d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFV r353143 (phillip):

Browse Source 
Update tcpdump from 4.9.2 to 4.9.3.

MFC after:	2 weeks
This commit is contained in:
Cy Schubert 2019-12-21 21:02:50 +00:00
commit 39e421e8ce
55 changed files with 2986 additions and 1755 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
contrib/tcpdump/CHANGES
View File

@ -1,3 +1,36 @@
Friday, September 20, 2019, by mcr@sandelman.ca
A huge thank you to Denis, Francois-Xavier and Guy who did much of the heavy lifting.
Summary for 4.9.3 tcpdump release
Fix buffer overflow/overread vulnerabilities:
CVE-2017-16808 (AoE)
CVE-2018-14468 (FrameRelay)
CVE-2018-14469 (IKEv1)
CVE-2018-14470 (BABEL)
CVE-2018-14466 (AFS/RX)
CVE-2018-14461 (LDP)
CVE-2018-14462 (ICMP)
CVE-2018-14465 (RSVP)
CVE-2018-14881 (BGP)
CVE-2018-14464 (LMP)
CVE-2018-14463 (VRRP)
CVE-2018-14467 (BGP)
CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
CVE-2018-14880 (OSPF6)
CVE-2018-16451 (SMB)
CVE-2018-14882 (RPL)
CVE-2018-16227 (802.11)
CVE-2018-16229 (DCCP)
CVE-2018-16301 (was fixed in libpcap)
CVE-2018-16230 (BGP)
CVE-2018-16452 (SMB)
CVE-2018-16300 (BGP)
CVE-2018-16228 (HNCP)
CVE-2019-15166 (LMP)
CVE-2019-15167 (VRRP)
Fix for cmdline argument/local issues:
CVE-2018-14879 (tcpdump -V)
Sunday September 3, 2017 denis@ovsienko.info
Summary for 4.9.2 tcpdump release
Do not use getprotobynumber() for protocol name resolution. Do not do

2
contrib/tcpdump/CONTRIBUTING
View File

@ -31,7 +31,7 @@ Please note that if you know exactly how to solve the problem and the solution
would not be too intrusive, it would be best to contribute some development time
and open a pull request instead as discussed below.
Still not sure how to do? Feel free to [subscribe](http://www.tcpdump.org/#mailing-lists)
Still not sure how to do? Feel free to [subscribe](https://www.tcpdump.org/#mailing-lists)
to the mailing list tcpdump-workers@lists.tcpdump.org and ask!

2
contrib/tcpdump/INSTALL.txt
View File

@ -63,7 +63,7 @@ config.guess - autoconf support
config.h.in - autoconf input
config.sub - autoconf support
configure - configure script (run this first)
configure.in - configure script source
configure.ac - configure script source
ether.h - Ethernet definitions
ethertype.h - Ethernet type value definitions
extract.h - alignment definitions

4
contrib/tcpdump/Makefile-devel-adds
View File

@ -2,12 +2,12 @@
# Auto-regenerate configure script or Makefile when things change.
# From autoconf.info . Works best with GNU Make.
#
${srcdir}/configure: configure.in aclocal.m4
${srcdir}/configure: configure.ac aclocal.m4
cd ${srcdir} && autoconf
# autoheader might not change config.h.in, so touch a stamp file.
${srcdir}/config.h.in: ${srcdir}/stamp-h.in
${srcdir}/stamp-h.in: configure.in aclocal.m4
${srcdir}/stamp-h.in: configure.ac aclocal.m4
cd ${srcdir} && autoheader
echo timestamp > ${srcdir}/stamp-h.in

6
contrib/tcpdump/Makefile.in
View File

@ -334,7 +334,7 @@ EXTRA_DIST = \
config.h.in \
config.sub \
configure \
configure.in \
configure.ac \
install-sh \
lbl/os-osf4.h \
lbl/os-solaris2.h \
@ -366,7 +366,7 @@ EXTRA_DIST = \
win32/prj/WinDump.vcproj \
win32/src/ether_ntohost.c
TEST_DIST= `find tests \( -name 'DIFF' -prune \) -o \( -name NEW -prune \) -o -type f \! -name '.*' \! -name '*~' -print`
TEST_DIST= `git ls-files tests | grep -v 'tests/\..*'`
all: $(PROG) $(LIBNETDISSECT)
@ -438,7 +438,7 @@ distclean:
rm -rf autom4te.cache tests/DIFF tests/NEW
check: tcpdump
(cd tests && ./TESTrun.sh)
(mkdir -p tests && SRCDIR=`cd ${srcdir}; pwd` && export SRCDIR && $$SRCDIR/tests/TESTrun.sh )
extags: $(TAGFILES)
ctags $(TAGFILES)

2
contrib/tcpdump/VERSION
View File

@ -1 +1 @@
4.9.2
4.9.3

7
contrib/tcpdump/addrtoname.c
View File

@ -125,7 +125,7 @@ win32_gethostbyaddr(const char *addr, int len, int type)
hname, sizeof(hname), NULL, 0, 0)) {
return NULL;
} else {
strcpy(host.h_name, hname);
strlcpy(host.h_name, hname, NI_MAXHOST);
return &host;
}
break;
@ -1247,10 +1247,7 @@ dnaddr_string(netdissect_options *ndo, u_short dnaddr)
tp->addr = dnaddr;
tp->nxt = newhnamemem(ndo);
if (ndo->ndo_nflag)
tp->name = dnnum_string(ndo, dnaddr);
else
tp->name = dnname_string(ndo, dnaddr);
tp->name = dnnum_string(ndo, dnaddr);
return(tp->name);
}

685
contrib/tcpdump/config.guess vendored
View File

File diff suppressed because it is too large Load Diff

11
contrib/tcpdump/config.h.in
View File

@ -1,4 +1,4 @@
/* config.h.in. Generated from configure.in by autoheader. */
/* config.h.in. Generated from configure.ac by autoheader. */
/* define if you want to build the possibly-buggy SMB printer */
#undef ENABLE_SMB
@ -28,9 +28,6 @@
don't. */
#undef HAVE_DECL_ETHER_NTOHOST
/* define if you have the dnet_htoa function */
#undef HAVE_DNET_HTOA
/* Define to 1 if you have the `ether_ntohost' function. */
#undef HAVE_ETHER_NTOHOST
@ -67,12 +64,6 @@
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the <netdnet/dnetdb.h> header file. */
#undef HAVE_NETDNET_DNETDB_H
/* define if you have a dnet_htoa declaration in <netdnet/dnetdb.h> */
#undef HAVE_NETDNET_DNETDB_H_DNET_HTOA
/* Define to 1 if you have the <netinet/ether.h> header file. */
#undef HAVE_NETINET_ETHER_H

1695
contrib/tcpdump/config.sub vendored
View File

File diff suppressed because it is too large Load Diff

108
contrib/tcpdump/configure vendored
View File

@ -675,6 +675,7 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
@ -755,6 +756,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE}'
@ -1007,6 +1009,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@ -1144,7 +1155,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir
libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@ -1297,6 +1308,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@ -1329,7 +1341,7 @@ Optional Features:
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--disable-universal don't build universal on OS X
--enable-smb enable possibly-buggy SMB printer default=yes
--enable-smb enable possibly-buggy SMB printer default=no
--disable-smb disable possibly-buggy SMB printer
Optional Packages:
@ -4193,7 +4205,7 @@ fi
done
for ac_header in fcntl.h rpc/rpc.h rpc/rpcent.h netdnet/dnetdb.h
for ac_header in fcntl.h rpc/rpc.h rpc/rpcent.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
@ -4492,14 +4504,12 @@ $as_echo_n "checking whether to enable the possibly-buggy SMB printer... " >&6;
if test "${enable_smb+set}" = set; then :
enableval=$enable_smb;
else
enableval=yes
enableval=no
fi
case "$enableval" in
yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: The SMB printer may have exploitable buffer overflows!!!" >&5
$as_echo "$as_me: WARNING: The SMB printer may have exploitable buffer overflows!!!" >&2;}
$as_echo "#define ENABLE_SMB 1" >>confdefs.h
@ -5059,33 +5069,6 @@ if test "$ipv6" = "yes" -a "$ipv6lib" != "none"; then
fi
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dnet_htoa declaration in netdnet/dnetdb.h" >&5
$as_echo_n "checking for dnet_htoa declaration in netdnet/dnetdb.h... " >&6; }
if ${td_cv_decl_netdnet_dnetdb_h_dnet_htoa+:} false; then :
$as_echo_n "(cached) " >&6
else
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
#include <netdnet/dnetdb.h>
_ACEOF
if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
$EGREP "dnet_htoa" >/dev/null 2>&1; then :
td_cv_decl_netdnet_dnetdb_h_dnet_htoa=yes
else
td_cv_decl_netdnet_dnetdb_h_dnet_htoa=no
fi
rm -f conftest*
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $td_cv_decl_netdnet_dnetdb_h_dnet_htoa" >&5
$as_echo "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" >&6; }
if test "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" = yes; then
$as_echo "#define HAVE_NETDNET_DNETDB_H_DNET_HTOA 1" >>confdefs.h
fi
ac_fn_c_check_func "$LINENO" "vfprintf" "ac_cv_func_vfprintf"
if test "x$ac_cv_func_vfprintf" = xyes; then :
$as_echo "#define HAVE_VFPRINTF 1" >>confdefs.h
@ -5293,65 +5276,6 @@ done
;;
esac
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dnet_htoa" >&5
$as_echo_n "checking for library containing dnet_htoa... " >&6; }
if ${ac_cv_search_dnet_htoa+:} false; then :
$as_echo_n "(cached) " >&6
else
ac_func_search_save_LIBS=$LIBS
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char dnet_htoa ();
int
main ()
{
return dnet_htoa ();
;
return 0;
}
_ACEOF
for ac_lib in '' dnet; do
if test -z "$ac_lib"; then
ac_res="none required"
else
ac_res=-l$ac_lib
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
fi
if ac_fn_c_try_link "$LINENO"; then :
ac_cv_search_dnet_htoa=$ac_res
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext
if ${ac_cv_search_dnet_htoa+:} false; then :
break
fi
done
if ${ac_cv_search_dnet_htoa+:} false; then :
else
ac_cv_search_dnet_htoa=no
fi
rm conftest.$ac_ext
LIBS=$ac_func_search_save_LIBS
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dnet_htoa" >&5
$as_echo "$ac_cv_search_dnet_htoa" >&6; }
ac_res=$ac_cv_search_dnet_htoa
if test "$ac_res" != no; then :
test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
$as_echo "#define HAVE_DNET_HTOA 1" >>confdefs.h
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lrpc" >&5
$as_echo_n "checking for main in -lrpc... " >&6; }
if ${ac_cv_lib_rpc_main+:} false; then :

