffer_size);
if (output_buffer == NULL) {
(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
buffer_size = len + (block_size - len % block_size);
/*
* Attempt to allocate the input buffer.
*/
input_buffer = (u_char *)malloc(buffer_size);
if (input_buffer == NULL) {
EVP_CIPHER_CTX_free(ctx);
return -1;
(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
}
/*
* Copy the input data to the encrypted data buffer,
* and pad it with zeroes.
*/
memcpy(input_buffer, p + ivlen, len);
memset(input_buffer + len, 0, buffer_size - len);
/*
* Attempt to allocate the output buffer.
*/
output_buffer = (u_char *)malloc(buffer_size);
if (output_buffer == NULL) {
free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
(*ndo->ndo_error)(ndo, "can't allocate memory for decryption buffer");
}
EVP_Cipher(ctx, output_buffer, p + ivlen, len);
EVP_Cipher(ctx, output_buffer, input_buffer, len);
free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
/*
* XXX - of course this is wrong, because buf is a

9
print-fr.c
View File

@ -457,6 +457,10 @@ mfr_print(netdissect_options *ndo,
*/
ND_TCHECK2(*p, 4); /* minimum frame header length */
if (length < 4) {
ND_PRINT((ndo, "Message too short (%u bytes)", length));
return length;
}
if ((p[0] & MFR_BEC_MASK) == MFR_CTRL_FRAME && p[1] == 0) {
ND_PRINT((ndo, "FRF.16 Control, Flags [%s], %s, length %u",
@ -493,6 +497,11 @@ mfr_print(netdissect_options *ndo,
switch (ie_type) {
case MFR_CTRL_IE_MAGIC_NUM:
/* FRF.16.1 Section 3.4.3 Magic Number Information Element */
if (ie_len != 4) {
ND_PRINT((ndo, "(invalid length)"));
break;
}
ND_PRINT((ndo, "0x%08x", EXTRACT_32BITS(tptr)));
break;

14
print-hncp.c
View File

@ -68,8 +68,8 @@ hncp_print(netdissect_options *ndo,
#define HNCP_EXTERNAL_CONNECTION 33
#define HNCP_DELEGATED_PREFIX 34
#define HNCP_PREFIX_POLICY 43
#define HNCP_DHCPV4_DATA 37
#define HNCP_DHCPV6_DATA 38
#define HNCP_DHCPV4_DATA 37 /* This is correct, see RFC 7788 Errata ID 5113. */
#define HNCP_DHCPV6_DATA 38 /* idem */
#define HNCP_ASSIGNED_PREFIX 35
#define HNCP_NODE_ADDRESS 36
#define HNCP_DNS_DELEGATED_ZONE 39
@ -158,10 +158,10 @@ is_ipv4_mapped_address(const u_char *addr)
static const char *
format_nid(const u_char *data)
{
static char buf[4][11+5];
static char buf[4][sizeof("01:01:01:01")];
static int i = 0;
i = (i + 1) % 4;
snprintf(buf[i], 16, "%02x:%02x:%02x:%02x",
snprintf(buf[i], sizeof(buf[i]), "%02x:%02x:%02x:%02x",
data[0], data[1], data[2], data[3]);
return buf[i];
}
@ -169,10 +169,10 @@ format_nid(const u_char *data)
static const char *
format_256(const u_char *data)
{
static char buf[4][64+5];
static char buf[4][sizeof("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")];
static int i = 0;
i = (i + 1) % 4;
snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
snprintf(buf[i], sizeof(buf[i]), "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
EXTRACT_64BITS(data),
EXTRACT_64BITS(data + 8),
EXTRACT_64BITS(data + 16),
@ -229,6 +229,8 @@ print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length)
plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
} else {
plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
if (plenbytes < 0)
return plenbytes;
}
ND_PRINT((ndo, "%s", buf));

14
print-icmp.c
View File

@ -400,7 +400,7 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
default:
(void)snprintf(buf, sizeof(buf),
"%s protocol %d port %d unreachable",
"%s protocol %u port %u unreachable",
ipaddr_string(ndo, &oip->ip_dst),
oip->ip_p, dport);
break;
@ -506,7 +506,7 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
break;
default:
(void)snprintf(buf, sizeof(buf), "time exceeded-#%d",
(void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
dp->icmp_code);
break;
}
@ -515,11 +515,11 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
case ICMP_PARAMPROB:
if (dp->icmp_code)
(void)snprintf(buf, sizeof(buf),
"parameter problem - code %d", dp->icmp_code);
"parameter problem - code %u", dp->icmp_code);
else {
ND_TCHECK(dp->icmp_pptr);
(void)snprintf(buf, sizeof(buf),
"parameter problem - octet %d", dp->icmp_pptr);
"parameter problem - octet %u", dp->icmp_pptr);
}
break;
@ -557,13 +557,15 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
}
ND_PRINT((ndo, "ICMP %s, length %u", str, plen));
if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
uint16_t sum, icmp_sum;
if (ND_TTEST2(*bp, plen)) {
uint16_t sum;
vec[0].ptr = (const uint8_t *)(const void *)dp;
vec[0].len = plen;
sum = in_cksum(vec, 1);
if (sum != 0) {
uint16_t icmp_sum;
ND_TCHECK_16BITS(&dp->icmp_cksum);
icmp_sum = EXTRACT_16BITS(&dp->icmp_cksum);
ND_PRINT((ndo, " (wrong icmp cksum %x (->%x)!)",
icmp_sum,

31
print-icmp6.c
View File

@ -41,6 +41,10 @@
#include "udp.h"
#include "ah.h"
static const char icmp6_tstr[] = " [|icmp6]";
static const char rpl_tstr[] = " [|rpl]";
static const char mldv2_tstr[] = " [|mldv2]";
/* NetBSD: icmp6.h,v 1.13 2000/08/03 16:30:37 itojun Exp */
/* $KAME: icmp6.h,v 1.22 2000/08/03 15:25:16 jinmei Exp $ */
@ -683,10 +687,11 @@ rpl_dio_printopt(netdissect_options *ndo,
}
opt = (const struct rpl_dio_genoption *)(((const char *)opt) + optlen);
length -= optlen;
ND_TCHECK(opt->rpl_dio_len);
}
return;
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
}
@ -715,7 +720,7 @@ rpl_dio_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
}
@ -756,7 +761,7 @@ rpl_dao_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
tooshort:
@ -800,7 +805,7 @@ rpl_daoack_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo," [|dao-truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
tooshort:
@ -859,7 +864,7 @@ rpl_print(netdissect_options *ndo,
#if 0
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
#endif
@ -1034,7 +1039,7 @@ icmp6_print(netdissect_options *ndo,
p = (const struct nd_router_advert *)dp;
ND_TCHECK(p->nd_ra_retransmit);
ND_PRINT((ndo,"\n\thop limit %u, Flags [%s]" \
", pref %s, router lifetime %us, reachable time %us, retrans time %us",
", pref %s, router lifetime %us, reachable time %ums, retrans timer %ums",
(u_int)p->nd_ra_curhoplimit,
bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)),
get_rtpref(p->nd_ra_flags_reserved),
@ -1157,7 +1162,7 @@ icmp6_print(netdissect_options *ndo,
ND_PRINT((ndo,", length %u", length));
return;
trunc:
ND_PRINT((ndo, "[|icmp6]"));
ND_PRINT((ndo, "%s", icmp6_tstr));
}
static const struct udphdr *
@ -1381,8 +1386,8 @@ icmp6_opt_print(netdissect_options *ndo, const u_char *bp, int resid)
}
return;
trunc:
ND_PRINT((ndo, "[ndp opt]"));
trunc:
ND_PRINT((ndo, "%s", icmp6_tstr));
return;
#undef ECHECK
}
@ -1457,7 +1462,7 @@ mldv2_report_print(netdissect_options *ndo, const u_char *bp, u_int len)
}
return;
trunc:
ND_PRINT((ndo,"[|icmp6]"));
ND_PRINT((ndo, "%s", mldv2_tstr));
return;
}
@ -1523,7 +1528,7 @@ mldv2_query_print(netdissect_options *ndo, const u_char *bp, u_int len)
ND_PRINT((ndo,"]"));
return;
trunc:
ND_PRINT((ndo,"[|icmp6]"));
ND_PRINT((ndo, "%s", mldv2_tstr));
return;
}
@ -1810,7 +1815,7 @@ icmp6_nodeinfo_print(netdissect_options *ndo, u_int icmp6len, const u_char *bp,
return;
trunc:
ND_PRINT((ndo, "[|icmp6]"));
ND_PRINT((ndo, "%s", icmp6_tstr));
}
static void
@ -1945,7 +1950,7 @@ icmp6_rrenum_print(netdissect_options *ndo, const u_char *bp, const u_char *ep)
return;
trunc:
ND_PRINT((ndo,"[|icmp6]"));
ND_PRINT((ndo, "%s", icmp6_tstr));
}
/*

44
print-ipnet.c
View File

@ -7,16 +7,19 @@
#include <netdissect-stdinc.h>
#include "netdissect.h"
#include "extract.h"
static const char tstr[] = "[|ipnet]";
typedef struct ipnet_hdr {
uint8_t iph_version;
uint8_t iph_family;
uint16_t iph_htype;
uint32_t iph_pktlen;
uint32_t iph_ifindex;
uint32_t iph_grifindex;
uint32_t iph_zsrc;
uint32_t iph_zdst;
nd_uint8_t iph_version;
nd_uint8_t iph_family;
nd_uint16_t iph_htype;
nd_uint32_t iph_pktlen;
nd_uint32_t iph_ifindex;
nd_uint32_t iph_grifindex;
nd_uint32_t iph_zsrc;
nd_uint32_t iph_zdst;
} ipnet_hdr_t;
#define IPH_AF_INET 2 /* Matches Solaris's AF_INET */
@ -36,21 +39,26 @@ ipnet_hdr_print(netdissect_options *ndo, const u_char *bp, u_int length)
const ipnet_hdr_t *hdr;
hdr = (const ipnet_hdr_t *)bp;
ND_PRINT((ndo, "%d > %d", hdr->iph_zsrc, hdr->iph_zdst));
ND_TCHECK(*hdr);
ND_PRINT((ndo, "%d > %d", EXTRACT_32BITS(hdr->iph_zsrc),
EXTRACT_32BITS(hdr->iph_zdst)));
if (!ndo->ndo_qflag) {
ND_PRINT((ndo,", family %s (%d)",
tok2str(ipnet_values, "Unknown",
hdr->iph_family),
hdr->iph_family));
EXTRACT_8BITS(&hdr->iph_family)),
EXTRACT_8BITS(&hdr->iph_family)));
} else {
ND_PRINT((ndo,", %s",
tok2str(ipnet_values,
"Unknown Ethertype (0x%04x)",
hdr->iph_family)));
EXTRACT_8BITS(&hdr->iph_family))));
}
ND_PRINT((ndo, ", length %u: ", length));
return;
trunc:
ND_PRINT((ndo, " %s", tstr));
}
static void
@ -58,10 +66,8 @@ ipnet_print(netdissect_options *ndo, const u_char *p, u_int length, u_int caplen
{
const ipnet_hdr_t *hdr;
if (caplen < sizeof(ipnet_hdr_t)) {
ND_PRINT((ndo, "[|ipnet]"));
return;
}
if (caplen < sizeof(ipnet_hdr_t))
goto trunc;
if (ndo->ndo_eflag)
ipnet_hdr_print(ndo, p, length);
@ -71,7 +77,8 @@ ipnet_print(netdissect_options *ndo, const u_char *p, u_int length, u_int caplen
hdr = (const ipnet_hdr_t *)p;
p += sizeof(ipnet_hdr_t);
switch (hdr->iph_family) {
ND_TCHECK2(hdr->iph_family, 1);
switch (EXTRACT_8BITS(&hdr->iph_family)) {
case IPH_AF_INET:
ip_print(ndo, p, length);
@ -90,6 +97,9 @@ ipnet_print(netdissect_options *ndo, const u_char *p, u_int length, u_int caplen
ND_DEFAULTPRINT(p, caplen);
break;
}
return;
trunc:
ND_PRINT((ndo, " %s", tstr));
}
/*

1
print-isakmp.c
View File

@ -1769,6 +1769,7 @@ ikev1_n_print(netdissect_options *ndo, u_char tpay _U_,
}
case IPSECDOI_NTYPE_REPLAY_STATUS:
ND_PRINT((ndo," status=("));
ND_TCHECK_32BITS(cp);
ND_PRINT((ndo,"replay detection %sabled",
EXTRACT_32BITS(cp) ? "en" : "dis"));
ND_PRINT((ndo,")"));

5
print-juniper.c
View File

@ -1354,6 +1354,11 @@ juniper_parse_header(netdissect_options *ndo,
lp->s,
l2info->cookie_len));
if (l2info->cookie_len > 8) {
ND_PRINT((ndo, " (invalid)"));
return 0;
}
if (l2info->cookie_len > 0) {
ND_TCHECK2(p[0], l2info->cookie_len);
if (ndo->ndo_eflag)

