d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6bd205a529
freebsd-nq/contrib/tcpdump/print-hsrp.c
Gleb Smirnoff 3340d77368 Update tcpdump to 4.9.0. 
It fixes many buffer overflow in different protocol parsers, but none of
them are critical, even in absense of Capsicum.

Security:	CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925
Security:	CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929
Security:	CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933
Security:	CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937
Security:	CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973
Security:	CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984
Security:	CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993
Security:	CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203
Security:	CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342
Security:	CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485
Security:	CVE-2017-5486
2017-02-01 20:26:42 +00:00

136 lines
4.6 KiB
C
Raw Blame History

/*
* Copyright (C) 2001 Julian Cowley
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* \summary: Cisco Hot Standby Router Protocol (HSRP) printer */
/* Cisco Hot Standby Router Protocol (HSRP). */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <netdissect-stdinc.h>
#include "netdissect.h"
#include "addrtoname.h"
/* HSRP op code types. */
static const char *op_code_str[] = {
"hello",
"coup",
"resign"
};
/* HSRP states and associated names. */
static const struct tok states[] = {
{ 0, "initial" },
{ 1, "learn" },
{ 2, "listen" },
{ 4, "speak" },
{ 8, "standby" },
{ 16, "active" },
{ 0, NULL }
};
/*
* RFC 2281:
*
* 0 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Version | Op Code | State | Hellotime |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Holdtime | Priority | Group | Reserved |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Authentication Data |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Authentication Data |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Virtual IP Address |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
#define HSRP_AUTH_SIZE 8
/* HSRP protocol header. */
struct hsrp {
uint8_t hsrp_version;
uint8_t hsrp_op_code;
uint8_t hsrp_state;
uint8_t hsrp_hellotime;
uint8_t hsrp_holdtime;
uint8_t hsrp_priority;
uint8_t hsrp_group;
uint8_t hsrp_reserved;
uint8_t hsrp_authdata[HSRP_AUTH_SIZE];
struct in_addr hsrp_virtaddr;
};
void
hsrp_print(netdissect_options *ndo, register const uint8_t *bp, register u_int len)
{
const struct hsrp *hp = (const struct hsrp *) bp;
ND_TCHECK(hp->hsrp_version);
ND_PRINT((ndo, "HSRPv%d", hp->hsrp_version));
if (hp->hsrp_version != 0)
return;
ND_TCHECK(hp->hsrp_op_code);
ND_PRINT((ndo, "-"));
ND_PRINT((ndo, "%s ", tok2strary(op_code_str, "unknown (%d)", hp->hsrp_op_code)));
ND_PRINT((ndo, "%d: ", len));
ND_TCHECK(hp->hsrp_state);
ND_PRINT((ndo, "state=%s ", tok2str(states, "Unknown (%d)", hp->hsrp_state)));
ND_TCHECK(hp->hsrp_group);
ND_PRINT((ndo, "group=%d ", hp->hsrp_group));
ND_TCHECK(hp->hsrp_reserved);
if (hp->hsrp_reserved != 0) {
ND_PRINT((ndo, "[reserved=%d!] ", hp->hsrp_reserved));
}
ND_TCHECK(hp->hsrp_virtaddr);
ND_PRINT((ndo, "addr=%s", ipaddr_string(ndo, &hp->hsrp_virtaddr)));
if (ndo->ndo_vflag) {
ND_PRINT((ndo, " hellotime="));
unsigned_relts_print(ndo, hp->hsrp_hellotime);
ND_PRINT((ndo, " holdtime="));
unsigned_relts_print(ndo, hp->hsrp_holdtime);
ND_PRINT((ndo, " priority=%d", hp->hsrp_priority));
ND_PRINT((ndo, " auth=\""));
if (fn_printn(ndo, hp->hsrp_authdata, sizeof(hp->hsrp_authdata),
ndo->ndo_snapend)) {
ND_PRINT((ndo, "\""));
goto trunc;
}
ND_PRINT((ndo, "\""));
}
return;
trunc:
ND_PRINT((ndo, "[|hsrp]"));
}
Reference in New Issue View Git Blame Copy Permalink