1003
contrib/tcpdump/configure.ac Normal file
View File

File diff suppressed because it is too large Load Diff

2
contrib/tcpdump/netdissect.h
View File

@ -514,6 +514,7 @@ extern void hsrp_print(netdissect_options *, const u_char *, u_int);
extern void http_print(netdissect_options *, const u_char *, u_int);
extern void icmp6_print(netdissect_options *, const u_char *, u_int, const u_char *, int);
extern void icmp_print(netdissect_options *, const u_char *, u_int, const u_char *, int);
extern u_int ieee802_11_radio_print(netdissect_options *, const u_char *, u_int, u_int);
extern void igmp_print(netdissect_options *, const u_char *, u_int);
extern void igrp_print(netdissect_options *, const u_char *, u_int);
extern void ip6_print(netdissect_options *, const u_char *, u_int);
@ -641,7 +642,6 @@ extern int nextproto6_cksum(netdissect_options *, const struct ip6_hdr *, const
extern int mask2plen(uint32_t);
extern int mask62plen(const u_char *);
extern const char *dnname_string(netdissect_options *, u_short);
extern const char *dnnum_string(netdissect_options *, u_short);
extern char *smb_errstr(int, int);

15
contrib/tcpdump/print-802_11.c
View File

@ -2058,6 +2058,10 @@ ieee802_11_print(netdissect_options *ndo,
hdrlen = roundup2(hdrlen, 4);
if (ndo->ndo_Hflag && FC_TYPE(fc) == T_DATA &&
DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) {
if (caplen < hdrlen + 1) {
ND_PRINT((ndo, "%s", tstr));
return hdrlen;
}
meshdrlen = extract_mesh_header_length(p+hdrlen);
hdrlen += meshdrlen;
} else
@ -3071,7 +3075,7 @@ print_in_radiotap_namespace(netdissect_options *ndo,
return 0;
}
static u_int
u_int
ieee802_11_radio_print(netdissect_options *ndo,
const u_char *p, u_int length, u_int caplen)
{
@ -3101,6 +3105,15 @@ ieee802_11_radio_print(netdissect_options *ndo,
hdr = (const struct ieee80211_radiotap_header *)p;
len = EXTRACT_LE_16BITS(&hdr->it_len);
if (len < sizeof(*hdr)) {
/*
* The length is the length of the entire header, so
* it must be as large as the fixed-length part of
* the header.
*/
ND_PRINT((ndo, "%s", tstr));
return caplen;
}
/*
* If we don't have the entire radiotap header, just give up.

2
contrib/tcpdump/print-aoe.c
View File

@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
goto invalid;
/* addresses */
for (i = 0; i < nmacs; i++) {
ND_TCHECK2(*cp, ETHER_ADDR_LEN);
ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
cp += ETHER_ADDR_LEN;
}
@ -350,6 +351,7 @@ aoev1_print(netdissect_options *ndo,
if (len < AOEV1_COMMON_HDR_LEN)
goto invalid;
/* Flags */
ND_TCHECK2(*cp, 1);
flags = *cp & 0x0F;
ND_PRINT((ndo, ", Flags: [%s]", bittok2str(aoev1_flag_str, "none", flags)));
cp += 1;

4
contrib/tcpdump/print-babel.c
View File

@ -352,6 +352,8 @@ babel_print_v2(netdissect_options *ndo,
goto invalid;
bodylen = EXTRACT_16BITS(cp + 2);
ND_PRINT((ndo, " (%u)", bodylen));
if (4U + bodylen > length)
goto invalid;
/* Process the TLVs in the body */
i = 0;
@ -480,7 +482,7 @@ babel_print_v2(netdissect_options *ndo,
case MESSAGE_UPDATE: {
if (!ndo->ndo_vflag) {
ND_PRINT((ndo, " update"));
if(len < 1)
if(len < 10)
ND_PRINT((ndo, "/truncated"));
else
ND_PRINT((ndo, "%s%s%s",

223
contrib/tcpdump/print-bfd.c
View File

@ -15,7 +15,10 @@
/* \summary: Bidirectional Forwarding Detection (BFD) printer */
/* specification: RFC 5880 (for version 1) and RFC 5881 */
/*
* specification: draft-ietf-bfd-base-01 for version 0,
* RFC 5880 for version 1, and RFC 5881
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
@ -29,12 +32,12 @@
#include "udp.h"
/*
* Control packet, BFDv0, draft-katz-ward-bfd-01.txt
* Control packet, BFDv0, draft-ietf-bfd-base-01
*
* 0 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* |Vers | Diag |H|D|P|F| Rsvd | Detect Mult | Length |
* |Vers | Diag |H|D|P|F|C|A|Rsv| Detect Mult | Length |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | My Discriminator |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
@ -126,12 +129,6 @@ enum auth_length {
#define BFD_EXTRACT_VERSION(x) (((x)&0xe0)>>5)
#define BFD_EXTRACT_DIAG(x) ((x)&0x1f)
static const struct tok bfd_port_values[] = {
{ BFD_CONTROL_PORT, "Control" },
{ BFD_ECHO_PORT, "Echo" },
{ 0, NULL }
};
static const struct tok bfd_diag_values[] = {
{ 0, "No Diagnostic" },
{ 1, "Control Detection Time Expired" },
@ -145,20 +142,20 @@ static const struct tok bfd_diag_values[] = {
{ 0, NULL }
};
#define BFD_FLAG_AUTH 0x04
static const struct tok bfd_v0_flag_values[] = {
{ 0x80, "I Hear You" },
{ 0x40, "Demand" },
{ 0x20, "Poll" },
{ 0x10, "Final" },
{ 0x08, "Reserved" },
{ 0x04, "Reserved" },
{ 0x08, "Control Plane Independent" },
{ BFD_FLAG_AUTH, "Authentication Present" },
{ 0x02, "Reserved" },
{ 0x01, "Reserved" },
{ 0, NULL }
};
#define BFD_FLAG_AUTH 0x04
static const struct tok bfd_v1_flag_values[] = {
{ 0x20, "Poll" },
{ 0x10, "Final" },
@ -292,106 +289,124 @@ void
bfd_print(netdissect_options *ndo, register const u_char *pptr,
register u_int len, register u_int port)
{
const struct bfd_header_t *bfd_header;
uint8_t version = 0;
bfd_header = (const struct bfd_header_t *)pptr;
if (port == BFD_CONTROL_PORT) {
/*
* Control packet.
*/
const struct bfd_header_t *bfd_header;
uint8_t version_diag;
uint8_t version = 0;
uint8_t flags;
bfd_header = (const struct bfd_header_t *)pptr;
ND_TCHECK(*bfd_header);
version = BFD_EXTRACT_VERSION(bfd_header->version_diag);
version_diag = bfd_header->version_diag;
version = BFD_EXTRACT_VERSION(version_diag);
flags = bfd_header->flags;
switch (version) {
/* BFDv0 */
case 0:
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv0, Control, Flags: [%s], length: %u",
bittok2str(bfd_v0_flag_values, "none", flags),
len));
return;
}
ND_PRINT((ndo, "BFDv0, length: %u\n\tControl, Flags: [%s], Diagnostic: %s (0x%02x)",
len,
bittok2str(bfd_v0_flag_values, "none", flags),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
BFD_EXTRACT_DIAG(version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
if (flags & BFD_FLAG_AUTH) {
if (auth_print(ndo, pptr))
goto trunc;
}
break;
/* BFDv1 */
case 1:
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv1, Control, State %s, Flags: [%s], length: %u",
tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
len));
return;
}
ND_PRINT((ndo, "BFDv1, length: %u\n\tControl, State %s, Flags: [%s], Diagnostic: %s (0x%02x)",
len,
tok2str(bfd_v1_state_values, "unknown (%u)", (flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", flags & 0x3f),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(version_diag)),
BFD_EXTRACT_DIAG(version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
if (flags & BFD_FLAG_AUTH) {
if (auth_print(ndo, pptr))
goto trunc;
}
break;
default:
ND_PRINT((ndo, "BFDv%u, Control, length: %u",
version,
len));
if (ndo->ndo_vflag >= 1) {
if(!print_unknown_data(ndo, pptr,"\n\t",len))
return;
}
break;
}
} else if (port == BFD_ECHO_PORT) {
/* Echo is BFD v1 only */
version = 1;
}
switch ((port << 8) | version) {
/* BFDv0 */
case (BFD_CONTROL_PORT << 8):
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv%u, %s, Flags: [%s], length: %u",
version,
tok2str(bfd_port_values, "unknown (%u)", port),
bittok2str(bfd_v0_flag_values, "none", bfd_header->flags),
len));
return;
/*
* Echo packet.
*/
ND_PRINT((ndo, "BFD, Echo, length: %u",
len));
if (ndo->ndo_vflag >= 1) {
if(!print_unknown_data(ndo, pptr,"\n\t",len))
return;
}
ND_PRINT((ndo, "BFDv%u, length: %u\n\t%s, Flags: [%s], Diagnostic: %s (0x%02x)",
version,
len,
tok2str(bfd_port_values, "unknown (%u)", port),
bittok2str(bfd_v0_flag_values, "none", bfd_header->flags),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(bfd_header->version_diag)),
BFD_EXTRACT_DIAG(bfd_header->version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
break;
/* BFDv1 */
case (BFD_CONTROL_PORT << 8 | 1):
if (ndo->ndo_vflag < 1)
{
ND_PRINT((ndo, "BFDv%u, %s, State %s, Flags: [%s], length: %u",
version,
tok2str(bfd_port_values, "unknown (%u)", port),
tok2str(bfd_v1_state_values, "unknown (%u)", (bfd_header->flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", bfd_header->flags & 0x3f),
len));
return;
}
ND_PRINT((ndo, "BFDv%u, length: %u\n\t%s, State %s, Flags: [%s], Diagnostic: %s (0x%02x)",
version,
len,
tok2str(bfd_port_values, "unknown (%u)", port),
tok2str(bfd_v1_state_values, "unknown (%u)", (bfd_header->flags & 0xc0) >> 6),
bittok2str(bfd_v1_flag_values, "none", bfd_header->flags & 0x3f),
tok2str(bfd_diag_values,"unknown",BFD_EXTRACT_DIAG(bfd_header->version_diag)),
BFD_EXTRACT_DIAG(bfd_header->version_diag)));
ND_PRINT((ndo, "\n\tDetection Timer Multiplier: %u (%u ms Detection time), BFD Length: %u",
bfd_header->detect_time_multiplier,
bfd_header->detect_time_multiplier * EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000,
bfd_header->length));
ND_PRINT((ndo, "\n\tMy Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->my_discriminator)));
ND_PRINT((ndo, ", Your Discriminator: 0x%08x", EXTRACT_32BITS(bfd_header->your_discriminator)));
ND_PRINT((ndo, "\n\t Desired min Tx Interval: %4u ms", EXTRACT_32BITS(bfd_header->desired_min_tx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Rx Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_rx_interval)/1000));
ND_PRINT((ndo, "\n\t Required min Echo Interval: %4u ms", EXTRACT_32BITS(bfd_header->required_min_echo_interval)/1000));
if (bfd_header->flags & BFD_FLAG_AUTH) {
if (auth_print(ndo, pptr))
goto trunc;
}
break;
/* BFDv0 */
case (BFD_ECHO_PORT << 8): /* not yet supported - fall through */
/* BFDv1 */
case (BFD_ECHO_PORT << 8 | 1):
default:
ND_PRINT((ndo, "BFD, %s, length: %u",
tok2str(bfd_port_values, "unknown (%u)", port),
} else {
/*
* Unknown packet type.
*/
ND_PRINT((ndo, "BFD, unknown (%u), length: %u",
port,
len));
if (ndo->ndo_vflag >= 1) {
if(!print_unknown_data(ndo, pptr,"\n\t",len))
return;
}
break;
}
return;