214
print-l2tp.c
View File

@ -23,6 +23,8 @@
/* \summary: Layer Two Tunneling Protocol (L2TP) printer */
/* specification: RFC 2661 */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
@ -143,7 +145,7 @@ static const struct tok l2tp_msgtype2str[] = {
#define L2TP_AVP_PRIVATE_GRP_ID 37 /* Private Group ID */
#define L2TP_AVP_RX_CONN_SPEED 38 /* (Rx) Connect Speed */
#define L2TP_AVP_SEQ_REQUIRED 39 /* Sequencing Required */
#define L2TP_AVP_PPP_DISCON_CC 46 /* PPP Disconnect Cause Code */
#define L2TP_AVP_PPP_DISCON_CC 46 /* PPP Disconnect Cause Code - RFC 3145 */
static const struct tok l2tp_avp2str[] = {
{ L2TP_AVP_MSGTYPE, "MSGTYPE" },
@ -282,15 +284,15 @@ print_octets(netdissect_options *ndo, const u_char *dat, u_int length)
}
static void
print_16bits_val(netdissect_options *ndo, const uint16_t *dat)
print_16bits_val(netdissect_options *ndo, const uint8_t *dat)
{
ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat)));
}
static void
print_32bits_val(netdissect_options *ndo, const uint32_t *dat)
print_32bits_val(netdissect_options *ndo, const uint8_t *dat)
{
ND_PRINT((ndo, "%lu", (u_long)EXTRACT_32BITS(dat)));
ND_PRINT((ndo, "%u", EXTRACT_32BITS(dat)));
}
/***********************************/
@ -299,28 +301,24 @@ print_32bits_val(netdissect_options *ndo, const uint32_t *dat)
static void
l2tp_msgtype_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%s", tok2str(l2tp_msgtype2str, "MSGTYPE-#%u",
EXTRACT_16BITS(ptr))));
EXTRACT_16BITS(dat))));
}
static void
l2tp_result_code_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
/* Result Code */
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%u", EXTRACT_16BITS(ptr)));
ptr++;
ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat)));
dat += 2;
length -= 2;
/* Error Code (opt) */
@ -330,19 +328,19 @@ l2tp_result_code_print(netdissect_options *ndo, const u_char *dat, u_int length)
ND_PRINT((ndo, " AVP too short"));
return;
}
ND_PRINT((ndo, "/%u", EXTRACT_16BITS(ptr)));
ptr++;
ND_PRINT((ndo, "/%u", EXTRACT_16BITS(dat)));
dat += 2;
length -= 2;
/* Error Message (opt) */
if (length == 0)
return;
ND_PRINT((ndo, " "));
print_string(ndo, (const u_char *)ptr, length);
print_string(ndo, dat, length);
}
static void
l2tp_proto_ver_print(netdissect_options *ndo, const uint16_t *dat, u_int length)
l2tp_proto_ver_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
@ -355,16 +353,14 @@ l2tp_proto_ver_print(netdissect_options *ndo, const uint16_t *dat, u_int length)
static void
l2tp_framing_cap_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_CAP_ASYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_CAP_ASYNC_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_CAP_SYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_CAP_SYNC_MASK) {
ND_PRINT((ndo, "S"));
}
}
@ -372,16 +368,14 @@ l2tp_framing_cap_print(netdissect_options *ndo, const u_char *dat, u_int length)
static void
l2tp_bearer_cap_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_CAP_ANALOG_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_CAP_ANALOG_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_CAP_DIGITAL_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_CAP_DIGITAL_MASK) {
ND_PRINT((ndo, "D"));
}
}
@ -393,8 +387,8 @@ l2tp_q931_cc_print(netdissect_options *ndo, const u_char *dat, u_int length)
ND_PRINT((ndo, "AVP too short"));
return;
}
print_16bits_val(ndo, (const uint16_t *)dat);
ND_PRINT((ndo, ", %02x", dat[2]));
print_16bits_val(ndo, dat);
ND_PRINT((ndo, ", %02x", EXTRACT_8BITS(dat + 2)));
dat += 3;
length -= 3;
if (length != 0) {
@ -406,16 +400,14 @@ l2tp_q931_cc_print(netdissect_options *ndo, const u_char *dat, u_int length)
static void
l2tp_bearer_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_TYPE_ANALOG_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_TYPE_ANALOG_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_TYPE_DIGITAL_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_TYPE_DIGITAL_MASK) {
ND_PRINT((ndo, "D"));
}
}
@ -423,16 +415,14 @@ l2tp_bearer_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
static void
l2tp_framing_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_TYPE_ASYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_TYPE_ASYNC_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_TYPE_SYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_TYPE_SYNC_MASK) {
ND_PRINT((ndo, "S"));
}
}
@ -446,125 +436,109 @@ l2tp_packet_proc_delay_print(netdissect_options *ndo)
static void
l2tp_proxy_auth_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%s", tok2str(l2tp_authentype2str,
"AuthType-#%u", EXTRACT_16BITS(ptr))));
"AuthType-#%u", EXTRACT_16BITS(dat))));
}
static void
l2tp_proxy_auth_id_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%u", EXTRACT_16BITS(ptr) & L2TP_PROXY_AUTH_ID_MASK));
ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat) & L2TP_PROXY_AUTH_ID_MASK));
}
static void
l2tp_call_errors_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
uint16_t val_h, val_l;
uint32_t val;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ptr++; /* skip "Reserved" */
dat += 2; /* skip "Reserved" */
length -= 2;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "CRCErr=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "CRCErr=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "FrameErr=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "FrameErr=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "HardOver=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "HardOver=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "BufOver=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "BufOver=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "Timeout=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "Timeout=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++;
val_l = EXTRACT_16BITS(ptr); ptr++;
ND_PRINT((ndo, "AlignErr=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "AlignErr=%u ", val));
}
static void
l2tp_accm_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
uint16_t val_h, val_l;
uint32_t val;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ptr++; /* skip "Reserved" */
dat += 2; /* skip "Reserved" */
length -= 2;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "send=%08x ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "send=%08x ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++;
val_l = EXTRACT_16BITS(ptr); ptr++;
ND_PRINT((ndo, "recv=%08x ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "recv=%08x ", val));
}
static void
l2tp_ppp_discon_cc_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 5) {
ND_PRINT((ndo, "AVP too short"));
return;
@ -579,32 +553,27 @@ l2tp_ppp_discon_cc_print(netdissect_options *ndo, const u_char *dat, u_int lengt
length -= 2;
/* Direction */
ND_PRINT((ndo, "%s", tok2str(l2tp_cc_direction2str,
"Direction-#%u", EXTRACT_8BITS(ptr))));
ptr++;
"Direction-#%u", EXTRACT_8BITS(dat))));
dat++;
length--;
if (length != 0) {
ND_PRINT((ndo, " "));
print_string(ndo, (const u_char *)ptr, length);
print_string(ndo, (const u_char *)dat, length);
}
}
static void
l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
static u_int
l2tp_avp_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
u_int len;
const uint16_t *ptr = (const uint16_t *)dat;
uint16_t attr_type;
int hidden = FALSE;
if (length <= 0) {
return;
}
ND_PRINT((ndo, " "));
ND_TCHECK(*ptr); /* Flags & Length */
len = EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_LEN_MASK;
ND_TCHECK_16BITS(dat); /* Flags & Length */
len = EXTRACT_16BITS(dat) & L2TP_AVP_HDR_LEN_MASK;
/* If it is not long enough to contain the header, we'll give up. */
if (len < 6)
@ -617,7 +586,7 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
/* If it goes past the end of the remaining length of the captured
data, we'll give up. */
ND_TCHECK2(*ptr, len);
ND_TCHECK2(*dat, len);
/*
* After this point, we don't need to check whether we go past
@ -625,26 +594,26 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
* check whether we go past the end of the AVP.
*/
if (EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_FLAG_MANDATORY) {
if (EXTRACT_16BITS(dat) & L2TP_AVP_HDR_FLAG_MANDATORY) {
ND_PRINT((ndo, "*"));
}
if (EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_FLAG_HIDDEN) {
if (EXTRACT_16BITS(dat) & L2TP_AVP_HDR_FLAG_HIDDEN) {
hidden = TRUE;
ND_PRINT((ndo, "?"));
}
ptr++;
dat += 2;
if (EXTRACT_16BITS(ptr)) {
if (EXTRACT_16BITS(dat)) {
/* Vendor Specific Attribute */
ND_PRINT((ndo, "VENDOR%04x:", EXTRACT_16BITS(ptr))); ptr++;
ND_PRINT((ndo, "ATTR%04x", EXTRACT_16BITS(ptr))); ptr++;
ND_PRINT((ndo, "VENDOR%04x:", EXTRACT_16BITS(dat))); dat += 2;
ND_PRINT((ndo, "ATTR%04x", EXTRACT_16BITS(dat))); dat += 2;
ND_PRINT((ndo, "("));
print_octets(ndo, (const u_char *)ptr, len-6);
print_octets(ndo, dat, len-6);
ND_PRINT((ndo, ")"));
} else {
/* IETF-defined Attributes */
ptr++;
attr_type = EXTRACT_16BITS(ptr); ptr++;
dat += 2;
attr_type = EXTRACT_16BITS(dat); dat += 2;
ND_PRINT((ndo, "%s", tok2str(l2tp_avp2str, "AVP-#%u", attr_type)));
ND_PRINT((ndo, "("));
if (hidden) {
@ -652,26 +621,26 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
} else {
switch (attr_type) {
case L2TP_AVP_MSGTYPE:
l2tp_msgtype_print(ndo, (const u_char *)ptr, len-6);
l2tp_msgtype_print(ndo, dat, len-6);
break;
case L2TP_AVP_RESULT_CODE:
l2tp_result_code_print(ndo, (const u_char *)ptr, len-6);
l2tp_result_code_print(ndo, dat, len-6);
break;
case L2TP_AVP_PROTO_VER:
l2tp_proto_ver_print(ndo, ptr, len-6);
l2tp_proto_ver_print(ndo, dat, len-6);
break;
case L2TP_AVP_FRAMING_CAP:
l2tp_framing_cap_print(ndo, (const u_char *)ptr, len-6);
l2tp_framing_cap_print(ndo, dat, len-6);
break;
case L2TP_AVP_BEARER_CAP:
l2tp_bearer_cap_print(ndo, (const u_char *)ptr, len-6);
l2tp_bearer_cap_print(ndo, dat, len-6);
break;
case L2TP_AVP_TIE_BREAKER:
if (len-6 < 8) {
ND_PRINT((ndo, "AVP too short"));
break;
}
print_octets(ndo, (const u_char *)ptr, 8);
print_octets(ndo, dat, 8);
break;
case L2TP_AVP_FIRM_VER:
case L2TP_AVP_ASSND_TUN_ID:
@ -681,7 +650,7 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
ND_PRINT((ndo, "AVP too short"));
break;
}
print_16bits_val(ndo, ptr);
print_16bits_val(ndo, dat);
break;
case L2TP_AVP_HOST_NAME:
case L2TP_AVP_VENDOR_NAME:
@ -690,7 +659,7 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
case L2TP_AVP_SUB_ADDRESS:
case L2TP_AVP_PROXY_AUTH_NAME:
case L2TP_AVP_PRIVATE_GRP_ID:
print_string(ndo, (const u_char *)ptr, len-6);
print_string(ndo, dat, len-6);
break;
case L2TP_AVP_CHALLENGE:
case L2TP_AVP_INI_RECV_LCP:
@ -699,17 +668,17 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
case L2TP_AVP_PROXY_AUTH_CHAL:
case L2TP_AVP_PROXY_AUTH_RESP:
case L2TP_AVP_RANDOM_VECTOR:
print_octets(ndo, (const u_char *)ptr, len-6);
print_octets(ndo, dat, len-6);
break;
case L2TP_AVP_Q931_CC:
l2tp_q931_cc_print(ndo, (const u_char *)ptr, len-6);
l2tp_q931_cc_print(ndo, dat, len-6);
break;
case L2TP_AVP_CHALLENGE_RESP:
if (len-6 < 16) {
ND_PRINT((ndo, "AVP too short"));
break;
}
print_octets(ndo, (const u_char *)ptr, 16);
print_octets(ndo, dat, 16);
break;
case L2TP_AVP_CALL_SER_NUM:
case L2TP_AVP_MINIMUM_BPS:
@ -721,33 +690,33 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
ND_PRINT((ndo, "AVP too short"));
break;
}
print_32bits_val(ndo, (const uint32_t *)ptr);
print_32bits_val(ndo, dat);
break;
case L2TP_AVP_BEARER_TYPE:
l2tp_bearer_type_print(ndo, (const u_char *)ptr, len-6);
l2tp_bearer_type_print(ndo, dat, len-6);
break;
case L2TP_AVP_FRAMING_TYPE:
l2tp_framing_type_print(ndo, (const u_char *)ptr, len-6);
l2tp_framing_type_print(ndo, dat, len-6);
break;
case L2TP_AVP_PACKET_PROC_DELAY:
l2tp_packet_proc_delay_print(ndo);
break;
case L2TP_AVP_PROXY_AUTH_TYPE:
l2tp_proxy_auth_type_print(ndo, (const u_char *)ptr, len-6);
l2tp_proxy_auth_type_print(ndo, dat, len-6);
break;
case L2TP_AVP_PROXY_AUTH_ID:
l2tp_proxy_auth_id_print(ndo, (const u_char *)ptr, len-6);
l2tp_proxy_auth_id_print(ndo, dat, len-6);
break;
case L2TP_AVP_CALL_ERRORS:
l2tp_call_errors_print(ndo, (const u_char *)ptr, len-6);
l2tp_call_errors_print(ndo, dat, len-6);
break;
case L2TP_AVP_ACCM:
l2tp_accm_print(ndo, (const u_char *)ptr, len-6);
l2tp_accm_print(ndo, dat, len-6);
break;
case L2TP_AVP_SEQ_REQUIRED:
break; /* No Attribute Value */
case L2TP_AVP_PPP_DISCON_CC:
l2tp_ppp_discon_cc_print(ndo, (const u_char *)ptr, len-6);
l2tp_ppp_discon_cc_print(ndo, dat, len-6);
break;
default:
break;
@ -756,11 +725,11 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
ND_PRINT((ndo, ")"));
}
l2tp_avp_print(ndo, dat+len, length-len);
return;
return (len);
trunc:
ND_PRINT((ndo, "|..."));
return (0);
}
@ -865,7 +834,22 @@ l2tp_print(netdissect_options *ndo, const u_char *dat, u_int length)
if (length - cnt == 0) {
ND_PRINT((ndo, " ZLB"));
} else {
l2tp_avp_print(ndo, ptr, length - cnt);
/*
* Print AVPs.
*/
while (length - cnt != 0) {
u_int avp_length;
avp_length = l2tp_avp_print(ndo, ptr, length - cnt);
if (avp_length == 0) {
/*
* Truncated.
*/
break;
}
cnt += avp_length;
ptr += avp_length;
}
}
} else {
ND_PRINT((ndo, " {"));

28
print-ldp.c
View File

@ -29,6 +29,8 @@
#include "l2vpn.h"
#include "af.h"
static const char tstr[] = " [|LDP]";
/*
* ldp common header
*
@ -210,7 +212,7 @@ static const struct tok ldp_fec_martini_ifparm_vccv_cv_values[] = {
{ 0, NULL}
};
static int ldp_pdu_print(netdissect_options *, register const u_char *);
static u_int ldp_pdu_print(netdissect_options *, register const u_char *);
/*
* ldp tlv header
@ -435,19 +437,24 @@ ldp_tlv_print(netdissect_options *ndo,
switch(vc_info_tlv_type) {
case LDP_FEC_MARTINI_IFPARM_MTU:
ND_TCHECK_16BITS(tptr + 2);
ND_PRINT((ndo, ": %u", EXTRACT_16BITS(tptr+2)));
break;
case LDP_FEC_MARTINI_IFPARM_DESC:
ND_PRINT((ndo, ": "));
for (idx = 2; idx < vc_info_tlv_len; idx++)
for (idx = 2; idx < vc_info_tlv_len; idx++) {
ND_TCHECK_8BITS(tptr + idx);
safeputchar(ndo, *(tptr + idx));
}
break;
case LDP_FEC_MARTINI_IFPARM_VCCV:
ND_TCHECK_8BITS(tptr + 2);
ND_PRINT((ndo, "\n\t\t Control Channels (0x%02x) = [%s]",
*(tptr+2),
bittok2str(ldp_fec_martini_ifparm_vccv_cc_values, "none", *(tptr+2))));
ND_TCHECK_8BITS(tptr + 3);
ND_PRINT((ndo, "\n\t\t CV Types (0x%02x) = [%s]",
*(tptr+3),
bittok2str(ldp_fec_martini_ifparm_vccv_cv_values, "none", *(tptr+3))));
@ -486,7 +493,7 @@ ldp_tlv_print(netdissect_options *ndo,
break;
case LDP_TLV_FT_SESSION:
TLV_TCHECK(8);
TLV_TCHECK(12);
ft_flags = EXTRACT_16BITS(tptr);
ND_PRINT((ndo, "\n\t Flags: [%sReconnect, %sSave State, %sAll-Label Protection, %s Checkpoint, %sRe-Learn State]",
ft_flags&0x8000 ? "" : "No ",
@ -494,6 +501,7 @@ ldp_tlv_print(netdissect_options *ndo,
ft_flags&0x4 ? "" : "No ",
ft_flags&0x2 ? "Sequence Numbered Label" : "All Labels",
ft_flags&0x1 ? "" : "Don't "));
/* 16 bits (FT Flags) + 16 bits (Reserved) */
tptr+=4;
ui = EXTRACT_32BITS(tptr);
if (ui)
@ -534,7 +542,7 @@ ldp_tlv_print(netdissect_options *ndo,
return(tlv_len+4); /* Type & Length fields not included */
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
ND_PRINT((ndo, "%s", tstr));
return 0;
badtlv:
@ -546,17 +554,23 @@ void
ldp_print(netdissect_options *ndo,
register const u_char *pptr, register u_int len)
{
int processed;
u_int processed;
while (len > (sizeof(struct ldp_common_header) + sizeof(struct ldp_msg_header))) {
processed = ldp_pdu_print(ndo, pptr);
if (processed == 0)
return;
if (len < processed) {
ND_PRINT((ndo, " [remaining length %u < %u]", len, processed));
ND_PRINT((ndo, "%s", istr));
break;
}
len -= processed;
pptr += processed;
}
}
static int
static u_int
ldp_pdu_print(netdissect_options *ndo,
register const u_char *pptr)
{
@ -686,7 +700,7 @@ ldp_pdu_print(netdissect_options *ndo,
}
return pdu_len+4;
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
ND_PRINT((ndo, "%s", tstr));
return 0;
}