49
contrib/tcpdump/print-bgp.c
View File

@ -47,6 +47,8 @@
#include "af.h"
#include "l2vpn.h"
static const char tstr[] = "[|BGP]";
struct bgp {
uint8_t bgp_marker[16];
uint16_t bgp_len;
@ -1013,7 +1015,7 @@ decode_multicast_vpn(netdissect_options *ndo,
*/
#define UPDATE_BUF_BUFLEN(buf, buflen, stringlen) \
if (stringlen<0) \
buflen=0; \
buflen=0; \
else if ((u_int)stringlen>buflen) \
buflen=0; \
else { \
@ -1359,7 +1361,7 @@ bgp_attr_get_as_size(netdissect_options *ndo,
static int
bgp_attr_print(netdissect_options *ndo,
u_int atype, const u_char *pptr, u_int len)
u_int atype, const u_char *pptr, u_int len, const unsigned attr_set_level)
{
int i;
uint16_t af;
@ -1482,7 +1484,7 @@ bgp_attr_print(netdissect_options *ndo,
}
ND_TCHECK2(tptr[0], 8);
ND_PRINT((ndo, " AS #%s, origin %s",
as_printf(ndo, astostr, sizeof(astostr), EXTRACT_32BITS(tptr)),
as_printf(ndo, astostr, sizeof(astostr), EXTRACT_32BITS(tptr)),
ipaddr_string(ndo, tptr + 4)));
break;
case BGPTYPE_COMMUNITIES:
@ -1698,10 +1700,12 @@ bgp_attr_print(netdissect_options *ndo,
bgp_vpn_rd_print(ndo, tptr),
isonsap_string(ndo, tptr+BGP_VPN_RD_LEN,tlen-BGP_VPN_RD_LEN)));
/* rfc986 mapped IPv4 address ? */
if (EXTRACT_32BITS(tptr+BGP_VPN_RD_LEN) == 0x47000601)
if (tlen == BGP_VPN_RD_LEN + 4 + sizeof(struct in_addr)
&& EXTRACT_32BITS(tptr+BGP_VPN_RD_LEN) == 0x47000601)
ND_PRINT((ndo, " = %s", ipaddr_string(ndo, tptr+BGP_VPN_RD_LEN+4)));
/* rfc1888 mapped IPv6 address ? */
else if (EXTRACT_24BITS(tptr+BGP_VPN_RD_LEN) == 0x350000)
else if (tlen == BGP_VPN_RD_LEN + 3 + sizeof(struct in6_addr)
&& EXTRACT_24BITS(tptr+BGP_VPN_RD_LEN) == 0x350000)
ND_PRINT((ndo, " = %s", ip6addr_string(ndo, tptr+BGP_VPN_RD_LEN+3)));
tptr += tlen;
tlen = 0;
@ -2280,8 +2284,16 @@ bgp_attr_print(netdissect_options *ndo,
ND_PRINT((ndo, "+%x", aflags & 0xf));
ND_PRINT((ndo, "]: "));
}
/* FIXME check for recursion */
if (!bgp_attr_print(ndo, atype, tptr, alen))
/* The protocol encoding per se allows ATTR_SET to be nested as many times
* as the message can accommodate. This printer used to be able to recurse
* into ATTR_SET contents until the stack exhaustion, but now there is a
* limit on that (if live protocol exchange goes that many levels deep,
* something is probably wrong anyway). Feel free to refine this value if
* you can find the spec with respective normative text.
*/
if (attr_set_level == 10)
ND_PRINT((ndo, "(too many nested levels, not recursing)"));
else if (!bgp_attr_print(ndo, atype, tptr, alen, attr_set_level + 1))
return 0;
tptr += alen;
len -= alen;
@ -2342,6 +2354,8 @@ bgp_capabilities_print(netdissect_options *ndo,
ND_TCHECK2(opt[i+2], cap_len);
switch (cap_type) {
case BGP_CAPCODE_MP:
/* AFI (16 bits), Reserved (8 bits), SAFI (8 bits) */
ND_TCHECK_8BITS(opt + i + 5);
ND_PRINT((ndo, "\n\t\tAFI %s (%u), SAFI %s (%u)",
tok2str(af_values, "Unknown",
EXTRACT_16BITS(opt+i+2)),
@ -2351,12 +2365,15 @@ bgp_capabilities_print(netdissect_options *ndo,
opt[i+5]));
break;
case BGP_CAPCODE_RESTART:
/* Restart Flags (4 bits), Restart Time in seconds (12 bits) */
ND_TCHECK_16BITS(opt + i + 2);
ND_PRINT((ndo, "\n\t\tRestart Flags: [%s], Restart Time %us",
((opt[i+2])&0x80) ? "R" : "none",
EXTRACT_16BITS(opt+i+2)&0xfff));
tcap_len-=2;
cap_offset=4;
while(tcap_len>=4) {
ND_TCHECK_8BITS(opt + i + cap_offset + 3);
ND_PRINT((ndo, "\n\t\t AFI %s (%u), SAFI %s (%u), Forwarding state preserved: %s",
tok2str(af_values,"Unknown",
EXTRACT_16BITS(opt+i+cap_offset)),
@ -2420,7 +2437,7 @@ bgp_capabilities_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2483,7 +2500,7 @@ bgp_open_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2583,7 +2600,7 @@ bgp_update_print(netdissect_options *ndo,
goto trunc;
if (length < alen)
goto trunc;
if (!bgp_attr_print(ndo, atype, p, alen))
if (!bgp_attr_print(ndo, atype, p, alen, 0))
goto trunc;
p += alen;
len -= alen;
@ -2620,7 +2637,7 @@ bgp_update_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2701,7 +2718,7 @@ bgp_notification_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static void
@ -2735,7 +2752,7 @@ bgp_route_refresh_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
static int
@ -2775,7 +2792,7 @@ bgp_header_print(netdissect_options *ndo,
}
return 1;
trunc:
ND_PRINT((ndo, "[|BGP]"));
ND_PRINT((ndo, "%s", tstr));
return 0;
}
@ -2824,7 +2841,7 @@ bgp_print(netdissect_options *ndo,
memcpy(&bgp, p, BGP_SIZE);
if (start != p)
ND_PRINT((ndo, " [|BGP]"));
ND_PRINT((ndo, " %s", tstr));
hlen = ntohs(bgp.bgp_len);
if (hlen < BGP_SIZE) {
@ -2850,7 +2867,7 @@ bgp_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo, " [|BGP]"));
ND_PRINT((ndo, "%s", tstr));
}
/*

7
contrib/tcpdump/print-bootp.c
View File

@ -358,7 +358,7 @@ bootp_print(netdissect_options *ndo,
if (*bp->bp_sname) {
ND_PRINT((ndo, "\n\t sname \""));
if (fn_printztn(ndo, bp->bp_sname, (u_int)sizeof bp->bp_sname,
ndo->ndo_snapend)) {
ndo->ndo_snapend) == 0) {
ND_PRINT((ndo, "\""));
ND_PRINT((ndo, "%s", tstr + 1));
return;
@ -369,7 +369,7 @@ bootp_print(netdissect_options *ndo,
if (*bp->bp_file) {
ND_PRINT((ndo, "\n\t file \""));
if (fn_printztn(ndo, bp->bp_file, (u_int)sizeof bp->bp_file,
ndo->ndo_snapend)) {
ndo->ndo_snapend) == 0) {
ND_PRINT((ndo, "\""));
ND_PRINT((ndo, "%s", tstr + 1));
return;
@ -378,7 +378,7 @@ bootp_print(netdissect_options *ndo,
}
/* Decode the vendor buffer */
ND_TCHECK(bp->bp_vend[0]);
ND_TCHECK2(bp->bp_vend[0], 4);
if (memcmp((const char *)bp->bp_vend, vm_rfc1048,
sizeof(uint32_t)) == 0)
rfc1048_print(ndo, bp->bp_vend);
@ -388,6 +388,7 @@ bootp_print(netdissect_options *ndo,
else {
uint32_t ul;
ND_TCHECK_32BITS(&bp->bp_vend);
ul = EXTRACT_32BITS(&bp->bp_vend);
if (ul != 0)
ND_PRINT((ndo, "\n\t Vendor-#0x%x", ul));

53
contrib/tcpdump/print-dccp.c
View File

@ -530,7 +530,8 @@ static const struct tok dccp_option_values[] = {
{ 0, NULL }
};
static int dccp_print_option(netdissect_options *ndo, const u_char *option, u_int hlen)
static int
dccp_print_option(netdissect_options *ndo, const u_char *option, u_int hlen)
{
uint8_t optlen, i;
@ -623,16 +624,54 @@ static int dccp_print_option(netdissect_options *ndo, const u_char *option, u_in
}
break;
case 41:
if (optlen == 4)
/*
* 13.1. Timestamp Option
*
* +--------+--------+--------+--------+--------+--------+
* |00101001|00000110| Timestamp Value |
* +--------+--------+--------+--------+--------+--------+
* Type=41 Length=6
*/
if (optlen == 6)
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
else
ND_PRINT((ndo, " optlen != 4"));
ND_PRINT((ndo, " [optlen != 6]"));
break;
case 42:
if (optlen == 4)
/*
* 13.3. Timestamp Echo Option
*
* +--------+--------+--------+--------+--------+--------+
* |00101010|00000110| Timestamp Echo |
* +--------+--------+--------+--------+--------+--------+
* Type=42 Len=6
*
* +--------+--------+------- ... -------+--------+--------+
* |00101010|00001000| Timestamp Echo | Elapsed Time |
* +--------+--------+------- ... -------+--------+--------+
* Type=42 Len=8 (4 bytes)
*
* +--------+--------+------- ... -------+------- ... -------+
* |00101010|00001010| Timestamp Echo | Elapsed Time |
* +--------+--------+------- ... -------+------- ... -------+
* Type=42 Len=10 (4 bytes) (4 bytes)
*/
switch (optlen) {
case 6:
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
else
ND_PRINT((ndo, " optlen != 4"));
break;
case 8:
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
ND_PRINT((ndo, " (elapsed time %u)", EXTRACT_16BITS(option + 6)));
break;
case 10:
ND_PRINT((ndo, " %u", EXTRACT_32BITS(option + 2)));
ND_PRINT((ndo, " (elapsed time %u)", EXTRACT_32BITS(option + 6)));
break;
default:
ND_PRINT((ndo, " [optlen != 6 or 8 or 10]"));
break;
}
break;
case 43:
if (optlen == 6)
@ -640,7 +679,7 @@ static int dccp_print_option(netdissect_options *ndo, const u_char *option, u_in
else if (optlen == 4)
ND_PRINT((ndo, " %u", EXTRACT_16BITS(option + 2)));
else
ND_PRINT((ndo, " optlen != 4 or 6"));
ND_PRINT((ndo, " [optlen != 4 or 6]"));
break;
case 44:
if (optlen > 2) {

33
contrib/tcpdump/print-decnet.c
View File

@ -30,10 +30,6 @@
struct mbuf;
struct rtentry;
#ifdef HAVE_NETDNET_DNETDB_H
#include <netdnet/dnetdb.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -75,12 +71,6 @@ typedef union etheraddress etheraddr; /* Ethernet address */
#define AREASHIFT 10 /* bit-offset for area field */
#define NODEMASK 01777 /* mask for node address field */
#define DN_MAXADDL 20 /* max size of DECnet address */
struct dn_naddr {
uint16_t a_len; /* length of address */
uint8_t a_addr[DN_MAXADDL]; /* address as bytes */
};
/*
* Define long and short header formats.
*/
@ -492,10 +482,6 @@ static int print_elist(const char *, u_int);
static int print_nsp(netdissect_options *, const u_char *, u_int);
static void print_reason(netdissect_options *, int);
#ifndef HAVE_NETDNET_DNETDB_H_DNET_HTOA
extern char *dnet_htoa(struct dn_naddr *);
#endif
void
decnet_print(netdissect_options *ndo,
register const u_char *ap, register u_int length,
@ -1252,22 +1238,3 @@ dnnum_string(netdissect_options *ndo, u_short dnaddr)
snprintf(str, siz, "%d.%d", area, node);
return(str);
}
const char *
dnname_string(netdissect_options *ndo, u_short dnaddr)
{
#ifdef HAVE_DNET_HTOA
struct dn_naddr dna;
char *dnname;
dna.a_len = sizeof(short);
memcpy((char *)dna.a_addr, (char *)&dnaddr, sizeof(short));
dnname = dnet_htoa(&dna);
if(dnname != NULL)
return (strdup(dnname));
else
return(dnnum_string(ndo, dnaddr));
#else
return(dnnum_string(ndo, dnaddr)); /* punt */
#endif
}

7
contrib/tcpdump/print-domain.c
View File

@ -582,6 +582,13 @@ ns_print(netdissect_options *ndo,
register const u_char *cp;
uint16_t b2;
if(length < sizeof(*np)) {
ND_PRINT((ndo, "domain"));
ND_PRINT((ndo, " [length %u < %zu]", length, sizeof(*np)));
ND_PRINT((ndo, " (invalid)"));
return;
}
np = (const HEADER *)bp;
ND_TCHECK(*np);
/* get the byte-order right */

26
contrib/tcpdump/print-dvmrp.c
View File

@ -32,6 +32,8 @@
#include "addrtoname.h"
/*
* See: RFC 1075 and draft-ietf-idmr-dvmrp-v3
*
* DVMRP message types and flag values shamelessly stolen from
* mrouted/dvmrp.h.
*/
@ -58,19 +60,18 @@
static int print_probe(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_report(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_neighbors(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_neighbors2(netdissect_options *, const u_char *, const u_char *, u_int);
static int print_neighbors2(netdissect_options *, const u_char *, const u_char *, u_int, uint8_t, uint8_t);
static int print_prune(netdissect_options *, const u_char *);
static int print_graft(netdissect_options *, const u_char *);
static int print_graft_ack(netdissect_options *, const u_char *);
static uint32_t target_level;
void
dvmrp_print(netdissect_options *ndo,
register const u_char *bp, register u_int len)
{
register const u_char *ep;
register u_char type;
uint8_t major_version, minor_version;
ep = (const u_char *)ndo->ndo_snapend;
if (bp >= ep)
@ -118,15 +119,15 @@ dvmrp_print(netdissect_options *ndo,
case DVMRP_NEIGHBORS2:
ND_PRINT((ndo, " Neighbors2"));
/*
* extract version and capabilities from IGMP group
* address field
* extract version from IGMP group address field
*/
bp -= 4;
ND_TCHECK2(bp[0], 4);
target_level = (bp[0] << 24) | (bp[1] << 16) |
(bp[2] << 8) | bp[3];
major_version = *(bp + 3);
minor_version = *(bp + 2);
bp += 4;
if (print_neighbors2(ndo, bp, ep, len) < 0)
if (print_neighbors2(ndo, bp, ep, len, major_version,
minor_version) < 0)
goto trunc;
break;
@ -230,7 +231,7 @@ print_probe(netdissect_options *ndo,
ND_PRINT((ndo, " [|}"));
return (0);
}
genid = (bp[0] << 24) | (bp[1] << 16) | (bp[2] << 8) | bp[3];
genid = EXTRACT_32BITS(bp);
bp += 4;
len -= 4;
ND_PRINT((ndo, ndo->ndo_vflag > 1 ? "\n\t" : " "));
@ -283,15 +284,14 @@ print_neighbors(netdissect_options *ndo,
static int
print_neighbors2(netdissect_options *ndo,
register const u_char *bp, register const u_char *ep,
register u_int len)
register u_int len, uint8_t major_version,
uint8_t minor_version)
{
const u_char *laddr;
register u_char metric, thresh, flags;
register int ncount;
ND_PRINT((ndo, " (v %d.%d):",
(int)target_level & 0xff,
(int)(target_level >> 8) & 0xff));
ND_PRINT((ndo, " (v %d.%d):", major_version, minor_version));
while (len > 0 && bp < ep) {
ND_TCHECK2(bp[0], 8);