59
print-lmp.c
View File

@ -31,6 +31,8 @@
#include "addrtoname.h"
#include "gmpls.h"
static const char tstr[] = " [|LMP]";
/*
* LMP common header
*
@ -367,8 +369,9 @@ lmp_print_data_link_subobjs(netdissect_options *ndo, const u_char *obj_tptr,
} bw;
while (total_subobj_len > 0 && hexdump == FALSE ) {
subobj_type = EXTRACT_8BITS(obj_tptr+offset);
subobj_len = EXTRACT_8BITS(obj_tptr+offset+1);
ND_TCHECK_16BITS(obj_tptr + offset);
subobj_type = EXTRACT_8BITS(obj_tptr + offset);
subobj_len = EXTRACT_8BITS(obj_tptr + offset + 1);
ND_PRINT((ndo, "\n\t Subobject, Type: %s (%u), Length: %u",
tok2str(lmp_data_link_subobj,
"Unknown",
@ -389,24 +392,29 @@ lmp_print_data_link_subobjs(netdissect_options *ndo, const u_char *obj_tptr,
}
switch(subobj_type) {
case INT_SWITCHING_TYPE_SUBOBJ:
ND_TCHECK_8BITS(obj_tptr + offset + 2);
ND_PRINT((ndo, "\n\t Switching Type: %s (%u)",
tok2str(gmpls_switch_cap_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+offset+2)),
EXTRACT_8BITS(obj_tptr+offset+2)));
EXTRACT_8BITS(obj_tptr + offset + 2)),
EXTRACT_8BITS(obj_tptr + offset + 2)));
ND_TCHECK_8BITS(obj_tptr + offset + 3);
ND_PRINT((ndo, "\n\t Encoding Type: %s (%u)",
tok2str(gmpls_encoding_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+offset+3)),
EXTRACT_8BITS(obj_tptr+offset+3)));
EXTRACT_8BITS(obj_tptr + offset + 3)),
EXTRACT_8BITS(obj_tptr + offset + 3)));
ND_TCHECK_32BITS(obj_tptr + offset + 4);
bw.i = EXTRACT_32BITS(obj_tptr+offset+4);
ND_PRINT((ndo, "\n\t Min Reservable Bandwidth: %.3f Mbps",
bw.f*8/1000000));
ND_TCHECK_32BITS(obj_tptr + offset + 8);
bw.i = EXTRACT_32BITS(obj_tptr+offset+8);
ND_PRINT((ndo, "\n\t Max Reservable Bandwidth: %.3f Mbps",
bw.f*8/1000000));
break;
case WAVELENGTH_SUBOBJ:
ND_TCHECK_32BITS(obj_tptr + offset + 4);
ND_PRINT((ndo, "\n\t Wavelength: %u",
EXTRACT_32BITS(obj_tptr+offset+4)));
break;
@ -419,6 +427,8 @@ lmp_print_data_link_subobjs(netdissect_options *ndo, const u_char *obj_tptr,
offset+=subobj_len;
}
return (hexdump);
trunc:
return -1;
}
void
@ -429,7 +439,7 @@ lmp_print(netdissect_options *ndo,
const struct lmp_object_header *lmp_obj_header;
const u_char *tptr,*obj_tptr;
u_int tlen,lmp_obj_len,lmp_obj_ctype,obj_tlen;
int hexdump;
int hexdump, ret;
u_int offset;
u_int link_type;
@ -731,7 +741,10 @@ lmp_print(netdissect_options *ndo,
ipaddr_string(ndo, obj_tptr+8),
EXTRACT_32BITS(obj_tptr+8)));
if (lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12))
ret = lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12);
if (ret == -1)
goto trunc;
if (ret == TRUE)
hexdump=TRUE;
break;
@ -751,7 +764,10 @@ lmp_print(netdissect_options *ndo,
ip6addr_string(ndo, obj_tptr+20),
EXTRACT_32BITS(obj_tptr+20)));
if (lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 36, 36))
ret = lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 36, 36);
if (ret == -1)
goto trunc;
if (ret == TRUE)
hexdump=TRUE;
break;
@ -771,7 +787,10 @@ lmp_print(netdissect_options *ndo,
EXTRACT_32BITS(obj_tptr+8),
EXTRACT_32BITS(obj_tptr+8)));
if (lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12))
ret = lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12);
if (ret == -1)
goto trunc;
if (ret == TRUE)
hexdump=TRUE;
break;
@ -1012,7 +1031,7 @@ lmp_print(netdissect_options *ndo,
EXTRACT_8BITS(obj_tptr))));
ND_PRINT((ndo, "\n\t UNI Version: %u",
EXTRACT_8BITS(obj_tptr+1)));
EXTRACT_8BITS(obj_tptr + 1)));
break;
@ -1034,28 +1053,28 @@ lmp_print(netdissect_options *ndo,
ND_PRINT((ndo, "\n\t Signal Type: %s (%u)",
tok2str(lmp_sd_service_config_cpsa_signal_type_sdh_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+1)),
EXTRACT_8BITS(obj_tptr+1)));
EXTRACT_8BITS(obj_tptr + 1)),
EXTRACT_8BITS(obj_tptr + 1)));
break;
case LMP_SD_SERVICE_CONFIG_CPSA_LINK_TYPE_SONET:
ND_PRINT((ndo, "\n\t Signal Type: %s (%u)",
tok2str(lmp_sd_service_config_cpsa_signal_type_sonet_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+1)),
EXTRACT_8BITS(obj_tptr+1)));
EXTRACT_8BITS(obj_tptr + 1)),
EXTRACT_8BITS(obj_tptr + 1)));
break;
}
ND_PRINT((ndo, "\n\t Transparency: %s",
bittok2str(lmp_obj_service_config_cpsa_tp_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+2))));
EXTRACT_8BITS(obj_tptr + 2))));
ND_PRINT((ndo, "\n\t Contiguous Concatenation Types: %s",
bittok2str(lmp_obj_service_config_cpsa_cct_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+3))));
EXTRACT_8BITS(obj_tptr + 3))));
ND_PRINT((ndo, "\n\t Minimum NCC: %u",
EXTRACT_16BITS(obj_tptr+4)));
@ -1091,7 +1110,7 @@ lmp_print(netdissect_options *ndo,
bittok2str(
lmp_obj_service_config_nsa_tcm_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+7))));
EXTRACT_8BITS(obj_tptr + 7))));
break;
@ -1105,7 +1124,7 @@ lmp_print(netdissect_options *ndo,
bittok2str(
lmp_obj_service_config_nsa_network_diversity_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+3))));
EXTRACT_8BITS(obj_tptr + 3))));
break;
default:
@ -1129,7 +1148,7 @@ lmp_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
ND_PRINT((ndo, "%s", tstr));
}
/*
* Local Variables:

4
print-nfs.c
View File

@ -1568,8 +1568,8 @@ interp_reply(netdissect_options *ndo,
tok2str(nfsv3_writemodes,
NULL, EXTRACT_32BITS(&dp[1]))));
}
return;
}
return;
} else {
if (parseattrstat(ndo, dp, ndo->ndo_vflag, v3) != 0)
return;
@ -1655,8 +1655,8 @@ interp_reply(netdissect_options *ndo,
ND_PRINT((ndo, " dir:"));
if (!(dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag)))
break;
return;
}
return;
} else {
if (parsestatus(ndo, dp, &er) != NULL)
return;

8
print-openflow.c
View File

@ -132,11 +132,9 @@ of_header_body_print(netdissect_options *ndo, const u_char *cp, const u_char *ep
/* Print a TCP segment worth of OpenFlow messages presuming the segment begins
* on a message boundary. */
void
openflow_print(netdissect_options *ndo, const u_char *cp, const u_int len)
openflow_print(netdissect_options *ndo, const u_char *cp, const u_int len _U_)
{
const u_char *ep = cp + len;
ND_PRINT((ndo, ": OpenFlow"));
while (cp < ep)
cp = of_header_body_print(ndo, cp, ep);
while (cp < ndo->ndo_snapend)
cp = of_header_body_print(ndo, cp, ndo->ndo_snapend);
}

4
print-ospf.c
View File

@ -706,7 +706,7 @@ ospf_print_lsa(netdissect_options *ndo,
while ((const u_char *)lp < ls_end) {
register uint32_t ul;
ND_TCHECK(*lp);
ND_TCHECK_32BITS(lp);
ul = EXTRACT_32BITS(lp);
topology = (ul & SLA_MASK_TOS) >> SLA_SHIFT_TOS;
ND_PRINT((ndo, "\n\t\ttopology %s (%u) metric %d",
@ -723,7 +723,7 @@ ospf_print_lsa(netdissect_options *ndo,
while ((const u_char *)lp < ls_end) {
register uint32_t ul;
ND_TCHECK(*lp);
ND_TCHECK_32BITS(lp);
ul = EXTRACT_32BITS(lp);
topology = (ul & SLA_MASK_TOS) >> SLA_SHIFT_TOS;
ND_PRINT((ndo, "\n\t\ttopology %s (%u) metric %d",

3
print-ospf6.c
View File

@ -389,8 +389,7 @@ ospf6_print_lshdr(netdissect_options *ndo,
{
if ((const u_char *)(lshp + 1) > dataend)
goto trunc;
ND_TCHECK(lshp->ls_type);
ND_TCHECK(lshp->ls_seq);
ND_TCHECK(lshp->ls_length); /* last field of struct lsa6_hdr */
ND_PRINT((ndo, "\n\t Advertising Router %s, seq 0x%08x, age %us, length %u",
ipaddr_string(ndo, &lshp->ls_router),

4
print-ppi.c
View File

@ -68,6 +68,7 @@ ppi_print(netdissect_options *ndo,
}
hdr = (const ppi_header_t *)p;
ND_TCHECK_16BITS(&hdr->ppi_len);
len = EXTRACT_LE_16BITS(&hdr->ppi_len);
if (caplen < len) {
/*
@ -81,6 +82,7 @@ ppi_print(netdissect_options *ndo,
ND_PRINT((ndo, "[|ppi]"));
return (len);
}
ND_TCHECK_32BITS(&hdr->ppi_dlt);
dlt = EXTRACT_LE_32BITS(&hdr->ppi_dlt);
if (ndo->ndo_eflag)
@ -104,6 +106,8 @@ ppi_print(netdissect_options *ndo,
hdrlen = 0;
}
return (len + hdrlen);
trunc:
return (caplen);
}
/*

2
print-rsvp.c
View File

@ -499,6 +499,7 @@ rsvp_intserv_print(netdissect_options *ndo,
if (obj_tlen < 4)
return 0;
ND_TCHECK_8BITS(tptr);
parameter_id = *(tptr);
ND_TCHECK2(*(tptr + 2), 2);
parameter_length = EXTRACT_16BITS(tptr+2)<<2; /* convert wordcount to bytecount */
@ -1554,6 +1555,7 @@ rsvp_obj_print(netdissect_options *ndo,
case RSVP_OBJ_CLASSTYPE_OLD: /* fall through */
switch(rsvp_obj_ctype) {
case RSVP_CTYPE_1:
ND_TCHECK_32BITS(obj_tptr);
ND_PRINT((ndo, "%s CT: %u",
ident,
EXTRACT_32BITS(obj_tptr) & 0x7));

8
print-rx.c
View File

@ -694,7 +694,7 @@ rx_cache_insert(netdissect_options *ndo,
UNALIGNED_MEMCPY(&rxent->client, &ip->ip_src, sizeof(uint32_t));
UNALIGNED_MEMCPY(&rxent->server, &ip->ip_dst, sizeof(uint32_t));
rxent->dport = dport;
rxent->serviceId = EXTRACT_32BITS(&rxh->serviceId);
rxent->serviceId = EXTRACT_16BITS(&rxh->serviceId);
rxent->opcode = EXTRACT_32BITS(bp + sizeof(struct rx_header));
}
@ -725,7 +725,7 @@ rx_cache_find(const struct rx_header *rxh, const struct ip *ip, int sport,
if (rxent->callnum == EXTRACT_32BITS(&rxh->callNumber) &&
rxent->client.s_addr == clip &&
rxent->server.s_addr == sip &&
rxent->serviceId == EXTRACT_32BITS(&rxh->serviceId) &&
rxent->serviceId == EXTRACT_16BITS(&rxh->serviceId) &&
rxent->dport == sport) {
/* We got a match! */
@ -1019,6 +1019,7 @@ fs_print(netdissect_options *ndo,
}
if (j == 0)
ND_PRINT((ndo, " <none!>"));
break;
}
case 65537: /* Fetch data 64 */
FIDOUT();
@ -1279,6 +1280,7 @@ cb_print(netdissect_options *ndo,
bp += sizeof(int32_t);
tok2str(cb_types, "type %d", t);
}
break;
}
case 214: {
ND_PRINT((ndo, " afsuuid"));
@ -1740,6 +1742,7 @@ vldb_reply_print(netdissect_options *ndo,
INTOUT();
ND_PRINT((ndo, " nextindex"));
INTOUT();
/*FALLTHROUGH*/
case 503: /* Get entry by id */
case 504: /* Get entry by name */
{ unsigned long nservers, j;
@ -1789,6 +1792,7 @@ vldb_reply_print(netdissect_options *ndo,
INTOUT();
ND_PRINT((ndo, " nextindex"));
INTOUT();
/*FALLTHROUGH*/
case 518: /* Get entry by ID N */
case 519: /* Get entry by name N */
{ unsigned long nservers, j;

10
print-sflow.c
View File

@ -881,6 +881,14 @@ sflow_print(netdissect_options *ndo,
tptr = pptr;
tlen = len;
sflow_datagram = (const struct sflow_datagram_t *)pptr;
if (len < sizeof(struct sflow_datagram_t)) {
ND_TCHECK(sflow_datagram->version);
ND_PRINT((ndo, "sFlowv%u", EXTRACT_32BITS(sflow_datagram->version)));
ND_PRINT((ndo, " [length %u < %zu]",
len, sizeof(struct sflow_datagram_t)));
ND_PRINT((ndo, " (invalid)"));
return;
}
ND_TCHECK(*sflow_datagram);
/*
@ -916,6 +924,8 @@ sflow_print(netdissect_options *ndo,
/* skip Common header */
tptr += sizeof(const struct sflow_datagram_t);
if(tlen <= sizeof(const struct sflow_datagram_t)) goto trunc;
tlen -= sizeof(const struct sflow_datagram_t);
while (nsamples > 0 && tlen > 0) {

34
print-sl.c
View File

@ -52,8 +52,8 @@ static const char tstr[] = "[|slip]";
static u_int lastlen[2][256];
static u_int lastconn = 255;
static void sliplink_print(netdissect_options *, const u_char *, const struct ip *, u_int);
static void compressed_sl_print(netdissect_options *, const u_char *, const struct ip *, u_int, int);
static int sliplink_print(netdissect_options *, const u_char *, const struct ip *, u_int);
static int compressed_sl_print(netdissect_options *, const u_char *, const struct ip *, u_int, int);
u_int
sl_if_print(netdissect_options *ndo,
@ -74,7 +74,10 @@ sl_if_print(netdissect_options *ndo,
ip = (const struct ip *)(p + SLIP_HDRLEN);
if (ndo->ndo_eflag)
sliplink_print(ndo, p, ip, length);
if (sliplink_print(ndo, p, ip, length) == -1) {
ND_PRINT((ndo, "%s", tstr));
return (caplen + SLIP_HDRLEN);
}
if (caplen < 1 || length < 1) {
ND_PRINT((ndo, "%s", tstr));
@ -122,7 +125,7 @@ sl_bsdos_if_print(netdissect_options *ndo,
return (SLIP_HDRLEN);
}
static void
static int
sliplink_print(netdissect_options *ndo,
register const u_char *p, register const struct ip *ip,
register u_int length)
@ -153,7 +156,7 @@ sliplink_print(netdissect_options *ndo,
for (i = SLX_CHDR; i < SLX_CHDR + CHDR_LEN - 1; ++i)
ND_PRINT((ndo, "%02x.", p[i]));
ND_PRINT((ndo, "%02x: ", p[SLX_CHDR + CHDR_LEN - 1]));
return;
return 0;
}
switch (p[SLX_CHDR] & 0xf0) {
@ -171,9 +174,11 @@ sliplink_print(netdissect_options *ndo,
ND_PRINT((ndo, "utcp %d: ", lastconn));
if (dir == -1) {
/* Direction is bogus, don't use it */
return;
return 0;
}
ND_TCHECK(*ip);
hlen = IP_HL(ip);
ND_TCHECK(*((const struct tcphdr *)&((const int *)ip)[hlen]));
hlen += TH_OFF((const struct tcphdr *)&((const int *)ip)[hlen]);
lastlen[dir][lastconn] = length - (hlen << 2);
break;
@ -181,15 +186,19 @@ sliplink_print(netdissect_options *ndo,
default:
if (dir == -1) {
/* Direction is bogus, don't use it */
return;
return 0;
}
if (p[SLX_CHDR] & TYPE_COMPRESSED_TCP) {
compressed_sl_print(ndo, &p[SLX_CHDR], ip,
length, dir);
if (compressed_sl_print(ndo, &p[SLX_CHDR], ip,
length, dir) == -1)
goto trunc;
ND_PRINT((ndo, ": "));
} else
ND_PRINT((ndo, "slip-%d!: ", p[SLX_CHDR]));
}
return 0;
trunc:
return -1;
}
static const u_char *
@ -223,7 +232,7 @@ print_sl_winchange(netdissect_options *ndo,
return (cp);
}
static void
static int
compressed_sl_print(netdissect_options *ndo,
const u_char *chdr, const struct ip *ip,
u_int length, int dir)
@ -269,8 +278,13 @@ compressed_sl_print(netdissect_options *ndo,
* 'cp - chdr' is the length of the compressed header.
* 'length - hlen' is the amount of data in the packet.
*/
ND_TCHECK(*ip);
hlen = IP_HL(ip);
ND_TCHECK(*((const struct tcphdr *)&((const int32_t *)ip)[hlen]));
hlen += TH_OFF((const struct tcphdr *)&((const int32_t *)ip)[hlen]);
lastlen[dir][lastconn] = length - (hlen << 2);
ND_PRINT((ndo, " %d (%ld)", lastlen[dir][lastconn], (long)(cp - chdr)));
return 0;
trunc:
return -1;
}

11
print-sll.c
View File

@ -198,6 +198,7 @@ sll_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char
u_int caplen = h->caplen;
u_int length = h->len;
register const struct sll_header *sllp;
u_short hatype;
u_short ether_type;
int llc_hdrlen;
u_int hdrlen;
@ -225,6 +226,16 @@ sll_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char
p += SLL_HDR_LEN;
hdrlen = SLL_HDR_LEN;
hatype = EXTRACT_16BITS(&sllp->sll_hatype);
switch (hatype) {
case 803:
/*
* This is an packet with a radiotap header;
* just dissect the payload as such.
*/
return (SLL_HDR_LEN + ieee802_11_radio_print(ndo, p, length, caplen));
}
ether_type = EXTRACT_16BITS(&sllp->sll_protocol);
recurse:

13
print-smb.c
View File

@ -371,16 +371,21 @@ print_trans(netdissect_options *ndo,
ND_PRINT((ndo, "smb_bcc=%u\n", bcc));
if (bcc > 0) {
smb_fdata(ndo, data1 + 2, f2, maxbuf - (paramlen + datalen), unicodestr);
if (strcmp((const char *)(data1 + 2), "\\MAILSLOT\\BROWSE") == 0) {
#define MAILSLOT_BROWSE_STR "\\MAILSLOT\\BROWSE"
ND_TCHECK2(*(data1 + 2), strlen(MAILSLOT_BROWSE_STR) + 1);
if (strcmp((const char *)(data1 + 2), MAILSLOT_BROWSE_STR) == 0) {
print_browse(ndo, param, paramlen, data, datalen);
return;
}
#undef MAILSLOT_BROWSE_STR
if (strcmp((const char *)(data1 + 2), "\\PIPE\\LANMAN") == 0) {
#define PIPE_LANMAN_STR "\\PIPE\\LANMAN"
ND_TCHECK2(*(data1 + 2), strlen(PIPE_LANMAN_STR) + 1);
if (strcmp((const char *)(data1 + 2), PIPE_LANMAN_STR) == 0) {
print_ipc(ndo, param, paramlen, data, datalen);
return;
}
#undef PIPE_LANMAN_STR
if (paramlen)
smb_fdata(ndo, param, f3, min(param + paramlen, maxbuf), unicodestr);
@ -940,7 +945,9 @@ nbt_tcp_print(netdissect_options *ndo,
if (caplen < 4)
goto trunc;
maxbuf = data + caplen;
ND_TCHECK_8BITS(data);
type = data[0];
ND_TCHECK_16BITS(data + 2);
nbt_len = EXTRACT_16BITS(data + 2);
length -= 4;
caplen -= 4;

14
print-tcp.c
View File

@ -267,11 +267,11 @@ tcp_print(netdissect_options *ndo,
if (rev) {
UNALIGNED_MEMCPY(&tha.src, dst, sizeof ip6->ip6_dst);
UNALIGNED_MEMCPY(&tha.dst, src, sizeof ip6->ip6_src);
tha.port = dport << 16 | sport;
tha.port = ((u_int)dport) << 16 | sport;
} else {
UNALIGNED_MEMCPY(&tha.dst, dst, sizeof ip6->ip6_dst);
UNALIGNED_MEMCPY(&tha.src, src, sizeof ip6->ip6_src);
tha.port = sport << 16 | dport;
tha.port = ((u_int)sport) << 16 | dport;
}
for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
@ -318,11 +318,11 @@ tcp_print(netdissect_options *ndo,
if (rev) {
UNALIGNED_MEMCPY(&tha.src, &ip->ip_dst, sizeof ip->ip_dst);
UNALIGNED_MEMCPY(&tha.dst, &ip->ip_src, sizeof ip->ip_src);
tha.port = dport << 16 | sport;
tha.port = ((u_int)dport) << 16 | sport;
} else {
UNALIGNED_MEMCPY(&tha.dst, &ip->ip_dst, sizeof ip->ip_dst);
UNALIGNED_MEMCPY(&tha.src, &ip->ip_src, sizeof ip->ip_src);
tha.port = sport << 16 | dport;
tha.port = ((u_int)sport) << 16 | dport;
}
for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
@ -714,6 +714,12 @@ tcp_print(netdissect_options *ndo,
rtsp_print(ndo, bp, length);
} else if (length > 2 &&
(IS_SRC_OR_DST_PORT(NAMESERVER_PORT))) {
/* domain_print() assumes it does not have to prepend a space before its
* own output to separate it from the output of the calling function. This
* works well with udp_print(), but requires a small prop here.
*/
ND_PRINT((ndo, " "));
/*
* TCP DNS query has 2byte length at the head.
* XXX packet could be unaligned, it can go strange

8
print-vrrp.c
View File

@ -142,17 +142,21 @@ vrrp_print(netdissect_options *ndo,
vec[0].ptr = bp;
vec[0].len = len;
if (in_cksum(vec, 1))
if (in_cksum(vec, 1)) {
ND_TCHECK_16BITS(&bp[6]);
ND_PRINT((ndo, ", (bad vrrp cksum %x)",
EXTRACT_16BITS(&bp[6])));
}
}
if (version == 3 && ND_TTEST2(bp[0], len)) {
uint16_t cksum = nextproto4_cksum(ndo, (const struct ip *)bp2, bp,
len, len, IPPROTO_VRRP);
if (cksum)
if (cksum) {
ND_TCHECK_16BITS(&bp[6]);
ND_PRINT((ndo, ", (bad vrrp cksum %x)",
EXTRACT_16BITS(&bp[6])));
}
}
ND_PRINT((ndo, ", addrs"));

2
print-vtp.c
View File

@ -241,7 +241,7 @@ vtp_print (netdissect_options *ndo,
*/
tptr += 4;
while (tptr < (pptr+length)) {
while ((unsigned)(tptr - pptr) < length) {
ND_TCHECK_8BITS(tptr);
len = *tptr;

2
print-wb.c
View File

@ -203,7 +203,7 @@ wb_id(netdissect_options *ndo,
len -= sizeof(*io) * nid;
io = (const struct id_off *)(id + 1);
cp = (const char *)(io + nid);
if (ND_TTEST2(cp, len)) {
if (ND_TTEST2(*cp, len)) {
ND_PRINT((ndo, "\""));
fn_print(ndo, (const u_char *)cp, (const u_char *)cp + len);
ND_PRINT((ndo, "\""));

4
signature.c
View File

@ -130,7 +130,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
/*
* Do we have all the packet data to be checked?
*/
if (!ND_TTEST2(pptr, plen)) {
if (!ND_TTEST2(*pptr, plen)) {
/* No. */
return (CANT_CHECK_SIGNATURE);
}
@ -138,7 +138,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
/*
* Do we have the entire signature to check?
*/
if (!ND_TTEST2(sig_ptr, sizeof(sig))) {
if (!ND_TTEST2(*sig_ptr, sizeof(sig))) {
/* No. */
return (CANT_CHECK_SIGNATURE);
}

42
smbutil.c
View File

@ -478,12 +478,13 @@ smb_fdata1(netdissect_options *ndo,
case 'P':
{
int l = atoi(fmt + 1);
int l = atoi(fmt + 1);
if(l <= 0) goto trunc; /* actually error in fmt string */
ND_TCHECK2(buf[0], l);
buf += l;
fmt++;
while (isdigit((unsigned char)*fmt))
fmt++;
fmt++;
break;
}
case 'r':
@ -797,17 +798,33 @@ smb_fdata(netdissect_options *ndo,
int unicodestr)
{
static int depth = 0;
const u_char *buf_start = buf;
char s[128];
char *p;
while (*fmt) {
switch (*fmt) {
case '*':
/*
* List of multiple instances of something described by the
* remainder of the string (which may itself include a list
* of multiple instances of something, so we recurse).
*/
fmt++;
while (buf < maxbuf) {
const u_char *buf2;
depth++;
buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
/*
* In order to avoid stack exhaustion recurse at most 10
* levels; that "should not happen", as no SMB structure
* should be nested *that* deeply, and we thus shouldn't
* have format strings with that level of nesting.
*/
if (depth == 10) {
ND_PRINT((ndo, "(too many nested levels, not recursing)"));
buf2 = buf;
} else
buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
depth--;
if (buf2 == NULL)
return(NULL);
@ -818,22 +835,35 @@ smb_fdata(netdissect_options *ndo,
return(buf);
case '|':
/*
* Just do a bounds check.
*/
fmt++;
if (buf >= maxbuf)
return(buf);
break;
case '%':
/*
* XXX - unused?
*/
fmt++;
buf = maxbuf;
break;
case '#':
/*
* Done?
*/
fmt++;
return(buf);
break;
case '[':
/*
* Format of an item, enclosed in square brackets; dissect
* the item with smb_fdata1().
*/
fmt++;
if (buf >= maxbuf)
return(buf);
@ -847,11 +877,15 @@ smb_fdata(netdissect_options *ndo,
s[p - fmt] = '\0';
fmt = p + 1;
buf = smb_fdata1(ndo, buf, s, maxbuf, unicodestr);
if (buf == NULL)
if(buf < buf_start || buf == NULL) {
return(NULL);
}
break;
default:
/*
* Not a formatting character, so just print it.
*/
ND_PRINT((ndo, "%c", *fmt));
fmt++;
break;

8
tcpdump.1.in
View File

@ -441,7 +441,7 @@ terminal rather than to a file or pipe.
.PD
Set the time stamp type for the capture to \fItstamp_type\fP. The names
to use for the time stamp types are given in
.BR pcap-tstamp (@MAN_MISC_INFO@);
.BR \%pcap-tstamp (@MAN_MISC_INFO@);
not all the types listed there will necessarily be valid for any given
interface.
.TP
@ -1878,8 +1878,8 @@ The `*' on the request
indicates that XO (`exactly once') was \fInot\fP set.
.SH "SEE ALSO"
stty(1), pcap(3PCAP), bpf(4), nit(4P), pcap-savefile(@MAN_FILE_FORMATS@),
pcap-filter(@MAN_MISC_INFO@), pcap-tstamp(@MAN_MISC_INFO@)
stty(1), pcap(3PCAP), bpf(4), nit(4P), \%pcap-savefile(@MAN_FILE_FORMATS@),
\%pcap-filter(@MAN_MISC_INFO@), \%pcap-tstamp(@MAN_MISC_INFO@)
.LP
.RS
.I http://www.iana.org/assignments/media-types/application/vnd.tcpdump.pcap
@ -1898,7 +1898,7 @@ It is currently being maintained by tcpdump.org.
The current version is available via http:
.LP
.RS
.I http://www.tcpdump.org/
.I https://www.tcpdump.org/
.RE
.LP
The original distribution is available via anonymous ftp:

45
tcpdump.c
View File

@ -108,10 +108,6 @@ The Regents of the University of California. All rights reserved.\n";
#endif /* HAVE_CAP_NG_H */
#endif /* HAVE_LIBCAP_NG */
#ifdef __FreeBSD__
#include <sys/sysctl.h>
#endif /* __FreeBSD__ */
#include "netdissect.h"
#include "interface.h"
#include "addrtoname.h"
@ -611,11 +607,10 @@ droproot(const char *username, const char *chroot_dir)
#ifdef HAVE_LIBCAP_NG
{
int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
if (ret < 0) {
fprintf(stderr, "error : ret %d\n", ret);
} else {
if (ret < 0)
error("capng_change_id(): return %d\n", ret);
else
fprintf(stderr, "dropped privs to %s\n", username);
}
}
#else
if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
@ -704,13 +699,15 @@ static char *
get_next_file(FILE *VFile, char *ptr)
{
char *ret;
size_t len;
ret = fgets(ptr, PATH_MAX, VFile);
if (!ret)
return NULL;
if (ptr[strlen(ptr) - 1] == '\n')
ptr[strlen(ptr) - 1] = '\0';
len = strlen (ptr);
if (len > 0 && ptr[len - 1] == '\n')
ptr[len - 1] = '\0';
return ret;
}
@ -1027,6 +1024,10 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf)
if (status < 0)
error("%s: Can't set time stamp type: %s",
device, pcap_statustostr(status));
else if (status > 0)
warning("When trying to set timestamp type '%s' on %s: %s",
pcap_tstamp_type_val_to_name(jflag), device,
pcap_statustostr(status));
}
#endif
status = pcap_activate(pc);
@ -1048,30 +1049,6 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf)
} else if (status == PCAP_ERROR_PERM_DENIED && *cp != '\0')
error("%s: %s\n(%s)", device,
pcap_statustostr(status), cp);
#ifdef __FreeBSD__
else if (status == PCAP_ERROR_RFMON_NOTSUP &&
strncmp(device, "wlan", 4) == 0) {
char parent[8], newdev[8];
char sysctl[32];
size_t s = sizeof(parent);
snprintf(sysctl, sizeof(sysctl),
"net.wlan.%d.%%parent", atoi(device + 4));
sysctlbyname(sysctl, parent, &s, NULL, 0);
strlcpy(newdev, device, sizeof(newdev));
/* Suggest a new wlan device. */
/* FIXME: incrementing the index this way is not going to work well
* when the index is 9 or greater but the only consequence in this
* specific case would be an error message that looks a bit odd.
*/
newdev[strlen(newdev)-1]++;
error("%s is not a monitor mode VAP\n"
"To create a new monitor mode VAP use:\n"
" ifconfig %s create wlandev %s wlanmode monitor\n"
"and use %s as the tcpdump interface",
device, newdev, parent, newdev);
}
#endif
else
error("%s: %s", device,
pcap_statustostr(status));

12
tests/SMBLIST Normal file
View File

@ -0,0 +1,12 @@
# bad packets from Otto Airamo and Antti Levomäki
nbns-valgrind nbns-valgrind.pcap nbns-valgrind.out -vvv -e
smb_print_trans-oobr1 smb_print_trans-oobr1.pcapng smb_print_trans-oobr1.out -vv -c4
# bad packets from Philippe Antoine
smb_print_trans-oobr2 smb_print_trans-oobr2.pcap smb_print_trans-oobr2.out -vv -c1
# CVE-2018-10105 bad packets from Luis Rocha
cve-2018-10105_smbprint-readofsize1 cve-2018-10105_smbprint-readofsize1.pcap cve-2018-10105_smbprint-readofsize1.out -vvv
cve-2018-10105_smbutil_withoutasan cve-2018-10105_smbutil_withoutasan.pcap cve-2018-10105_smbutil_withoutasan.out -vvv