2
contrib/tcpdump/print-eigrp.c
View File

@ -353,6 +353,7 @@ eigrp_print(netdissect_options *ndo, register const u_char *pptr, register u_int
}
byte_length = (bit_length + 7) / 8; /* variable length encoding */
memset(prefix, 0, 4);
ND_TCHECK2(tlv_ptr.eigrp_tlv_ip_int->destination, byte_length);
memcpy(prefix,&tlv_ptr.eigrp_tlv_ip_int->destination,byte_length);
ND_PRINT((ndo, "\n\t IPv4 prefix: %15s/%u, nexthop: ",
@ -387,6 +388,7 @@ eigrp_print(netdissect_options *ndo, register const u_char *pptr, register u_int
}
byte_length = (bit_length + 7) / 8; /* variable length encoding */
memset(prefix, 0, 4);
ND_TCHECK2(tlv_ptr.eigrp_tlv_ip_ext->destination, byte_length);
memcpy(prefix,&tlv_ptr.eigrp_tlv_ip_ext->destination,byte_length);
ND_PRINT((ndo, "\n\t IPv4 prefix: %15s/%u, nexthop: ",

95
contrib/tcpdump/print-esp.c
View File

@ -191,8 +191,8 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
const u_char *iv;
unsigned int len;
EVP_CIPHER_CTX *ctx;
unsigned int block_size, output_buffer_size;
u_char *output_buffer;
unsigned int block_size, buffer_size;
u_char *input_buffer, *output_buffer;
/* initiator arg is any non-zero value */
if(initiator) initiator=1;
@ -227,19 +227,39 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
(*ndo->ndo_warning)(ndo, "espkey init failed");
set_cipher_parameters(ctx, NULL, NULL, iv, 0);
/*
* Allocate a buffer for the decrypted data.
* The output buffer must be separate from the input buffer, and
* its size must be a multiple of the cipher block size.
* Allocate buffers for the encrypted and decrypted data.
* Both buffers' sizes must be a multiple of the cipher block
* size, and the output buffer must be separate from the input
* buffer.
*/
block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
output_buffer_size = len + (block_size - len % block_size);
output_buffer = (u_char *)malloc(output_buffer_size);
if (output_buffer == NULL) {
(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
buffer_size = len + (block_size - len % block_size);
/*
* Attempt to allocate the input buffer.
*/
input_buffer = (u_char *)malloc(buffer_size);
if (input_buffer == NULL) {
EVP_CIPHER_CTX_free(ctx);
return 0;
(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
}
EVP_Cipher(ctx, output_buffer, buf, len);
/*
* Copy the input data to the encrypted data buffer, and pad it
* with zeroes.
*/
memcpy(input_buffer, buf, len);
memset(input_buffer + len, 0, buffer_size - len);
/*
* Attempt to allocate the output buffer.
*/
output_buffer = (u_char *)malloc(buffer_size);
if (output_buffer == NULL) {
free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
(*ndo->ndo_error)(ndo, "can't allocate memory for decryption buffer");
}
EVP_Cipher(ctx, output_buffer, input_buffer, len);
EVP_CIPHER_CTX_free(ctx);
/*
@ -247,6 +267,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
* but changing this would require a more complicated fix.
*/
memcpy(__DECONST(u_char *, buf), output_buffer, len);
free(input_buffer);
free(output_buffer);
ndo->ndo_packetp = buf;
@ -287,7 +308,6 @@ static u_int hexdigit(netdissect_options *ndo, char hex)
return (hex - 'a' + 10);
else {
(*ndo->ndo_error)(ndo, "invalid hex digit %c in espsecret\n", hex);
return 0;
}
}
@ -398,7 +418,7 @@ espprint_decode_encalgo(netdissect_options *ndo,
USES_APPLE_RST
/*
* for the moment, ignore the auth algorith, just hard code the authenticator
* for the moment, ignore the auth algorithm, just hard code the authenticator
* length. Need to research how openssl looks up HMAC stuff.
*/
static int
@ -521,7 +541,6 @@ static void esp_print_decode_onesecret(netdissect_options *ndo, char *line,
if (secretfile == NULL) {
(*ndo->ndo_error)(ndo, "print_esp: can't open %s: %s\n",
filename, strerror(errno));
return;
}
while (fgets(fileline, sizeof(fileline)-1, secretfile) != NULL) {
@ -551,6 +570,10 @@ static void esp_print_decode_onesecret(netdissect_options *ndo, char *line,
uint32_t spino;
spistr = strsep(&spikey, "@");
if (spistr == NULL) {
(*ndo->ndo_warning)(ndo, "print_esp: failed to find the @ token");
return;
}
spino = strtoul(spistr, &foo, 0);
if (spistr == foo || !spikey) {
@ -660,8 +683,8 @@ esp_print(netdissect_options *ndo,
const u_char *ivoff;
const u_char *p;
EVP_CIPHER_CTX *ctx;
unsigned int block_size, output_buffer_size;
u_char *output_buffer;
unsigned int block_size, buffer_size;
u_char *input_buffer, *output_buffer;
#endif
esp = (const struct newesp *)bp;
@ -777,21 +800,41 @@ esp_print(netdissect_options *ndo,
len = ep - (p + ivlen);
/*
* Allocate a buffer for the decrypted data.
* The output buffer must be separate from the
* input buffer, and its size must be a multiple
* of the cipher block size.
* Allocate buffers for the encrypted and decrypted
* data. Both buffers' sizes must be a multiple of
* the cipher block size, and the output buffer must
* be separate from the input buffer.
*/
block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
output_buffer_size = len + (block_size - len % block_size);
output_buffer = (u_char *)malloc(output_buffer_size);
if (output_buffer == NULL) {
(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
buffer_size = len + (block_size - len % block_size);
/*
* Attempt to allocate the input buffer.
*/
input_buffer = (u_char *)malloc(buffer_size);
if (input_buffer == NULL) {
EVP_CIPHER_CTX_free(ctx);
return -1;
(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
}
/*
* Copy the input data to the encrypted data buffer,
* and pad it with zeroes.
*/
memcpy(input_buffer, p + ivlen, len);
memset(input_buffer + len, 0, buffer_size - len);
/*
* Attempt to allocate the output buffer.
*/
output_buffer = (u_char *)malloc(buffer_size);
if (output_buffer == NULL) {
free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
(*ndo->ndo_error)(ndo, "can't allocate memory for decryption buffer");
}
EVP_Cipher(ctx, output_buffer, p + ivlen, len);
EVP_Cipher(ctx, output_buffer, input_buffer, len);
free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
/*
* XXX - of course this is wrong, because buf is a

9
contrib/tcpdump/print-fr.c
View File

@ -457,6 +457,10 @@ mfr_print(netdissect_options *ndo,
*/
ND_TCHECK2(*p, 4); /* minimum frame header length */
if (length < 4) {
ND_PRINT((ndo, "Message too short (%u bytes)", length));
return length;
}
if ((p[0] & MFR_BEC_MASK) == MFR_CTRL_FRAME && p[1] == 0) {
ND_PRINT((ndo, "FRF.16 Control, Flags [%s], %s, length %u",
@ -493,6 +497,11 @@ mfr_print(netdissect_options *ndo,
switch (ie_type) {
case MFR_CTRL_IE_MAGIC_NUM:
/* FRF.16.1 Section 3.4.3 Magic Number Information Element */
if (ie_len != 4) {
ND_PRINT((ndo, "(invalid length)"));
break;
}
ND_PRINT((ndo, "0x%08x", EXTRACT_32BITS(tptr)));
break;

14
contrib/tcpdump/print-hncp.c
View File

@ -68,8 +68,8 @@ hncp_print(netdissect_options *ndo,
#define HNCP_EXTERNAL_CONNECTION 33
#define HNCP_DELEGATED_PREFIX 34
#define HNCP_PREFIX_POLICY 43
#define HNCP_DHCPV4_DATA 37
#define HNCP_DHCPV6_DATA 38
#define HNCP_DHCPV4_DATA 37 /* This is correct, see RFC 7788 Errata ID 5113. */
#define HNCP_DHCPV6_DATA 38 /* idem */
#define HNCP_ASSIGNED_PREFIX 35
#define HNCP_NODE_ADDRESS 36
#define HNCP_DNS_DELEGATED_ZONE 39
@ -158,10 +158,10 @@ is_ipv4_mapped_address(const u_char *addr)
static const char *
format_nid(const u_char *data)
{
static char buf[4][11+5];
static char buf[4][sizeof("01:01:01:01")];
static int i = 0;
i = (i + 1) % 4;
snprintf(buf[i], 16, "%02x:%02x:%02x:%02x",
snprintf(buf[i], sizeof(buf[i]), "%02x:%02x:%02x:%02x",
data[0], data[1], data[2], data[3]);
return buf[i];
}
@ -169,10 +169,10 @@ format_nid(const u_char *data)
static const char *
format_256(const u_char *data)
{
static char buf[4][64+5];
static char buf[4][sizeof("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")];
static int i = 0;
i = (i + 1) % 4;
snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
snprintf(buf[i], sizeof(buf[i]), "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
EXTRACT_64BITS(data),
EXTRACT_64BITS(data + 8),
EXTRACT_64BITS(data + 16),
@ -229,6 +229,8 @@ print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length)
plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
} else {
plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
if (plenbytes < 0)
return plenbytes;
}
ND_PRINT((ndo, "%s", buf));