62
tests/TESTLIST
View File

@ -26,8 +26,8 @@ bgp_infloop-v bgp-infinite-loop.pcap bgp_infloop-v.out -v
bgp-aigp bgp-aigp.pcap bgp-aigp.out -v
bgp-large-community bgp-large-community.pcap bgp-large-community.out -v
# EAP tests
eapon1 eapon1.pcap eapon1.out
# EAP tests. eapon1.pcap has NBT packets mixed in, eapon2.pcap removes them.
eapon2 eapon2.pcap eapon2.out
# ESP tests
esp0 02-sunrise-sunset-esp.pcap esp0.out
@ -198,6 +198,7 @@ of10_s4810-vvvv of10_s4810.pcap of10_s4810-vvvv.out -vvvv
of10_pf5240-vv of10_pf5240.pcap of10_pf5240-vv.out -vv
of10_7050q-v of10_7050q.pcap of10_7050q-v.out -v
of10_7050sx_bsn-vv of10_7050sx_bsn.pcap of10_7050sx_bsn-vv.out -vv
of10_7050sx_bsn-oobr of10_7050sx_bsn-oobr.pcap of10_7050sx_bsn-oobr.out -v
# GeoNetworking and CALM FAST tests
geonet-calm-fast geonet_and_calm_fast.pcap geonet_and_calm_fast.out -vv
@ -358,9 +359,9 @@ lisp_ipv6_eid lisp_ipv6.pcap lisp_ipv6.out -v
pcap-invalid-version-1 pcap-invalid-version-1.pcap pcap-invalid-version-1.out
pcap-invalid-version-2 pcap-invalid-version-2.pcap pcap-invalid-version-2.out
# pcap-ng invalid version (first: version = 0.1 ; second: version = 1.1)
pcap-ng-invalid-vers-1 pcap-ng-invalid-vers-1.pcap pcap-ng-invalid-vers-1.out
pcap-ng-invalid-vers-2 pcap-ng-invalid-vers-2.pcap pcap-ng-invalid-vers-2.out
# pcapng invalid version (first: version = 0.1 ; second: version = 1.1)
pcapng-invalid-vers-1 pcapng-invalid-vers-1.pcapng pcapng-invalid-vers-1.out
pcapng-invalid-vers-2 pcapng-invalid-vers-2.pcapng pcapng-invalid-vers-2.out
# NSH over VxLAN-GPE
nsh-over-vxlan-gpe nsh-over-vxlan-gpe.pcap nsh-over-vxlan-gpe.out
@ -468,8 +469,6 @@ hoobr_nfs_xid_map_enter hoobr_nfs_xid_map_enter.pcap hoobr_nfs_xid_map_enter.
# bad packets from Wilfried Kirsch
slip-bad-direction slip-bad-direction.pcap slip-bad-direction.out -ve
# bad packets from Otto Airamo and Antti Levomäki
nbns-valgrind nbns-valgrind.pcap nbns-valgrind.out -vvv -e
arp-oobr arp-oobr.pcap arp-oobr.out -vvv -e
icmp-cksum-oobr-1 icmp-cksum-oobr-1.pcap icmp-cksum-oobr-1.out -vvv -e
icmp-cksum-oobr-2 icmp-cksum-oobr-2.pcap icmp-cksum-oobr-2.out -vvv -e
@ -551,13 +550,18 @@ radius_attr_asan radius_attr_asan.pcap radius_attr_asan.out -v
ospf6_decode_v3_asan ospf6_decode_v3_asan.pcap ospf6_decode_v3_asan.out -v
ip_ts_opts_asan ip_ts_opts_asan.pcap ip_ts_opts_asan.out -v
isakmpv1-attr-oobr isakmpv1-attr-oobr.pcap isakmpv1-attr-oobr.out -v
# The case below depends on the bug in print-hncp.c, which at the time of
# discovery had codepoints for DHCPv6-Data and DHCPv4-Data swapped around.
# After the bugfix the output will be different because of the different
# code path and will not test the vulnerability unless modified respectively.
isakmp-ikev1_n_print-oobr isakmp-ikev1_n_print-oobr.pcap isakmp-ikev1_n_print-oobr.out -v -c3
ldp-ldp_tlv_print-oobr ldp-ldp_tlv_print-oobr.pcap ldp-ldp_tlv_print-oobr.out -v -c1
icmp-icmp_print-oobr-1 icmp-icmp_print-oobr-1.pcap icmp-icmp_print-oobr-1.out -v -c3
icmp-icmp_print-oobr-2 icmp-icmp_print-oobr-2.pcap icmp-icmp_print-oobr-2.out -v -c3
rsvp-rsvp_obj_print-oobr rsvp-rsvp_obj_print-oobr.pcap rsvp-rsvp_obj_print-oobr.out -v -c3
vrrp-vrrp_print-oobr vrrp-vrrp_print-oobr.pcap vrrp-vrrp_print-oobr.out -v -c3
vrrp-vrrp_print-oobr-2 vrrp-vrrp_print-oobr-2.pcap vrrp-vrrp_print-oobr-2.out -v
bgp-bgp_capabilities_print-oobr-1 bgp-bgp_capabilities_print-oobr-1.pcap bgp-bgp_capabilities_print-oobr-1.out -v -c1
bgp-bgp_capabilities_print-oobr-2 bgp-bgp_capabilities_print-oobr-2.pcap bgp-bgp_capabilities_print-oobr-2.out -v -c1
lmp-lmp_print_data_link_subobjs-oobr lmp-lmp_print_data_link_subobjs-oobr.pcap lmp-lmp_print_data_link_subobjs-oobr.out -v -c2
# The .pcap file is truncated after the 1st packet.
hncp_dhcpv6data-oobr hncp_dhcpv6data-oobr.pcap hncp_dhcpv6data-oobr.out -v -c1
# Same comments apply to the case below.
hncp_dhcpv4data-oobr hncp_dhcpv4data-oobr.pcap hncp_dhcpv4data-oobr.out -v -c1
vqp-oobr vqp-oobr.pcap vqp-oobr.out -v -c1
bgp_pmsi_tunnel-oobr bgp_pmsi_tunnel-oobr.pcap bgp_pmsi_tunnel-oobr.out -v -c1
@ -576,6 +580,10 @@ olsr-oobr-1 olsr-oobr-1.pcap olsr-oobr-1.out -v
olsr-oobr-2 olsr-oobr-2.pcap olsr-oobr-2.out -v
ikev1_id_ipv6_addr_subnet-oobr ikev1_id_ipv6_addr_subnet-oobr.pcap ikev1_id_ipv6_addr_subnet-oobr.out -v
isakmp-various-oobr isakmp-various-oobr.pcap isakmp-various-oobr.out -v
aoe-oobr-1 aoe-oobr-1.pcap aoe-oobr-1.out -v -c1
frf16_magic_ie-oobr frf16_magic_ie-oobr.pcap frf16_magic_ie-oobr.out -v -c1
rx_serviceid_oobr rx_serviceid_oobr.pcap rx_serviceid_oobr.out -c3
bgp_mp_reach_nlri-oobr bgp_mp_reach_nlri-oobr.pcap bgp_mp_reach_nlri-oobr.out -v -c1
# bad packets from Katie Holly
mlppp-oobr mlppp-oobr.pcap mlppp-oobr.out
@ -586,6 +594,16 @@ icmp6_nodeinfo_oobr icmp6_nodeinfo_oobr.pcap icmp6_nodeinfo_oobr.out
# bad packets from Henri Salo
rx_ubik-oobr rx_ubik-oobr.pcap rx_ubik-oobr.out -c1
babel_update_oobr babel_update_oobr.pcap babel_update_oobr.out -c 52
# bad packets from Junjie Wang
ospf6_print_lshdr-oobr ospf6_print_lshdr-oobr.pcapng ospf6_print_lshdr-oobr.out -vv -c15
rpl-dao-oobr rpl-dao-oobr.pcapng rpl-dao-oobr.out -vv -c1
hncp_prefix-oobr hncp_prefix-oobr.pcapng hncp_prefix-oobr.out -vvv
# bad packets from Ryan Ackroyd
ieee802.11_meshhdr-oobr ieee802.11_meshhdr-oobr.pcap ieee802.11_meshhdr-oobr.out -H -c1
dccp_options-oobr dccp_options-oobr.pcap dccp_options-oobr.out -vv -c8
# RTP tests
# fuzzed pcap
@ -603,3 +621,23 @@ nfs-seg-fault-1 nfs-seg-fault-1.pcap nfs-seg-fault-1.out
dns-zlip-1 dns-zlip-1.pcap dns-zlip-1.out
dns-zlip-2 dns-zlip-2.pcap dns-zlip-2.out
dns-zlip-3 dns-zlip-3.pcap dns-zlip-3.out
# CVE-2019-15120
kh-addrfail-001 kh-addrfail-001.pcap kh-addrfail-001.out
kh-addrfail-002 kh-addrfail-002.pcap kh-addrfail-002.out
kh-addrfail-003 kh-addrfail-003.pcap kh-addrfail-003.out
kh-addrfail-004 kh-addrfail-004.pcap kh-addrfail-004.out
kh-addrfail-005 kh-addrfail-005.pcap kh-addrfail-005.out
kh-addrfail-006 kh-addrfail-006.pcap kh-addrfail-006.out
kh-addrfail-007 kh-addrfail-007.pcap kh-addrfail-007.out
kh-addrfail-008 kh-addrfail-008.pcap kh-addrfail-008.out
kh-addrfail-009 kh-addrfail-009.pcap kh-addrfail-009.out
kh-addrfail-010 kh-addrfail-010.pcap kh-addrfail-010.out
kh-addrfail-011 kh-addrfail-011.pcap kh-addrfail-011.out
kh-tcpdump-001 kh-tcpdump-001.pcap kh-tcpdump-001.out
kh-tcpdump-002 kh-tcpdump-002.pcap kh-tcpdump-002.out
# CVE-2018-10105 bad packets from Luis Rocha
cve-2018-10105-segv-sflowprint cve-2018-10105-segv-sflowprint.pcapng cve-2018-10105-segv-sflowprint.out -v

127
tests/TESTonce
View File

@ -1,6 +1,17 @@
#!/usr/bin/env perl
system("mkdir -p NEW DIFF");
$TCPDUMP = "./tcpdump";
if ($^O eq 'MSWin32') {
$TCPDUMP = "windump";
}
if($ENV{TCPDUMP_BIN}) {
$TCPDUMP = $ENV{TCPDUMP_BIN};
}
use File::Basename;
use POSIX qw( WEXITSTATUS WIFEXITED);
system("mkdir -p tests/NEW tests/DIFF");
if(@ARGV != 4) {
print "Usage: TESTonce name input output options\n";
@ -13,39 +24,121 @@ $output=$ARGV[2];
$options=$ARGV[3];
my $r;
my $debug = 0; # change to suit.
$outputbase = basename($output);
my $coredump = false;
my $status = 0;
my $linecount = 0;
my $rawstderrlog = "tests/NEW/${outputbase}.raw.stderr";
my $stderrlog = "tests/NEW/${outputbase}.stderr";
my $diffstat = 0;
my $errdiffstat = 0;
my $cmd;
if ($^O eq 'MSWin32') {
$r = system "..\\windump -n -t -r $input $options 2>NUL | sed 's/\\r//' | tee NEW/$output | diff $output - >DIFF/$output.diff";
$r = system ".\\${TCPDUMP} -t -n -r $input $options 2>NUL | sed 's/\\r//' | tee tests/NEW/${outputbase} | diff $output - >tests/DIFF/${outputbase}.diff";
# need to do same as below for Cygwin.
}
else {
# we used to do this as a nice pipeline, but the problem is that $r fails to
# to be set properly if the tcpdump core dumps.
$r = system "../tcpdump 2>/dev/null -n -t -r $input $options >NEW/$output";
$cmd = "$TCPDUMP 2>${rawstderrlog} -t -n -r $input $options >tests/NEW/${outputbase}";
print "CMD: $cmd\n" if $debug;
$r = system $cmd;
if($r == -1) {
# failed to start due to error.
$status = $!;
}
if($r != 0) {
# this means tcpdump failed.
open(OUTPUT, ">>"."NEW/$output") || die "fail to open $output\n";
printf OUTPUT "EXIT CODE %08x\n", $r;
$coredump = false;
$status = 0;
# this means tcpdump failed, which however, might be expected.
open(OUTPUT, ">>"."tests/NEW/${outputbase}") || die "fail to open ${outputbase}\n";
if( $r & 128 ) {
$coredump = $r & 127;
}
if( WIFEXITED($r)) {
$status = WEXITSTATUS($r);
}
if($coredump || $status) {
printf OUTPUT "\nEXIT CODE %08x: dump:%d code: %d\n", $r, $coredump, $status;
} else {
printf OUTPUT "\nEXIT CODE %08x\n", $r;
}
close(OUTPUT);
$r = 0;
$r = 0; # clear the error so that the diff will occur.
}
print "RUNNING DIFF after ${r}\n" if $debug;
# always run diff.
$cmd = "cat tests/NEW/${outputbase} | diff $output - >tests/DIFF/${outputbase}.diff";
print "RUNNING: $cmd\n" if $debug;
$r = system $cmd;
if(WIFEXITED($r)) {
$diffstat = WEXITSTATUS($r);
}
#system("/bin/sh");
# process the file, sanitize "reading from" line, and count lines
$linecount = 0;
open(ERRORRAW, "<" . $rawstderrlog);
open(ERROROUT, ">" . $stderrlog);
while(<ERRORRAW>) {
next if /^\s*$/; # blank lines are boring
if(/^(reading from file )(.*)(,.*)$/) {
my $filename = basename($2);
print ERROROUT "${1}${filename}${3}\n";
next;
}
print ERROROUT;
$linecount++;
}
close(ERROROUT);
close(ERRORRAW);
if ( -f "$output.stderr" ) {
$nr = system "cat $stderrlog | diff $output.stderr - >tests/DIFF/$outputbase.stderr.diff";
if($r == 0) {
$r = $nr;
}
$errdiffstat = WEXITSTATUS($nr);
} else {
$errdiffstat = "-"
}
if($r == 0) {
$r = system "cat NEW/$output | diff $output - >DIFF/$output.diff";
if($linecount == 0 && $status == 0) {
print "UNLINK: ${stderrlog}\n" if $debug;
unlink($stderrlog) unless $debug;
} else {
$errdiffstat = "+";
}
}
#print sprintf("END: %08x\n", $r);
print sprintf("END: %08x\n", $r) if $debug;
}
if($r == 0) {
printf " %-35s: passed\n", $name;
unlink "DIFF/$output.diff";
exit 0;
my $stderrlog="";
if($linecount > 0 && $errdiffstat != "-") {
$stderrlog=sprintf("-- %d lines extra in stderr", $linecount);
}
if(!defined($ENV{"SKIPPASSED"})) {
printf " %-35s: passed%s\n", $name, $stderrlog;
}
unlink "tests/DIFF/$outputbase.diff" unless $debug;
exit 0;
}
printf " %-35s: TEST FAILED", $name;
open FOUT, '>>failure-outputs.txt';
printf FOUT "Failed test: $name\n\n";
# must have failed!
printf " %-35s: TEST FAILED(exit core=%d/diffstat=%d,%d/r=%d)", $name, $coredump, $diffstat, $errdiffstat, $r;
open FOUT, '>>tests/failure-outputs.txt';
printf FOUT "\nFailed test: $name\n\n";
close FOUT;
if(-f "DIFF/$output.diff") {
system "cat DIFF/$output.diff >> failure-outputs.txt";
if(-f "tests/DIFF/$outputbase.diff") {
system "cat tests/DIFF/$outputbase.diff >> tests/failure-outputs.txt";
}
if($r == -1) {

69
tests/TESTrun.sh
View File

@ -1,26 +1,43 @@
#!/bin/sh
mkdir -p NEW
mkdir -p DIFF
passed=0
failed=0
cat /dev/null > failure-outputs.txt
TZ=GMT0; export TZ
srcdir=${SRCDIR-..}
# make it absolute for later use.
pwd
srcdir=`cd $srcdir && pwd`
# this should be run from the compiled build directory,
# with srcdir= set to wherever the source code is.
# not from the tests directory.
echo RUNNING from ${srcdir}
passedfile=`pwd`/tests/.passed
failedfile=`pwd`/tests/.failed
failureoutput=`pwd`/tests/failure-outputs.txt
mkdir -p tests/NEW
mkdir -p tests/DIFF
cat /dev/null > ${failureoutput}
runComplexTests()
{
for i in *.sh
for i in ${srcdir}/tests/*.sh
do
case $i in TEST*.sh) continue;; esac
sh ./$i
case $i in
${srcdir}/tests/TEST*.sh) continue;;
${srcdir}/tests/\*.sh) continue;;
esac
: echo Running $i
(sh $i ${srcdir})
done
passed=`cat ${passedfile}`
failed=`cat ${failedfile}`
}
runSimpleTests()
{
passed=`cat .passed`
failed=`cat .failed`
only=$1
cat TESTLIST | while read name input output options
cat ${srcdir}/tests/TESTLIST | while read name input output options
do
case $name in
\#*) continue;;
@ -28,23 +45,34 @@ runSimpleTests()
esac
rm -f core
[ "$only" != "" -a "$name" != "$only" ] && continue
if ./TESTonce $name $input $output "$options"
SRCDIR=${srcdir}
export SRCDIR
# I hate shells with their stupid, useless subshells.
passed=`cat ${passedfile}`
failed=`cat ${failedfile}`
(
if ${srcdir}/tests/TESTonce $name ${srcdir}/tests/$input ${srcdir}/tests/$output "$options"
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
fi
if [ -d tests/COREFILES ]; then
if [ -f core ]; then mv core tests/COREFILES/$name.core; fi
fi)
[ "$only" != "" -a "$name" = "$only" ] && break
done
# I hate shells with their stupid, useless subshells.
passed=`cat .passed`
failed=`cat .failed`
passed=`cat ${passedfile}`
failed=`cat ${failedfile}`
}
echo $passed >.passed
echo $failed >.failed
passed=0
failed=0
echo $passed >${passedfile}
echo $failed >${failedfile}
if [ $# -eq 0 ]
then
runComplexTests
@ -62,8 +90,9 @@ echo '------------------------------------------------'
printf "%4u tests failed\n" $failed
printf "%4u tests passed\n" $passed
echo
echo
cat failure-outputs.txt
if [ -z "$SKIPPASSED" ]; then
cat ${failureoutput}
fi
echo
echo
exit $failed

3
tests/aoe-oobr-1.out Normal file
View File

@ -0,0 +1,3 @@
AoE length 18, Ver 1, Flags: [Response, MBZ-0x02, MBZ-0x01]
Major: 0x40f6, Minor: 0x02, Command: Reserve/Release, Tag: 0x01010101
RCmd: Set reserve list, NMacs: 1 [|aoe]

BIN
tests/aoe-oobr-1.pcap Normal file
View File

Binary file not shown.

BIN
tests/arp-too-long-tha.pcap
View File

Binary file not shown.

66
tests/babel_update_oobr.out Normal file
View File

@ -0,0 +1,66 @@
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O^O^O^O^O^DM-2M-!M-1M-1M-1M-1M-1M-1M-1M-1M-,.M-0^Vn [|kerberos]
IP 10.0.0.1 > 0.234.154.214: ip-proto-17
IP 10.0.0.1.88 > 0.234.154.179.24191: v4 be KDC_REQUEST: ^O^O^O^O^O^DM-2 .*^C@>M-z}M-uM-tM-+M-_M-{S^PM-=OM-^Y [|kerberos]
58:5e:0a:02:f4:0a > 02:8e:00:50:6a:e1, ethertype Unknown (0xb104), length 3892667167:
0x0000: 020f 0f0f 0f0f 0f0f 0f0f 04b2 a1b1 b1b1 ................
0x0010: b1b1 b1b1 b158 5e0a 02f4 0ab1 0402 0f0f .....X^.........
0x0020: ff80 0f0f 0f0f 0f00 80a1 00b2 b2b2 b20d ................
0x0030: 0d3a 3400 0001 00 .:4....
IP 6.3.218.255.6379 > 0.1.31.99.639: Flags [S.UW], seq 2751463404:2751463426, ack 1006637056, win 45746, urg 25778, length 22: RESP [|RESP]
IP 6.3.208.255.6379 > 0.1.31.99.639: Flags [S.UW], seq 2751463404:2751463426, ack 1006640128, win 45746, urg 25778, length 22: RESP "M-2M-2M-2M-2M-2M-7dM-2M-2M-2M-2M-2" [|RESP]
IP 208.21.10.1.654 > 31.99.100.232.80: aodv rrep 34 prefix 4 hops 11
dst 237.34.38.84 dseq 32203525 src 232.11.2.0 67108864 ms
ext 0 0
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O^O^O^O^O^DM-WM-WM-WM-WM-WM-WM-W.@ 680min [|kerberos]
IP 10.0.253.1.88 > 0.234.154.214.24073: v4 be KDC_REQUEST: .M-^?M-^?^AM-^@M-^?M-^@M-V@M-WM-WM-sM-WM-WM-WM-WM-W 880min ^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?.d^O^O^O^O^O^O^O^O^O^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24073: v4 be KDC_REQUEST: .M-^?M-^?^AM-^@M-^?M-^@M-V@M-WM-WM-sM-WM-WM-WM-WM-W 880min ^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?.d^O^O^O^O^O^O^O^O^O^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-2M-!^BM-W^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 10.0.242.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O'^O^O@@.@^Qjp^J@ 1070min .X^^J^B [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O^U.@^O^D^O^O^O^O^O^O^O^O^O^O^O^O [|kerberos]
IP 10.0.222.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O^DM-2 .M-g^C@>M-y}M-uM-tM-+M-` 680min [|kerberos]
01:01:ed:83:e3:ff > 02:8e:00:50:6d:e1, ethertype Unknown (0x0700), length 3892672031:
0x0000: 4508 8834 d940 4000 4011 4a70 0a00 0001 E..4.@@.@.Jp....
0x0010: 00ea 9ad6 0058 5e0a 02f4 0ab1 0402 0f0f .....X^.........
0x0020: 0f0f 0f0f 0f0f 0f04 b2a1 b1b1 b1b1 b1b1 ................
0x0030: b1b1 b100 b016 6e ......n
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O^U.@ ^D^R^O^O^O^O^O^O^O^O^O^O^O [|kerberos]
IP 10.0.255.127.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O^DM-2 .M-g^C@>M-z}M-uM-tM-^\M-`^VM-^?^?M-=OM-^Y [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O.^B^O^O^O^O^DM-2M-!M-1M-1M-1M-1M-1M-1M-1M-1M-1M-^@M-0^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?M-^@^D^O^O^O^O^O^P.M-^?M-^?^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-#M-^?M-^?d^O^O^O^O^O^O^O^O^O^O^O^O@^VM-^H [|kerberos]
IP 0.0.1.0 > 234.154.214.0: ip-proto-106
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?M-^@^D^O^O^O^O^O^P.M-^?M-^?^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-^@M-^?M-^?M-^?^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O^O^O^O^O^DM-WM-WM-WM-WM-WM-WM-W.@ 680min [|kerberos]
IP 10.0.253.1.8280 > 0.234.154.214.24073: UDP, bad length 60652 > 32792
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?.d^O^O^O^O^O^O^O^O^O^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-2M-!^BM-W^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O'^O^O@@.@^Qjp^J@ 1070min .X^^J^B [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 le APPL_REQUEST_MUTUAL: (unknown)
01:00:01:00:00:00 > 02:8e:00:50:6a:e1, ethertype Unknown (0x08e8), length 3892667167:
0x0000: 4408 8034 d92b 4000 4011 3b70 0a00 0001 D..4.+@.@.;p....
0x0010: 00ea 9ad6 0058 5e0a 02f4 0ab1 0402 ffff .....X^.........
0x0020: ff7f 80ff 80d6 00c3 0880 34d9 4040 0040 ..........4.@@.@
0x0030: 114a 700a 0016 88 .Jp....
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: .M-oM-^?M-^?@M-^?M-^@M-V M-WM-WM-WM-WM-WM-WM-WM-W 0min ^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.210.24073: v4 be KDC_REQUEST: .M-^?M-^?^AM-^@M-^?M-^@M-V@M-WM-WM-sM-WM-WM-WM-WM-W 880min ^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?.d^O^O^O^O^O^O^O^O^O^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-2M-!^BM-WM-^?M-!^B^O^O^P@M-^?M-^?^O^O^O [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-#M-^?M-^?d^O^O^O^O^O^O^O^O^O^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-2M-!^BM-W^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074:
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-^@M-^?M-^?M-^?^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074:
IP 10.0.253.1.88 > 0.234.154.214.24073: v4 be KDC_REQUEST: .M-^?M-^?^AM-^@M-^?M-^@M-V@M-WM-WM-sM-WM-WM-WM-WM-W 880min ^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?.d^O^O^O^O^O^O^O^O^O^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-2M-!^BM-W^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O'^O^O@@.@^Qjp^J@ 1070min .X^^J^B [|kerberos]
IP 64.0.0.1.88 > 0.234.154.214.24074: v4 le APPL_REQUEST_MUTUAL: (unknown)
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: M-^?M-^?M-^?^?M-^@M-^?M-^@M-V.M-C^HM-^@4M-Y@@@@^QJp^J [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: .M-oM-^?M-^?@M-^?M-^@M-V 75min ^O^O^O^O^O^O^O^O.^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-2M-!^BM-W^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O^O7M-^@M-^?M-^@^D^O^O^O^O^O^P.M-^?M-^?^O^O^O@^VM-^H [|kerberos]
IP 10.0.0.1.88 > 0.234.154.214.24074: v4 be KDC_REQUEST: ^O^O^O^O.^DM-^@M-^?M-^?M-^?^CM-!^B@^D 0min ^P.^VM-^H [|kerberos]
IP 208.21.42.58.6697 > 110.228.104.254.30952: babel 2 (2056) (invalid)

BIN
tests/babel_update_oobr.pcap Normal file
View File

Binary file not shown.

27
tests/bgp-bgp_capabilities_print-oobr-1.out Normal file
View File

@ -0,0 +1,27 @@
IP (tos 0x1f,CE, ttl 254, id 38671, offset 0, flags [+, DF, rsvd], proto TCP (6), length 4135, bad cksum 200 (->1fdd)!)
226.219.0.0.179 > 16.233.34.0.100: Flags [SPUE], seq 347537408:347541483, win 511, urg 65535, options [eol], length 4075: BGP [|BGP]
Open Message (1), length: 59
Version 255, my AS 65528, Holdtime 4324s, ID 144.8.32.4
Optional parameters, length: 29
Option Unknown (0), length: 0
no decoder for option 0
Option Capabilities Advertisement (2), length: 8
Graceful Restart (64), length: 0
Restart Flags: [none], Restart Time 0s
Unknown (0), length: 0
no decoder for Capability 0
32-Bit AS Number (65), length: 4
4 Byte AS 2
Option Unknown (0), length: 2
no decoder for option 0
Option Capabilities Advertisement (2), length: 2
Unknown (232), length: 3
no decoder for Capability 232
0x0000: 0207 04
Option Capabilities Advertisement (2), length: 7
Multiple Routes to a Destination (4), length: 0
no decoder for Capability 4
Unknown (8), length: 0
no decoder for Capability 8
Route Refresh (Cisco) (128), length: 0
Graceful Restart (64), length: 0[|BGP]

BIN
tests/bgp-bgp_capabilities_print-oobr-1.pcap Normal file
View File

Binary file not shown.

26
tests/bgp-bgp_capabilities_print-oobr-2.out Normal file
View File

@ -0,0 +1,26 @@
IP (tos 0x1f,CE, ttl 254, id 38671, offset 0, flags [+, DF, rsvd], proto TCP (6), length 4135, bad cksum 200 (->1fdd)!)
226.219.0.0.179 > 16.233.34.0.100: Flags [SPUE], seq 347537408:347541483, win 511, urg 65535, options [eol], length 4075: BGP [|BGP]
Open Message (1), length: 59
Version 255, my AS 65528, Holdtime 4324s, ID 144.8.32.4
Optional parameters, length: 29
Option Unknown (0), length: 0
no decoder for option 0
Option Capabilities Advertisement (2), length: 8
Graceful Restart (64), length: 0
Restart Flags: [none], Restart Time 0s
Unknown (0), length: 0
no decoder for Capability 0
32-Bit AS Number (65), length: 4
4 Byte AS 2
Option Unknown (0), length: 2
no decoder for option 0
Option Capabilities Advertisement (2), length: 2
Unknown (232), length: 3
no decoder for Capability 232
0x0000: 0207 04
Option Capabilities Advertisement (2), length: 7
Multiple Routes to a Destination (4), length: 0
no decoder for Capability 4
Unknown (8), length: 0
no decoder for Capability 8
Multiprotocol Extensions (1), length: 0[|BGP]

BIN
tests/bgp-bgp_capabilities_print-oobr-2.pcap Normal file
View File

Binary file not shown.

277
tests/bgp_mp_reach_nlri-oobr.out Normal file
View File

@ -0,0 +1,277 @@
IP (tos 0xff,CE, ttl 254, id 32783, offset 0, flags [rsvd], proto TCP (6), length 65535, bad cksum 8e15 (->5bbf)!)
241.0.128.39.179 > 239.0.0.1.0: Flags [none], seq 4144029695:4144095150, win 65535, options [eol], length 65455: BGP [|BGP]
Update Message (2), length: 45
Withdrawn routes: 3 bytes
Attribute Set (128), length: 32768, Flags [OTPE+f]: [|BGP] [|BGP]
Update Message (2), length: 45
Withdrawn routes: 3 bytes
Attribute Set (128), length: 7, Flags [OTPE+f]:
Origin AS: 0
Multi-Protocol Reach NLRI (14), length: 227, Flags [T+6]:
AFI: NSAP (3), SAFI: labeled VPN Unicast (128)
nexthop: invalid len, nh-length: 1, no SNPA
RD: unknown RD format, 00.0000.0000.0d00.0000.0000.00/91, label:15 (bottom)
(illegal prefix length)
Multi-Protocol Reach NLRI (14), length: 227, Flags [T+6]:
AFI: NSAP (3), SAFI: labeled VPN Unicast (128)
nexthop: RD: unknown RD format, 05.0000.0000.0000.0000.000d.0000, nh-length: 21, no SNPA
(illegal prefix length)
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (80), length: 0
no Attribute 80 decoder
Unknown Attribute (157), length: 161, Flags [P+d]:
no Attribute 157 decoder
0x0000: 0280 fdff ffff ffff ffff ffff ffff ffff
0x0010: ffff ff00 2d02 0003 f1ff 7bc3 b2ff 8000
0x0020: 0700 0000 df00 c123 0000 0000 00a1 0200
0x0030: 9eff ffff ffff ffff ffff ffff ffff ff94
0x0040: 9494 2d02 0003 f1ff 7bc3 b2ff 8000 0700
0x0050: 0000 0046 0ee3 0003 8015 00b3 0000 f700
0x0060: dfee 0500 0000 0000 0000 0000 0000 0000
0x0070: 0000 0000 0000 0000 0000 0000 0000 0000
0x0080: 0000 de00 0000 0000 0000 0000 0000 0001
0x0090: 0000 0000 0000 0000 0000 0000 0000 0000
0x00a0: 00
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 140
no Attribute 0 decoder
0x0000: 0000 0000 0000 0080 27ef 0000 0100 c600
0x0010: 007f f3f9 8900 0107 07d4 2d9d a102 80fd
0x0020: ecff ff04 00ff 4000 0000 ffff ffff ffff
0x0030: 002d 0200 03f1 ff7b c3b2 ff80 0007 434c
0x0040: 4945 4e54 0000 00df 00c1 2300 0000 0000
0x0050: ff00 0000 ff00 0000 04ff ffff ffff ffff
0x0060: ffff ffff 002d 0200 03f1 ff7b c3b2 ff80
0x0070: 0007 0000 0000 460e e300 0380 1500 b300
0x0080: 00f7 00df ee35 0000 0500 0000
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder[|BGP] [|BGP]
Update Message (2), length: 45
Withdrawn routes: 3 bytes
Attribute Set (128), length: 7, Flags [OTPE+f]:
Origin AS: 223
Unknown Attribute (193), length: 35
no Attribute 193 decoder
0x0000: 0000 0000 00a1 0200 9eff ffff ffff fffc
0x0010: ffff ffff ffff ffff ff00 2d02 0003 f1ff
0x0020: 7bc3 b2
Attribute Set (128), length: 7, Flags [OTPE+f]:
Origin AS: 0
Multi-Protocol Reach NLRI (14), length: 227, Flags [T+6]:
AFI: NSAP (3), SAFI: labeled VPN Unicast (128)
nexthop: RD: unknown RD format, 05.0000.0000.0000.0000.000d.0000, nh-length: 21, no SNPA
(illegal prefix length)
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (80), length: 0
no Attribute 80 decoder
Unknown Attribute (157), length: 161, Flags [P+d]:
no Attribute 157 decoder
0x0000: 0280 fdff ffff ffff ffff ffff ffff ffff
0x0010: ffff ff00 2d02 0003 f1ff 7bc3 b2ff 8000
0x0020: 0700 0000 df00 c123 0000 0000 00a1 0200
0x0030: 9eff ffff ffff ffff ffff ffff ffff ff94
0x0040: 9494 2d02 0003 f1ff 7bc3 b2ff 8000 0700
0x0050: 0000 0046 0ee3 0003 8015 00b3 0000 f700
0x0060: dfee 0500 0000 0000 0000 0000 0000 0000
0x0070: 0000 0000 0000 0000 0000 0000 0000 0000
0x0080: 0000 de00 0000 0000 0000 0000 0000 0001
0x0090: 0000 0000 0000 0000 0000 0000 0000 0000
0x00a0: 00
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 140
no Attribute 0 decoder
0x0000: 0000 0000 0000 0080 27ef 0000 0100 c600
0x0010: 007f f3f9 8900 0107 07d4 2d9d a102 80fd
0x0020: ecff ff04 00ff 4000 0000 ffff ffff ffff
0x0030: 002d 0200 03f1 ff7b c3b2 ff80 0007 434c
0x0040: 4945 4e54 0000 00df 00c1 2300 0000 0000
0x0050: ff00 0000 ff00 0000 04ff ffff ffff ffff
0x0060: ffff ffff 002d 0200 03f1 ff7b c3b2 ff80
0x0070: 0007 0000 0000 460e e300 0380 1500 b300
0x0080: 00f7 00df ee35 0000 0500 0000
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder[|BGP] [|BGP]
Update Message (2), length: 45
Withdrawn routes: 3 bytes
Attribute Set (128), length: 7, Flags [OTPE+f]:
Origin AS: 223
Unknown Attribute (193), length: 35
no Attribute 193 decoder
0x0000: 0000 0000 00a1 0200 0aff ffff ffff ffff
0x0010: ffff ffff ffff ffff ff00 2d02 0003 f1ff
0x0020: 7bc3 b2
Unknown Attribute (241), length: 255, Flags [+3]:
no Attribute 241 decoder
0x0000: 7bc3 b2ff 8000 0700 0000 0046 0ee3 0003
0x0010: 8001 00b3 0000 f700 dfee 0500 0000 0000
0x0020: 0000 0000 0d00 0000 0000 0000 0000 0000
0x0030: 0000 0000 0000 00ff 8000 0700 0000 0046
0x0040: 0ee3 0003 8015 00cd 0000 f700 dfee 0500
0x0050: 0000 0000 0000 0000 1b00 0000 fff5 0000
0x0060: 0000 0000 0000 0000 0000 0000 0000 0000
0x0070: 0000 0000 0000 0000 5000 2d9d a102 80fd
0x0080: ffff ffff ffff ffff ffff ffff ffff ffff
0x0090: 002d 0200 03f1 ff7b c3b2 ff80 0007 0000
0x00a0: 00df 00c1 2300 0000 0000 a102 009e ffff
0x00b0: ffff ffff ffff ffff ffff ffff 9494 942d
0x00c0: 0200 03f1 ff7b c3b2 ff80 0007 0000 0000
0x00d0: 460e e300 0380 1500 b300 00f7 00df ee05
0x00e0: 0000 0000 0000 0000 0000 0000 0000 0000
0x00f0: 0000 0000 0000 0000 0000 0000 0000 00
Unknown Attribute (0), length: 0, Flags [OTE+e]:
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0, Flags [+1]:
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 140
no Attribute 0 decoder
0x0000: 0000 0000 0000 0080 27ef 0000 0100 c600
0x0010: 007f f3f9 8900 0107 07d4 2d9d a102 80fd
0x0020: ecff ff04 00ff 4000 0000 ffff ffff ffff
0x0030: 002d 0200 03f1 ff7b c3b2 ff80 0007 434c
0x0040: 4945 4e54 0000 00df 00c1 2300 0000 0000
0x0050: ff00 0000 ff00 0000 04ff ffff ffff ffff
0x0060: ffff ffff 002d 0200 03f1 ff7b c3b2 ff80
0x0070: 0007 0000 0000 460e e300 0380 1500 b300
0x0080: 00f7 00df ee35 0000 0500 0000
Unknown Attribute (0), length: 0
no Attribute 0 decoder
Unknown Attribute (0), length: 0
no Attribute 0 decoder[|BGP] [|BGP]
Update Message (2), length: 45
Withdrawn routes: 3 bytes
Unknown Attribute (241), length: 255, Flags [+3]: [|BGP] [|BGP]
Update Message (2), length: 45
Withdrawn routes: 3 bytes
Attribute Set (128), length: 7, Flags [OTPE+f]:
Origin AS: 223
Unknown Attribute (193), length: 35
no Attribute 193 decoder
0x0000: 0000 0000 00a1 0200 9eff ffff ffff ffff
0x0010: ffff ffff ffff ff94 9494 2d02 0003 f1ff
0x0020: 7bc3 b2
Attribute Set (128), length: 7, Flags [OTPE+f]:
Origin AS: 0
Multi-Protocol Reach NLRI (14), length: 227, Flags [T+6]:
AFI: NSAP (3), SAFI: labeled VPN Unicast (128)
nexthop: RD: unknown RD format, 05.0000.0000.0000.0000.0000.0000, nh-length: 21, no SNPA
(illegal prefix length)
Attribute Set (128), length: 7, Flags [OTPE+f]:
Origin AS: 0
Multi-Protocol Reach NLRI (14), length: 227, Flags [T+6]:
AFI: NSAP (3), SAFI: labeled VPN Unicast (128)
nexthop: RD: unknown RD format, 35.0000.0500.0000.0000.0000.0000, nh-length: 21, no SNPA
(illegal prefix length)[|BGP]