14
contrib/tcpdump/print-icmp.c
View File

@ -400,7 +400,7 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
default:
(void)snprintf(buf, sizeof(buf),
"%s protocol %d port %d unreachable",
"%s protocol %u port %u unreachable",
ipaddr_string(ndo, &oip->ip_dst),
oip->ip_p, dport);
break;
@ -506,7 +506,7 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
break;
default:
(void)snprintf(buf, sizeof(buf), "time exceeded-#%d",
(void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
dp->icmp_code);
break;
}
@ -515,11 +515,11 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
case ICMP_PARAMPROB:
if (dp->icmp_code)
(void)snprintf(buf, sizeof(buf),
"parameter problem - code %d", dp->icmp_code);
"parameter problem - code %u", dp->icmp_code);
else {
ND_TCHECK(dp->icmp_pptr);
(void)snprintf(buf, sizeof(buf),
"parameter problem - octet %d", dp->icmp_pptr);
"parameter problem - octet %u", dp->icmp_pptr);
}
break;
@ -557,13 +557,15 @@ icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *
}
ND_PRINT((ndo, "ICMP %s, length %u", str, plen));
if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
uint16_t sum, icmp_sum;
if (ND_TTEST2(*bp, plen)) {
uint16_t sum;
vec[0].ptr = (const uint8_t *)(const void *)dp;
vec[0].len = plen;
sum = in_cksum(vec, 1);
if (sum != 0) {
uint16_t icmp_sum;
ND_TCHECK_16BITS(&dp->icmp_cksum);
icmp_sum = EXTRACT_16BITS(&dp->icmp_cksum);
ND_PRINT((ndo, " (wrong icmp cksum %x (->%x)!)",
icmp_sum,

31
contrib/tcpdump/print-icmp6.c
View File

@ -41,6 +41,10 @@
#include "udp.h"
#include "ah.h"
static const char icmp6_tstr[] = " [|icmp6]";
static const char rpl_tstr[] = " [|rpl]";
static const char mldv2_tstr[] = " [|mldv2]";
/* NetBSD: icmp6.h,v 1.13 2000/08/03 16:30:37 itojun Exp */
/* $KAME: icmp6.h,v 1.22 2000/08/03 15:25:16 jinmei Exp $ */
@ -683,10 +687,11 @@ rpl_dio_printopt(netdissect_options *ndo,
}
opt = (const struct rpl_dio_genoption *)(((const char *)opt) + optlen);
length -= optlen;
ND_TCHECK(opt->rpl_dio_len);
}
return;
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
}
@ -715,7 +720,7 @@ rpl_dio_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
}
@ -756,7 +761,7 @@ rpl_dao_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
tooshort:
@ -800,7 +805,7 @@ rpl_daoack_print(netdissect_options *ndo,
return;
trunc:
ND_PRINT((ndo," [|dao-truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
tooshort:
@ -859,7 +864,7 @@ rpl_print(netdissect_options *ndo,
#if 0
trunc:
ND_PRINT((ndo," [|truncated]"));
ND_PRINT((ndo, "%s", rpl_tstr));
return;
#endif
@ -1034,7 +1039,7 @@ icmp6_print(netdissect_options *ndo,
p = (const struct nd_router_advert *)dp;
ND_TCHECK(p->nd_ra_retransmit);
ND_PRINT((ndo,"\n\thop limit %u, Flags [%s]" \
", pref %s, router lifetime %us, reachable time %us, retrans time %us",
", pref %s, router lifetime %us, reachable time %ums, retrans timer %ums",
(u_int)p->nd_ra_curhoplimit,
bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)),
get_rtpref(p->nd_ra_flags_reserved),
@ -1157,7 +1162,7 @@ icmp6_print(netdissect_options *ndo,
ND_PRINT((ndo,", length %u", length));
return;
trunc:
ND_PRINT((ndo, "[|icmp6]"));
ND_PRINT((ndo, "%s", icmp6_tstr));
}
static const struct udphdr *
@ -1381,8 +1386,8 @@ icmp6_opt_print(netdissect_options *ndo, const u_char *bp, int resid)
}
return;
trunc:
ND_PRINT((ndo, "[ndp opt]"));
trunc:
ND_PRINT((ndo, "%s", icmp6_tstr));
return;
#undef ECHECK
}
@ -1457,7 +1462,7 @@ mldv2_report_print(netdissect_options *ndo, const u_char *bp, u_int len)
}
return;
trunc:
ND_PRINT((ndo,"[|icmp6]"));
ND_PRINT((ndo, "%s", mldv2_tstr));
return;
}
@ -1523,7 +1528,7 @@ mldv2_query_print(netdissect_options *ndo, const u_char *bp, u_int len)
ND_PRINT((ndo,"]"));
return;
trunc:
ND_PRINT((ndo,"[|icmp6]"));
ND_PRINT((ndo, "%s", mldv2_tstr));
return;
}
@ -1810,7 +1815,7 @@ icmp6_nodeinfo_print(netdissect_options *ndo, u_int icmp6len, const u_char *bp,
return;
trunc:
ND_PRINT((ndo, "[|icmp6]"));
ND_PRINT((ndo, "%s", icmp6_tstr));
}
static void
@ -1945,7 +1950,7 @@ icmp6_rrenum_print(netdissect_options *ndo, const u_char *bp, const u_char *ep)
return;
trunc:
ND_PRINT((ndo,"[|icmp6]"));
ND_PRINT((ndo, "%s", icmp6_tstr));
}
/*

44
contrib/tcpdump/print-ipnet.c
View File

@ -7,16 +7,19 @@
#include <netdissect-stdinc.h>
#include "netdissect.h"
#include "extract.h"
static const char tstr[] = "[|ipnet]";
typedef struct ipnet_hdr {
uint8_t iph_version;
uint8_t iph_family;
uint16_t iph_htype;
uint32_t iph_pktlen;
uint32_t iph_ifindex;
uint32_t iph_grifindex;
uint32_t iph_zsrc;
uint32_t iph_zdst;
nd_uint8_t iph_version;
nd_uint8_t iph_family;
nd_uint16_t iph_htype;
nd_uint32_t iph_pktlen;
nd_uint32_t iph_ifindex;
nd_uint32_t iph_grifindex;
nd_uint32_t iph_zsrc;
nd_uint32_t iph_zdst;
} ipnet_hdr_t;
#define IPH_AF_INET 2 /* Matches Solaris's AF_INET */
@ -36,21 +39,26 @@ ipnet_hdr_print(netdissect_options *ndo, const u_char *bp, u_int length)
const ipnet_hdr_t *hdr;
hdr = (const ipnet_hdr_t *)bp;
ND_PRINT((ndo, "%d > %d", hdr->iph_zsrc, hdr->iph_zdst));
ND_TCHECK(*hdr);
ND_PRINT((ndo, "%d > %d", EXTRACT_32BITS(hdr->iph_zsrc),
EXTRACT_32BITS(hdr->iph_zdst)));
if (!ndo->ndo_qflag) {
ND_PRINT((ndo,", family %s (%d)",
tok2str(ipnet_values, "Unknown",
hdr->iph_family),
hdr->iph_family));
EXTRACT_8BITS(&hdr->iph_family)),
EXTRACT_8BITS(&hdr->iph_family)));
} else {
ND_PRINT((ndo,", %s",
tok2str(ipnet_values,
"Unknown Ethertype (0x%04x)",
hdr->iph_family)));
EXTRACT_8BITS(&hdr->iph_family))));
}
ND_PRINT((ndo, ", length %u: ", length));
return;
trunc:
ND_PRINT((ndo, " %s", tstr));
}
static void
@ -58,10 +66,8 @@ ipnet_print(netdissect_options *ndo, const u_char *p, u_int length, u_int caplen
{
const ipnet_hdr_t *hdr;
if (caplen < sizeof(ipnet_hdr_t)) {
ND_PRINT((ndo, "[|ipnet]"));
return;
}
if (caplen < sizeof(ipnet_hdr_t))
goto trunc;
if (ndo->ndo_eflag)
ipnet_hdr_print(ndo, p, length);
@ -71,7 +77,8 @@ ipnet_print(netdissect_options *ndo, const u_char *p, u_int length, u_int caplen
hdr = (const ipnet_hdr_t *)p;
p += sizeof(ipnet_hdr_t);
switch (hdr->iph_family) {
ND_TCHECK2(hdr->iph_family, 1);
switch (EXTRACT_8BITS(&hdr->iph_family)) {
case IPH_AF_INET:
ip_print(ndo, p, length);
@ -90,6 +97,9 @@ ipnet_print(netdissect_options *ndo, const u_char *p, u_int length, u_int caplen
ND_DEFAULTPRINT(p, caplen);
break;
}
return;
trunc:
ND_PRINT((ndo, " %s", tstr));
}
/*

1
contrib/tcpdump/print-isakmp.c
View File

@ -1769,6 +1769,7 @@ ikev1_n_print(netdissect_options *ndo, u_char tpay _U_,
}
case IPSECDOI_NTYPE_REPLAY_STATUS:
ND_PRINT((ndo," status=("));
ND_TCHECK_32BITS(cp);
ND_PRINT((ndo,"replay detection %sabled",
EXTRACT_32BITS(cp) ? "en" : "dis"));
ND_PRINT((ndo,")"));

5
contrib/tcpdump/print-juniper.c
View File

@ -1354,6 +1354,11 @@ juniper_parse_header(netdissect_options *ndo,
lp->s,
l2info->cookie_len));
if (l2info->cookie_len > 8) {
ND_PRINT((ndo, " (invalid)"));
return 0;
}
if (l2info->cookie_len > 0) {
ND_TCHECK2(p[0], l2info->cookie_len);
if (ndo->ndo_eflag)