BIN
tests/bgp_mp_reach_nlri-oobr.pcap Normal file
View File

Binary file not shown.

90
tests/crypto.sh
View File

@ -1,42 +1,52 @@
#!/bin/sh
srcdir=${1-..}
: echo crypto.sh using ${srcdir} from `pwd`
SRCDIR=$srcdir
export SRCDIR
testdir=${srcdir}/tests
exitcode=0
passedfile=tests/.passed
failedfile=tests/.failed
passed=`cat ${passedfile}`
failed=`cat ${failedfile}`
# Only attempt OpenSSL-specific tests when compiled with the library.
if grep '^#define HAVE_LIBCRYPTO 1$' ../config.h >/dev/null
if grep '^#define HAVE_LIBCRYPTO 1$' config.h >/dev/null
then
passed=`cat .passed`
failed=`cat .failed`
if ./TESTonce esp1 02-sunrise-sunset-esp.pcap esp1.out '-E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"'
if ${testdir}/TESTonce esp1 ${testdir}/02-sunrise-sunset-esp.pcap ${testdir}/esp1.out '-E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce esp2 08-sunrise-sunset-esp2.pcap esp2.out '-E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x43434545464649494a4a4c4c4f4f51515252545457575840,0xabcdabcd@192.0.1.1 3des-cbc-hmac96:0x434545464649494a4a4c4c4f4f5151525254545757584043"'
if ${testdir}//TESTonce esp2 ${testdir}/08-sunrise-sunset-esp2.pcap ${testdir}/esp2.out '-E "0x12345678@192.1.2.45 3des-cbc-hmac96:0x43434545464649494a4a4c4c4f4f51515252545457575840,0xabcdabcd@192.0.1.1 3des-cbc-hmac96:0x434545464649494a4a4c4c4f4f5151525254545757584043"'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce esp3 02-sunrise-sunset-esp.pcap esp1.out '-E "3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"'
if ${testdir}/TESTonce esp3 ${testdir}/02-sunrise-sunset-esp.pcap ${testdir}/esp1.out '-E "3des-cbc-hmac96:0x4043434545464649494a4a4c4c4f4f515152525454575758"'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
# Reading the secret(s) from a file does not work with Capsicum.
if grep '^#define HAVE_CAPSICUM 1$' ../config.h >/dev/null
if grep '^#define HAVE_CAPSICUM 1$' config.h >/dev/null
then
FORMAT=' %-35s: TEST SKIPPED (compiled w/Capsicum)\n'
printf "$FORMAT" esp4
@ -45,68 +55,68 @@ then
printf "$FORMAT" ikev2pI2
printf "$FORMAT" isakmp4
else
if ./TESTonce esp4 08-sunrise-sunset-esp2.pcap esp2.out '-E "file esp-secrets.txt"'
if ${testdir}/TESTonce esp4 ${testdir}/08-sunrise-sunset-esp2.pcap ${testdir}/esp4.out '-E "file '${testdir}'/esp-secrets.txt"'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce esp5 08-sunrise-sunset-aes.pcap esp5.out '-E "file esp-secrets.txt"'
if ${testdir}/TESTonce esp5 ${testdir}/08-sunrise-sunset-aes.pcap ${testdir}/esp5.out '-E "file '${testdir}'/esp-secrets.txt"'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce espudp1 espudp1.pcap espudp1.out '-nnnn -E "file esp-secrets.txt"'
if ${testdir}/TESTonce espudp1 ${testdir}/espudp1.pcap ${testdir}/espudp1.out '-nnnn -E "file '${testdir}'/esp-secrets.txt"'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce ikev2pI2 ikev2pI2.pcap ikev2pI2.out '-E "file ikev2pI2-secrets.txt" -v -v -v -v'
if ${testdir}/TESTonce ikev2pI2 ${testdir}/ikev2pI2.pcap ${testdir}/ikev2pI2.out '-E "file '${testdir}'/ikev2pI2-secrets.txt" -v -v -v -v'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce isakmp4 isakmp4500.pcap isakmp4.out '-E "file esp-secrets.txt"'
if ${testdir}/TESTonce isakmp4 ${testdir}/isakmp4500.pcap ${testdir}/isakmp4.out '-E "file '${testdir}'/esp-secrets.txt"'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
fi
if ./TESTonce bgp-as-path-oobr-ssl bgp-as-path-oobr.pcap bgp-as-path-oobr-ssl.out '-vvv -e'
if ${testdir}/TESTonce bgp-as-path-oobr-ssl ${testdir}/bgp-as-path-oobr.pcap ${testdir}/bgp-as-path-oobr-ssl.out '-vvv -e'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce bgp-aigp-oobr-ssl bgp-aigp-oobr.pcap bgp-aigp-oobr-ssl.out '-vvv -e'
if ${testdir}/TESTonce bgp-aigp-oobr-ssl ${testdir}/bgp-aigp-oobr.pcap ${testdir}/bgp-aigp-oobr-ssl.out '-vvv -e'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
FORMAT=' %-35s: TEST SKIPPED (compiled w/OpenSSL)\n'
@ -124,22 +134,22 @@ else
printf "$FORMAT" isakmp4
printf "$FORMAT" bgp-as-path-oobr-ssl
printf "$FORMAT" bgp-aigp-oobr-ssl
if ./TESTonce bgp-as-path-oobr-nossl bgp-as-path-oobr.pcap bgp-as-path-oobr-nossl.out '-vvv -e'
if ${testdir}/TESTonce bgp-as-path-oobr-nossl ${testdir}/bgp-as-path-oobr.pcap ${testdir}/bgp-as-path-oobr-nossl.out '-vvv -e'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
if ./TESTonce bgp-aigp-oobr-nossl bgp-aigp-oobr.pcap bgp-aigp-oobr-nossl.out '-vvv -e'
if ${testdir}/TESTonce bgp-aigp-oobr-nossl ${testdir}/bgp-aigp-oobr.pcap ${testdir}/bgp-aigp-oobr-nossl.out '-vvv -e'
then
passed=`expr $passed + 1`
echo $passed >.passed
echo $passed >${passedfile}
else
failed=`expr $failed + 1`
echo $failed >.failed
echo $failed >${failedfile}
exitcode=1
fi
fi

2
tests/cve-2018-10105-segv-sflowprint.out Normal file
View File

@ -0,0 +1,2 @@
IP (tos 0x0, ttl 64, id 60790, offset 0, flags [none], proto UDP (17), length 896, bad cksum 72f3 (->72f7)!)
10.0.0.250.3895 > 10.1.2.5.6343: sFlowv5 [length 8 < 28] (invalid)

BIN
tests/cve-2018-10105-segv-sflowprint.pcapng Normal file
View File

Binary file not shown.

8
tests/cve-2018-10105_smbprint-readofsize1.out Normal file
View File

@ -0,0 +1,8 @@
IP 192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], seq 4267808374:4267808462, ack 628292694, win 63102, length 88 SMB PACKET: SMBtrans2 (REPLY)
IP 192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], seq 1:75, ack 88, win 254, length 74 SMB PACKET: SMBtrans2 (REQUEST)
IP 192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], seq 88:168, ack 75, win 62978, length 80 SMB PACKET: SMBtrans2 (REPLY)
IP 192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], seq 75:151, ack 168, win 253, length 76 SMB PACKET: SMBtrans2 (REQUEST)

BIN
tests/cve-2018-10105_smbprint-readofsize1.pcap Normal file
View File

Binary file not shown.

101
tests/cve-2018-10105_smbutil_withoutasan.out Normal file
View File

@ -0,0 +1,101 @@
IP (tos 0x0, ttl 128, id 376, offset 0, flags [DF], proto TCP (6), length 128)
192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], cksum 0x3e2f (incorrect -> 0x3d49), seq 4267808374:4267808462, ack 628292694, win 63102, length 88
SMB PACKET: SMBtrans2 (REPLY)
SMB Command = 0x32
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0xFF
Flags2 = 0x7
Tree ID = 2048 (0x800)
Proc ID = 2848 (0xb20)
UID = 4098 (0x1002)
MID = 1616 (0x650)
Word Count = 10 (0xa)
TRANSACT2_OPEN param_length=2 data_length=24
TotParam=2 (0x2)
TotData=24 (0x18)
Res1=0x0
ParamCnt=2 (0x2)
ParamOff=56 (0x38)
ParamDisp0 (0x0)
DataCnt=24 (0x18)
DataOff=60 (0x3c)
DataDisp=0 (0x0)
SetupCnt=0 (0x0)
smb_bcc=29
Handle=0 (0x0)
Attrib=Data=
Data: (24 bytes)
[000] 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 \0x00\0x00\0x0b\0x00\0x00\0x00\0x00\0x00 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00
[010] 01 00 00 00 00 00 00 00 \0x01\0x00\0x00\0x00\0x00\0x00\0x00\0x00
IP 192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], seq 1:75, ack 88, win 254, length 74 SMB PACKET: SMBtrans2 (REQUEST)
IP (tos 0x0, ttl 128, id 632, offset 0, flags [DF], proto TCP (6), length 114)
192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], cksum 0x2437 (correct), seq 1:75, ack 88, win 254, length 74
SMB PACKET: SMBtrans2 (REQUEST)
SMB Command = 0x32
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x18
Flags2 = 0x7
Tree ID = 2048 (0x800)
Proc ID = 2848 (0xb20)
UID = 4098 (0x1002)
MID = 1632 (0x660)
Word Count = 15 (0xf)
TRANSACT2_QFSINFO param_length=2 data_length=0
TotParam=2 (0x2)
TotData=0 (0x0)
MaxParam=0 (0x0)
MaxData=560 (0x230)
MaxSetup=0 (0x0)
Flags=0x0
TimeOut=0 (0x0)
Res1=0x0
ParamCnt=2 (0x2)
ParamOff=68 (0x44)
DataCnt=0 (0x0)
DataOff=0 (0x0)
SetupCnt=1 (0x1)
smb_bcc=5
InfoLevel=261 (0x105)
IP (tos 0x0, ttl 128, id 377, offset 0, flags [DF], proto TCP (6), length 120)
192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], cksum 0xf1fb (incorrect -> 0x1559), seq 88:168, ack 75, win 63028, length 80
SMB PACKET: SMBtrans2 (REPLY)
SMB Command = 0x32
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x98
Flags2 = 0x7
Tree ID = 0 (0x0)
Proc ID = 0 (0x0)
UID = 0 (0x0)
MID = 0 (0x0)
Word Count = 11 (0xb)
TRANSACT2_QFSINFO param_length=0 data_length=20
TotParam=0 (0x0)
TotData=0 (0x0)
Res1=0x0
ParamCnt=0 (0x0)
ParamOff=56 (0x38)
ParamDisp0 (0x0)
DataCnt=20 (0x14)
DataOff=56 (0x38)
DataDisp=0 (0x0)
SetupCnt=0 (0x0)
smb_bcc=65280
Capabilities=0x700FF
MaxFileLen=255 (0xff)
VolNameLen=4278190088
Volume=...
data:
[000] FF 00 07 00 FF 00 00 00 08 00 00 FF FF FF FF 00 \0xff\0x00\0x07\0x00\0xff\0x00\0x00\0x00 \0x08\0x00\0x00\0xff\0xff\0xff\0xff\0x00
[010] 46 00 53 00 F\0x00S\0x00
IP (tos 0x0, ttl 128, id 633, offset 0, flags [DF], proto TCP (6), length 116)
192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], cksum 0x2253 (incorrect -> 0x229b), seq 75:151, ack 168, win 253, length 76 SMB-over-TCP packet:(raw data or continuation?)

BIN
tests/cve-2018-10105_smbutil_withoutasan.pcap Normal file
View File

Binary file not shown.

3
tests/cve2015-0261-ipv6.out
View File

@ -1,3 +1,4 @@
IP6 truncated-ip6 - 26325 bytes missing!(class 0x76, flowlabel 0x76767, hlim 103, next-header Mobility (135) payload length: 26470) 6767:6767:6767:6767:6767:6767:6767:6767 > 6767:6767:6767:6767:6767:6767:6767:6705: mobility: BU seq#=26471 HL lifetime=105884(type-0x67: len=103)[|MOBILITY]
IP6 truncated-ip6 - 26325 bytes missing!(class 0x76, flowlabel 0x76767, hlim 103, next-header Mobility (135) payload length: 26470) 6767:6767:6767:6767:6767:6767:6767:6767 > 6767:6767:4f67:6767:6767:6767:6767:6767: (header length 8 is too small for type 6)[|MOBILITY]
EXIT CODE 00000100
EXIT CODE 00000100: dump:0 code: 1

2
tests/cve2015-0261-ipv6.out.stderr Normal file
View File

@ -0,0 +1,2 @@
reading from file cve2015-0261-ipv6.pcap, link-type SLIP (SLIP)
tcpdump: pcap_loop: invalid packet capture length 268463617, bigger than snaplen of 65535

19
tests/dccp_options-oobr.out Normal file
View File

@ -0,0 +1,19 @@
IP (tos 0x0, ttl 64, id 65312, offset 0, flags [DF], proto DCCP (33), length 52)
139.133.209.176.39420 > 139.133.209.65.5001: DCCP (CCVal 0, CsCov 0, cksum 0xaaf3 (incorrect -> 0x8bf3)) DCCP-Request (service=-189888898) seq 8 <nop, nop, nop, nop, change_l ack_ratio 2, change_r ccid 2, change_l ccid 2>
IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto DCCP (33), length 68)
139.133.209.65.5001 > 139.133.209.176.39420: DCCP (CCVal 0, CsCov 0, ) DCCP-Response (service=0) (ack=38464816766) seq 1960341146 <nop, nop, change_l ack_ratio 2, [|dccp]>
IP (tos 0x0, ttl 64, id 65313, offset 0, flags [DF], proto DCCP (33), length 56)
139.133.209.176.39420 > 139.133.209.65.5001: DCCP (CCVal 0, CsCov 0, cksum 0xf53a (incorrect -> 0xf551)) DCCP-Ack (ack=1960341146) seq 38464816767 <nop, confirm_r ack_ratio 2, ack_vector0 0xe9, timestamp_echo [optlen != 6 or 8 or 10]>
IP (tos 0x0, ttl 64, id 65314, offset 0, flags [DF], proto DCCP (33), length 152)
139.133.209.176.46076 > 139.133.209.65.48009: DCCP (CCVal 0, CsCov 6, ) DCCP-DataAck (ack=1960341146) seq 38464816768 <nop, nop, ack_vector0 0x00, elapsed_time 1249, ndp_count 1>
IP (tos 0x0, ttl 64, id 3176, offset 0, flags [DF], proto DCCP (33), length 52)
139.133.209.65.5001 > 139.133.209.176.39420: DCCP (CCVal 0, CsCov 0, cksum 0xfc63 (correct)) DCCP-Ack (ack=38464816768) seq 1960341147 <nop, ack_vector0 0x01, elapsed_time 1>
IP (tos 0x0, ttl 64, id 65315, offset 0, flags [DF], proto DCCP (33), length 148)
139.133.209.176.39420 > 139.133.209.65.5001: DCCP (CCVal 0, CsCov 6, ) DCCP-DataAck (ack=1960341147) seq 38464816769 <nop, ack_vector0 0x00, elapsed_time 84>
IP (tos 0x0, ttl 64, id 3177, offset 0, flags [DF], proto DCCP (33), length 52)
139.133.209.65.5001 > 139.133.209.176.39420: DCCP (CCVal 0, CsCov 0, cksum 0x0165 (correct)) DCCP-Ack (ack=38464816769) seq 1960341148 <nop, nop, ack_vector0 0x00, ndp_count 1>
00:07:00:42:00:00 > 00:14:22:59:55:51 Null Information, send seq 0, rcv seq 0, Flags [Command], length 148
0x0000: 0000 0000 1422 5955 5100 07e9 bd5d 1f08 ....."YUQ....]..
0x0010: 0045 0000 34ff 2040 0040 2181 8b8b 85d1 .E..4..@.@!.....
0x0020: b08b 85d1 4199 fc13 8908 00aa f320 0000 ....A...........
0x0030: 08f4 ae86 7e00 0000 ....~...

BIN
tests/dccp_options-oobr.pcap Normal file
View File

Binary file not shown.

2
tests/dns-zlip-1.out
View File

@ -1 +1 @@
IP 10.0.0.1.1024 > 146.84.28.88.53: 60777 Type49159 (Class 49168)? <BAD PTR>[|domain]
IP 10.0.0.1.1024 > 146.84.28.88.53: domain [length 0 < 12] (invalid)

2
tests/dns-zlip-2.out
View File

@ -1 +1 @@
IP 10.0.0.1.1024 > 146.84.28.88.53: 18992 Type49164 (Class 49168)? <BAD PTR>[|domain]
IP 10.0.0.1.1024 > 146.84.28.88.53: domain [length 0 < 12] (invalid)

2
tests/dns-zlip-3.out
View File

@ -1 +1 @@
IP 10.0.0.1.1024 > 146.84.28.88.53: 65483 Type49164 (Class 49164)? thisleetostringwillcrashyourlittlenameserverforsurehahahahahah.<BAD PTR>[|domain]
IP 10.0.0.1.1024 > 146.84.28.88.53: domain [length 0 < 12] (invalid)

61
tests/eapon2.out Normal file
View File

@ -0,0 +1,61 @@
ARP, Request who-has 192.168.1.1 tell 192.168.1.249, length 28
ARP, Reply 192.168.1.1 is-at 00:0d:88:4f:25:91, length 46
IP 192.168.1.249.68 > 192.168.1.1.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
EAP packet (0) v1, len 5
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
EAPOL start (1) v1, len 0
EAP packet (0) v1, len 5
EAP packet (0) v1, len 45
EAP packet (0) v1, len 20
EAP packet (0) v1, len 76
EAP packet (0) v1, len 80
EAP packet (0) v1, len 28
EAP packet (0) v1, len 4
EAPOL key (3) v1, len 57
EAPOL key (3) v1, len 44
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
EAPOL start (1) v1, len 0
EAP packet (0) v1, len 5
EAP packet (0) v1, len 45
EAP packet (0) v1, len 20
EAP packet (0) v1, len 76
EAP packet (0) v1, len 80
EAP packet (0) v1, len 28
EAP packet (0) v1, len 4
EAPOL key (3) v1, len 57
EAPOL key (3) v1, len 44
ARP, Request who-has 169.254.67.194 tell 169.254.67.194, length 28
ARP, Request who-has 169.254.67.194 tell 169.254.67.194, length 28
ARP, Request who-has 169.254.67.194 tell 169.254.67.194, length 28
IP 169.254.67.194.4299 > 239.255.255.250.1900: UDP, length 133
IP 169.254.67.194 > 224.0.0.22: igmp v3 report, 1 group record(s)
IP 169.254.67.194 > 224.0.0.22: igmp v3 report, 1 group record(s)
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
IP 169.254.67.194.4299 > 239.255.255.250.1900: UDP, length 133
EAPOL start (1) v1, len 0
EAP packet (0) v1, len 5
EAP packet (0) v1, len 45
EAP packet (0) v1, len 20
EAP packet (0) v1, len 76
EAP packet (0) v1, len 80
EAP packet (0) v1, len 28
EAP packet (0) v1, len 4
EAPOL key (3) v1, len 57
EAPOL key (3) v1, len 44
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
IP 169.254.67.194.4299 > 239.255.255.250.1900: UDP, length 133
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:04:23:57:a5:7a, length 300
EAPOL start (1) v1, len 0
EAP packet (0) v1, len 5
EAP packet (0) v1, len 45
EAP packet (0) v1, len 20
EAP packet (0) v1, len 76
EAP packet (0) v1, len 80
EAP packet (0) v1, len 28
EAP packet (0) v1, len 4
EAPOL key (3) v1, len 57
EAPOL key (3) v1, len 44

BIN
tests/eapon2.pcap Normal file
View File

Binary file not shown.

8
tests/esp4.out Normal file
View File

@ -0,0 +1,8 @@
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x1), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x1), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 1280, length 64 (ipip-proto-4) (ipip-proto-4)
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x2), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x2), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 1536, length 64 (ipip-proto-4) (ipip-proto-4)
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x3), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x3), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 1792, length 64 (ipip-proto-4) (ipip-proto-4)
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x4), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x4), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 2048, length 64 (ipip-proto-4) (ipip-proto-4)
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x5), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x5), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 2304, length 64 (ipip-proto-4) (ipip-proto-4)
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x6), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x6), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 2560, length 64 (ipip-proto-4) (ipip-proto-4)
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x7), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x7), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 2816, length 64 (ipip-proto-4) (ipip-proto-4)
IP 192.1.2.23 > 192.1.2.45: ESP(spi=0x12345678,seq=0x8), length 172: IP 192.1.2.23 > 192.0.1.1: ESP(spi=0xabcdabcd,seq=0x8), length 116: IP 192.0.2.1 > 192.0.1.1: ICMP echo request, id 28416, seq 3072, length 64 (ipip-proto-4) (ipip-proto-4)

2
tests/frf16_magic_ie-oobr.out Normal file
View File

@ -0,0 +1,2 @@
FRF.16 Control, Flags [Begin, End, Control], Unknown Message (0x00), length 3714318497
IE Magic Number (3), length 3: (invalid length)[|mfr]

BIN
tests/frf16_magic_ie-oobr.pcap Normal file
View File

Binary file not shown.

48
tests/hncp_prefix-oobr.out Normal file
View File

@ -0,0 +1,48 @@
IP6 (class 0xc0, hlim 1, next-header UDP (17) payload length: 436) fe80::b299:28ff:ffc8:d646.6696 > ff02::59:0:0:1:6.6696: [bad udp cksum 0x2997 -> 0xbbd2!] babel 2 (424)
Hello seqno 58134 interval 4.00s sub-unknown-0x08 sub-pad1 sub-pad1 sub-unknown-0x04 sub-unknown-0x30 sub-diversity 2-2 (bogus) sub-diversity 2-2 (bogus) sub-diversity 2-48 (bogus) (invalid)
Unknown message type 48
Unknown message type 223
Pad 1
Unknown message type 51
Pad 1
Pad 1
Pad 1
HMAC (invalid)
IP6 (hlim 57, next-header UDP (17) payload length: 332) fe80::218:f3ff:ffa9:914e.8231 > fe80::21e:64ff:fe23:4d34.8231: [bad udp cksum 0xbd4b -> 0x0e98!] hncp (324)
Node endpoint (12) NID: 31:da:78:d2 EPID: 03000000
Node state (312) NID: 31:da:78:d2 seqno: 19 160.105s hash: 800088c8e0714638
Peer (16) Peer-NID: 61:69:ed:63 Peer-EPID: 01000000 Local-EPID: 01000000
HNCP-Version (22) M: 0 P: 4 H: 4 L: 4 User-agent: hnetd/cac971d
External-Connection (52)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Reserved: type=0 (4)
Unassigned: type=510 (4)
Assigned-Prefix (18) EPID: 03000000 Prty: 2 Prefix: fd1f:f88c:e200::/44
(invalid)
Assigned-Prefix (25) EPID: 01000001 Prty: 0 Prefix: ::/0
Reserved: type=0 (4)
Reserved: type=0 (4)
[|hncp]
Assigned-Prefix (25) EPID: 03000000 Prty: 2 Prefix: 10.0.101.0/24
Node-Address (24) EPID: 01000000 IP Address: ::2100:0:ffff:a00:6302
Node-Address (24) EPID: 01000000 IP Address: fd1f:f88c:e207::f3ff
[|hncp]
IP6 (hlim 64, next-header UDP (17) payload length: 564) fe80::218:f3ff:fea9:914e.8231 > fe80::21e:64ff:fe23:4d34.8231: [bad udp cksum 0xe65a -> 0x7725!] hncp (556)
Node endpoint (12) NID: 31:10:00:00 EPID: 00000000
Node state (544) NID: 61:69:ed:63 seqno: 12 969.699s hash: 011fffa1da966148
Peer (16) Peer-NID: 31:da:78:d2 Peer-EPID: 01000000 Local-EPID: 01000000
Future use: type=64031 (22)
External-Connection (23)
Delegated-Prefix (19) VLSO: 0.599s PLSO: 0.299s Prefix: fd1f:f88c:e207::/48
Assigned-Prefix (143) EPID: 8b8b8b8b Prty: 11 Prefix: (invalid)
Private use: type=768 (4)
[|hncp]

BIN
tests/hncp_prefix-oobr.pcapng Normal file
View File

Binary file not shown.

7
tests/icmp-icmp_print-oobr-1.out Normal file
View File

@ -0,0 +1,7 @@
IP (tos 0x4, ttl 64, id 3584, offset 0, flags [none], proto ICMP (1), length 23, bad cksum a (->1e0f)!)
22.3.2.0 > 54.209.0.0: ICMP type-#49, length 3[|icmp]
IP (tos 0x4, ttl 64, id 32512, offset 0, flags [none], proto VRRP (112), length 31, bad cksum 82 (->db96)!)
22.3.211.0 > 54.209.0.0: vrrp 22.3.211.0 > 54.209.0.0: VRRPv3, Advertisement, (ttl 64), vrid 128, prio 69[|vrrp]
c0:05:ff:ff:40:9d > 00:0c:02:49:96:7e, ethertype Unknown (0xf1ff), length 65570:
0x0000: 4404 0020 0e00 0000 4070 000a 1603 0200 D.......@p......
0x0010: 36d1 0000 3180 bc 6...1..

BIN
tests/icmp-icmp_print-oobr-1.pcap Normal file
View File

Binary file not shown.

5
tests/icmp-icmp_print-oobr-2.out Normal file
View File

@ -0,0 +1,5 @@
IP truncated-ip - 39 bytes missing! (tos 0x7f,CE, ttl 254, id 40208, offset 0, flags [none], proto VRRP (112), length 68, options (unknown 69 [bad length 83]), bad cksum 9b15 (->b774)!)
250.219.91.20 > 209.150.251.64: vrrp 250.219.91.20 > 209.150.251.64: VRRPv2, Advertisement, (ttl 254)[|vrrp]
[|fr]
IP (tos 0x7f,CE, ttl 254, id 40208, offset 0, flags [none], proto ICMP (1), length 30, options (unknown 201 [bad length 255]), bad cksum 101 (->6470)!)
1.241.1.250 > 219.91.15.170: ICMP type-#255, length 2[|icmp]

BIN
tests/icmp-icmp_print-oobr-2.pcap Normal file
View File

Binary file not shown.

2
tests/icmp6_mobileprefix_asan.out
View File

@ -1,2 +1,2 @@
IP6 (class 0x50, flowlabel 0x0002c, hlim 0, next-header ICMPv6 (58) payload length: 7168) 4f:f829:c:1a1a:1a1a:1a1a:1a37:0 > 16:0:400:0:64fb:9303:f293:8200: ICMP6, mobile router advertisement, length 7168, id 0x9393[|icmp6]
IP6 (class 0x50, flowlabel 0x0002c, hlim 0, next-header ICMPv6 (58) payload length: 7168) 4f:f829:c:1a1a:1a1a:1a1a:1a37:0 > 16:0:400:0:64fb:9303:f293:8200: ICMP6, mobile router advertisement, length 7168, id 0x9393 [|icmp6]
[|ether]

2
tests/icmp6_nodeinfo_oobr.out
View File

@ -1 +1 @@
IP6 a072:7f00:1:7f00:1:e01a:17:6785 > c903::a002:8018:fe30:0:204: ICMP6, who-are-you reply[|icmp6], length 4
IP6 a072:7f00:1:7f00:1:e01a:17:6785 > c903::a002:8018:fe30:0:204: ICMP6, who-are-you reply [|icmp6], length 4

2
tests/icmpv6.out
View File

@ -1,5 +1,5 @@
IP6 (hlim 255, next-header ICMPv6 (58) payload length: 176) fe80::b299:28ff:fec8:d66c > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 176
hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0s, retrans time 0s
hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0ms, retrans timer 0ms
prefix info option (3), length 32 (4): 2222:3333:4444:5555:6600::/72, Flags [onlink, auto], valid time 2592000s, pref. time 604800s
0x0000: 48c0 0027 8d00 0009 3a80 0000 0000 2222
0x0010: 3333 4444 5555 6600 0000 0000 0000

4
tests/icmpv6_opt24-v.out
View File

@ -1,5 +1,5 @@
IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s
hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans timer 0ms
source link-address option (1), length 8 (1): 14:cf:92:87:23:d6
mtu option (5), length 8 (1): 1500
prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s
@ -7,7 +7,7 @@ IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87
rdnss option (25), length 24 (3): lifetime 1800s, addr: fd8d:4fb3:5b2e::1
dnssl option (31), length 16 (2): lifetime 1800s, domain(s): lan.
IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s
hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans timer 0ms
source link-address option (1), length 8 (1): 14:cf:92:87:23:d6
mtu option (5), length 8 (1): 1500
prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s

1
tests/ieee802.11_meshhdr-oobr.out Normal file
View File

@ -0,0 +1 @@
3472328296059908144us tsft 24.0 Mb/s 12334 MHz Turbo 48dBm noise [|802.11][|802.11]

Some files were not shown because too many files have changed in this diff Show More