214
contrib/tcpdump/print-l2tp.c
View File

@ -23,6 +23,8 @@
/* \summary: Layer Two Tunneling Protocol (L2TP) printer */
/* specification: RFC 2661 */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
@ -143,7 +145,7 @@ static const struct tok l2tp_msgtype2str[] = {
#define L2TP_AVP_PRIVATE_GRP_ID 37 /* Private Group ID */
#define L2TP_AVP_RX_CONN_SPEED 38 /* (Rx) Connect Speed */
#define L2TP_AVP_SEQ_REQUIRED 39 /* Sequencing Required */
#define L2TP_AVP_PPP_DISCON_CC 46 /* PPP Disconnect Cause Code */
#define L2TP_AVP_PPP_DISCON_CC 46 /* PPP Disconnect Cause Code - RFC 3145 */
static const struct tok l2tp_avp2str[] = {
{ L2TP_AVP_MSGTYPE, "MSGTYPE" },
@ -282,15 +284,15 @@ print_octets(netdissect_options *ndo, const u_char *dat, u_int length)
}
static void
print_16bits_val(netdissect_options *ndo, const uint16_t *dat)
print_16bits_val(netdissect_options *ndo, const uint8_t *dat)
{
ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat)));
}
static void
print_32bits_val(netdissect_options *ndo, const uint32_t *dat)
print_32bits_val(netdissect_options *ndo, const uint8_t *dat)
{
ND_PRINT((ndo, "%lu", (u_long)EXTRACT_32BITS(dat)));
ND_PRINT((ndo, "%u", EXTRACT_32BITS(dat)));
}
/***********************************/
@ -299,28 +301,24 @@ print_32bits_val(netdissect_options *ndo, const uint32_t *dat)
static void
l2tp_msgtype_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%s", tok2str(l2tp_msgtype2str, "MSGTYPE-#%u",
EXTRACT_16BITS(ptr))));
EXTRACT_16BITS(dat))));
}
static void
l2tp_result_code_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
/* Result Code */
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%u", EXTRACT_16BITS(ptr)));
ptr++;
ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat)));
dat += 2;
length -= 2;
/* Error Code (opt) */
@ -330,19 +328,19 @@ l2tp_result_code_print(netdissect_options *ndo, const u_char *dat, u_int length)
ND_PRINT((ndo, " AVP too short"));
return;
}
ND_PRINT((ndo, "/%u", EXTRACT_16BITS(ptr)));
ptr++;
ND_PRINT((ndo, "/%u", EXTRACT_16BITS(dat)));
dat += 2;
length -= 2;
/* Error Message (opt) */
if (length == 0)
return;
ND_PRINT((ndo, " "));
print_string(ndo, (const u_char *)ptr, length);
print_string(ndo, dat, length);
}
static void
l2tp_proto_ver_print(netdissect_options *ndo, const uint16_t *dat, u_int length)
l2tp_proto_ver_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
@ -355,16 +353,14 @@ l2tp_proto_ver_print(netdissect_options *ndo, const uint16_t *dat, u_int length)
static void
l2tp_framing_cap_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_CAP_ASYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_CAP_ASYNC_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_CAP_SYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_CAP_SYNC_MASK) {
ND_PRINT((ndo, "S"));
}
}
@ -372,16 +368,14 @@ l2tp_framing_cap_print(netdissect_options *ndo, const u_char *dat, u_int length)
static void
l2tp_bearer_cap_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_CAP_ANALOG_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_CAP_ANALOG_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_CAP_DIGITAL_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_CAP_DIGITAL_MASK) {
ND_PRINT((ndo, "D"));
}
}
@ -393,8 +387,8 @@ l2tp_q931_cc_print(netdissect_options *ndo, const u_char *dat, u_int length)
ND_PRINT((ndo, "AVP too short"));
return;
}
print_16bits_val(ndo, (const uint16_t *)dat);
ND_PRINT((ndo, ", %02x", dat[2]));
print_16bits_val(ndo, dat);
ND_PRINT((ndo, ", %02x", EXTRACT_8BITS(dat + 2)));
dat += 3;
length -= 3;
if (length != 0) {
@ -406,16 +400,14 @@ l2tp_q931_cc_print(netdissect_options *ndo, const u_char *dat, u_int length)
static void
l2tp_bearer_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_TYPE_ANALOG_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_TYPE_ANALOG_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_BEARER_TYPE_DIGITAL_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_BEARER_TYPE_DIGITAL_MASK) {
ND_PRINT((ndo, "D"));
}
}
@ -423,16 +415,14 @@ l2tp_bearer_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
static void
l2tp_framing_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint32_t *ptr = (const uint32_t *)dat;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_TYPE_ASYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_TYPE_ASYNC_MASK) {
ND_PRINT((ndo, "A"));
}
if (EXTRACT_32BITS(ptr) & L2TP_FRAMING_TYPE_SYNC_MASK) {
if (EXTRACT_32BITS(dat) & L2TP_FRAMING_TYPE_SYNC_MASK) {
ND_PRINT((ndo, "S"));
}
}
@ -446,125 +436,109 @@ l2tp_packet_proc_delay_print(netdissect_options *ndo)
static void
l2tp_proxy_auth_type_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%s", tok2str(l2tp_authentype2str,
"AuthType-#%u", EXTRACT_16BITS(ptr))));
"AuthType-#%u", EXTRACT_16BITS(dat))));
}
static void
l2tp_proxy_auth_id_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ND_PRINT((ndo, "%u", EXTRACT_16BITS(ptr) & L2TP_PROXY_AUTH_ID_MASK));
ND_PRINT((ndo, "%u", EXTRACT_16BITS(dat) & L2TP_PROXY_AUTH_ID_MASK));
}
static void
l2tp_call_errors_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
uint16_t val_h, val_l;
uint32_t val;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ptr++; /* skip "Reserved" */
dat += 2; /* skip "Reserved" */
length -= 2;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "CRCErr=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "CRCErr=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "FrameErr=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "FrameErr=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "HardOver=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "HardOver=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "BufOver=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "BufOver=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "Timeout=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "Timeout=%u ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++;
val_l = EXTRACT_16BITS(ptr); ptr++;
ND_PRINT((ndo, "AlignErr=%u ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "AlignErr=%u ", val));
}
static void
l2tp_accm_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
uint16_t val_h, val_l;
uint32_t val;
if (length < 2) {
ND_PRINT((ndo, "AVP too short"));
return;
}
ptr++; /* skip "Reserved" */
dat += 2; /* skip "Reserved" */
length -= 2;
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++; length -= 2;
val_l = EXTRACT_16BITS(ptr); ptr++; length -= 2;
ND_PRINT((ndo, "send=%08x ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "send=%08x ", val));
if (length < 4) {
ND_PRINT((ndo, "AVP too short"));
return;
}
val_h = EXTRACT_16BITS(ptr); ptr++;
val_l = EXTRACT_16BITS(ptr); ptr++;
ND_PRINT((ndo, "recv=%08x ", (val_h<<16) + val_l));
val = EXTRACT_32BITS(dat); dat += 4; length -= 4;
ND_PRINT((ndo, "recv=%08x ", val));
}
static void
l2tp_ppp_discon_cc_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
const uint16_t *ptr = (const uint16_t *)dat;
if (length < 5) {
ND_PRINT((ndo, "AVP too short"));
return;
@ -579,32 +553,27 @@ l2tp_ppp_discon_cc_print(netdissect_options *ndo, const u_char *dat, u_int lengt
length -= 2;
/* Direction */
ND_PRINT((ndo, "%s", tok2str(l2tp_cc_direction2str,
"Direction-#%u", EXTRACT_8BITS(ptr))));
ptr++;
"Direction-#%u", EXTRACT_8BITS(dat))));
dat++;
length--;
if (length != 0) {
ND_PRINT((ndo, " "));
print_string(ndo, (const u_char *)ptr, length);
print_string(ndo, (const u_char *)dat, length);
}
}
static void
l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
static u_int
l2tp_avp_print(netdissect_options *ndo, const u_char *dat, u_int length)
{
u_int len;
const uint16_t *ptr = (const uint16_t *)dat;
uint16_t attr_type;
int hidden = FALSE;
if (length <= 0) {
return;
}
ND_PRINT((ndo, " "));
ND_TCHECK(*ptr); /* Flags & Length */
len = EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_LEN_MASK;
ND_TCHECK_16BITS(dat); /* Flags & Length */
len = EXTRACT_16BITS(dat) & L2TP_AVP_HDR_LEN_MASK;
/* If it is not long enough to contain the header, we'll give up. */
if (len < 6)
@ -617,7 +586,7 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
/* If it goes past the end of the remaining length of the captured
data, we'll give up. */
ND_TCHECK2(*ptr, len);
ND_TCHECK2(*dat, len);
/*
* After this point, we don't need to check whether we go past
@ -625,26 +594,26 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
* check whether we go past the end of the AVP.
*/
if (EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_FLAG_MANDATORY) {
if (EXTRACT_16BITS(dat) & L2TP_AVP_HDR_FLAG_MANDATORY) {
ND_PRINT((ndo, "*"));
}
if (EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_FLAG_HIDDEN) {
if (EXTRACT_16BITS(dat) & L2TP_AVP_HDR_FLAG_HIDDEN) {
hidden = TRUE;
ND_PRINT((ndo, "?"));
}
ptr++;
dat += 2;
if (EXTRACT_16BITS(ptr)) {
if (EXTRACT_16BITS(dat)) {
/* Vendor Specific Attribute */
ND_PRINT((ndo, "VENDOR%04x:", EXTRACT_16BITS(ptr))); ptr++;
ND_PRINT((ndo, "ATTR%04x", EXTRACT_16BITS(ptr))); ptr++;
ND_PRINT((ndo, "VENDOR%04x:", EXTRACT_16BITS(dat))); dat += 2;
ND_PRINT((ndo, "ATTR%04x", EXTRACT_16BITS(dat))); dat += 2;
ND_PRINT((ndo, "("));
print_octets(ndo, (const u_char *)ptr, len-6);
print_octets(ndo, dat, len-6);
ND_PRINT((ndo, ")"));
} else {
/* IETF-defined Attributes */
ptr++;
attr_type = EXTRACT_16BITS(ptr); ptr++;
dat += 2;
attr_type = EXTRACT_16BITS(dat); dat += 2;
ND_PRINT((ndo, "%s", tok2str(l2tp_avp2str, "AVP-#%u", attr_type)));
ND_PRINT((ndo, "("));
if (hidden) {
@ -652,26 +621,26 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
} else {
switch (attr_type) {
case L2TP_AVP_MSGTYPE:
l2tp_msgtype_print(ndo, (const u_char *)ptr, len-6);
l2tp_msgtype_print(ndo, dat, len-6);
break;
case L2TP_AVP_RESULT_CODE:
l2tp_result_code_print(ndo, (const u_char *)ptr, len-6);
l2tp_result_code_print(ndo, dat, len-6);
break;
case L2TP_AVP_PROTO_VER:
l2tp_proto_ver_print(ndo, ptr, len-6);
l2tp_proto_ver_print(ndo, dat, len-6);
break;
case L2TP_AVP_FRAMING_CAP:
l2tp_framing_cap_print(ndo, (const u_char *)ptr, len-6);
l2tp_framing_cap_print(ndo, dat, len-6);
break;
case L2TP_AVP_BEARER_CAP:
l2tp_bearer_cap_print(ndo, (const u_char *)ptr, len-6);
l2tp_bearer_cap_print(ndo, dat, len-6);
break;
case L2TP_AVP_TIE_BREAKER:
if (len-6 < 8) {
ND_PRINT((ndo, "AVP too short"));
break;
}
print_octets(ndo, (const u_char *)ptr, 8);
print_octets(ndo, dat, 8);
break;
case L2TP_AVP_FIRM_VER:
case L2TP_AVP_ASSND_TUN_ID:
@ -681,7 +650,7 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
ND_PRINT((ndo, "AVP too short"));
break;
}
print_16bits_val(ndo, ptr);
print_16bits_val(ndo, dat);
break;
case L2TP_AVP_HOST_NAME:
case L2TP_AVP_VENDOR_NAME:
@ -690,7 +659,7 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
case L2TP_AVP_SUB_ADDRESS:
case L2TP_AVP_PROXY_AUTH_NAME:
case L2TP_AVP_PRIVATE_GRP_ID:
print_string(ndo, (const u_char *)ptr, len-6);
print_string(ndo, dat, len-6);
break;
case L2TP_AVP_CHALLENGE:
case L2TP_AVP_INI_RECV_LCP:
@ -699,17 +668,17 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
case L2TP_AVP_PROXY_AUTH_CHAL:
case L2TP_AVP_PROXY_AUTH_RESP:
case L2TP_AVP_RANDOM_VECTOR:
print_octets(ndo, (const u_char *)ptr, len-6);
print_octets(ndo, dat, len-6);
break;
case L2TP_AVP_Q931_CC:
l2tp_q931_cc_print(ndo, (const u_char *)ptr, len-6);
l2tp_q931_cc_print(ndo, dat, len-6);
break;
case L2TP_AVP_CHALLENGE_RESP:
if (len-6 < 16) {
ND_PRINT((ndo, "AVP too short"));
break;
}
print_octets(ndo, (const u_char *)ptr, 16);
print_octets(ndo, dat, 16);
break;
case L2TP_AVP_CALL_SER_NUM:
case L2TP_AVP_MINIMUM_BPS:
@ -721,33 +690,33 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
ND_PRINT((ndo, "AVP too short"));
break;
}
print_32bits_val(ndo, (const uint32_t *)ptr);
print_32bits_val(ndo, dat);
break;
case L2TP_AVP_BEARER_TYPE:
l2tp_bearer_type_print(ndo, (const u_char *)ptr, len-6);
l2tp_bearer_type_print(ndo, dat, len-6);
break;
case L2TP_AVP_FRAMING_TYPE:
l2tp_framing_type_print(ndo, (const u_char *)ptr, len-6);
l2tp_framing_type_print(ndo, dat, len-6);
break;
case L2TP_AVP_PACKET_PROC_DELAY:
l2tp_packet_proc_delay_print(ndo);
break;
case L2TP_AVP_PROXY_AUTH_TYPE:
l2tp_proxy_auth_type_print(ndo, (const u_char *)ptr, len-6);
l2tp_proxy_auth_type_print(ndo, dat, len-6);
break;
case L2TP_AVP_PROXY_AUTH_ID:
l2tp_proxy_auth_id_print(ndo, (const u_char *)ptr, len-6);
l2tp_proxy_auth_id_print(ndo, dat, len-6);
break;
case L2TP_AVP_CALL_ERRORS:
l2tp_call_errors_print(ndo, (const u_char *)ptr, len-6);
l2tp_call_errors_print(ndo, dat, len-6);
break;
case L2TP_AVP_ACCM:
l2tp_accm_print(ndo, (const u_char *)ptr, len-6);
l2tp_accm_print(ndo, dat, len-6);
break;
case L2TP_AVP_SEQ_REQUIRED:
break; /* No Attribute Value */
case L2TP_AVP_PPP_DISCON_CC:
l2tp_ppp_discon_cc_print(ndo, (const u_char *)ptr, len-6);
l2tp_ppp_discon_cc_print(ndo, dat, len-6);
break;
default:
break;
@ -756,11 +725,11 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, int length)
ND_PRINT((ndo, ")"));
}
l2tp_avp_print(ndo, dat+len, length-len);
return;
return (len);
trunc:
ND_PRINT((ndo, "|..."));
return (0);
}
@ -865,7 +834,22 @@ l2tp_print(netdissect_options *ndo, const u_char *dat, u_int length)
if (length - cnt == 0) {
ND_PRINT((ndo, " ZLB"));
} else {
l2tp_avp_print(ndo, ptr, length - cnt);
/*
* Print AVPs.
*/
while (length - cnt != 0) {
u_int avp_length;
avp_length = l2tp_avp_print(ndo, ptr, length - cnt);
if (avp_length == 0) {
/*
* Truncated.
*/
break;
}
cnt += avp_length;
ptr += avp_length;
}
}
} else {
ND_PRINT((ndo, " {"));

28
contrib/tcpdump/print-ldp.c
View File

@ -29,6 +29,8 @@
#include "l2vpn.h"
#include "af.h"
static const char tstr[] = " [|LDP]";
/*
* ldp common header
*
@ -210,7 +212,7 @@ static const struct tok ldp_fec_martini_ifparm_vccv_cv_values[] = {
{ 0, NULL}
};
static int ldp_pdu_print(netdissect_options *, register const u_char *);
static u_int ldp_pdu_print(netdissect_options *, register const u_char *);
/*
* ldp tlv header
@ -435,19 +437,24 @@ ldp_tlv_print(netdissect_options *ndo,
switch(vc_info_tlv_type) {
case LDP_FEC_MARTINI_IFPARM_MTU:
ND_TCHECK_16BITS(tptr + 2);
ND_PRINT((ndo, ": %u", EXTRACT_16BITS(tptr+2)));
break;
case LDP_FEC_MARTINI_IFPARM_DESC:
ND_PRINT((ndo, ": "));
for (idx = 2; idx < vc_info_tlv_len; idx++)
for (idx = 2; idx < vc_info_tlv_len; idx++) {
ND_TCHECK_8BITS(tptr + idx);
safeputchar(ndo, *(tptr + idx));
}
break;
case LDP_FEC_MARTINI_IFPARM_VCCV:
ND_TCHECK_8BITS(tptr + 2);
ND_PRINT((ndo, "\n\t\t Control Channels (0x%02x) = [%s]",
*(tptr+2),
bittok2str(ldp_fec_martini_ifparm_vccv_cc_values, "none", *(tptr+2))));
ND_TCHECK_8BITS(tptr + 3);
ND_PRINT((ndo, "\n\t\t CV Types (0x%02x) = [%s]",
*(tptr+3),
bittok2str(ldp_fec_martini_ifparm_vccv_cv_values, "none", *(tptr+3))));
@ -486,7 +493,7 @@ ldp_tlv_print(netdissect_options *ndo,
break;
case LDP_TLV_FT_SESSION:
TLV_TCHECK(8);
TLV_TCHECK(12);
ft_flags = EXTRACT_16BITS(tptr);
ND_PRINT((ndo, "\n\t Flags: [%sReconnect, %sSave State, %sAll-Label Protection, %s Checkpoint, %sRe-Learn State]",
ft_flags&0x8000 ? "" : "No ",
@ -494,6 +501,7 @@ ldp_tlv_print(netdissect_options *ndo,
ft_flags&0x4 ? "" : "No ",
ft_flags&0x2 ? "Sequence Numbered Label" : "All Labels",
ft_flags&0x1 ? "" : "Don't "));
/* 16 bits (FT Flags) + 16 bits (Reserved) */
tptr+=4;
ui = EXTRACT_32BITS(tptr);
if (ui)
@ -534,7 +542,7 @@ ldp_tlv_print(netdissect_options *ndo,
return(tlv_len+4); /* Type & Length fields not included */
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
ND_PRINT((ndo, "%s", tstr));
return 0;
badtlv:
@ -546,17 +554,23 @@ void
ldp_print(netdissect_options *ndo,
register const u_char *pptr, register u_int len)
{
int processed;
u_int processed;
while (len > (sizeof(struct ldp_common_header) + sizeof(struct ldp_msg_header))) {
processed = ldp_pdu_print(ndo, pptr);
if (processed == 0)
return;
if (len < processed) {
ND_PRINT((ndo, " [remaining length %u < %u]", len, processed));
ND_PRINT((ndo, "%s", istr));
break;
}
len -= processed;
pptr += processed;
}
}
static int
static u_int
ldp_pdu_print(netdissect_options *ndo,
register const u_char *pptr)
{
@ -686,7 +700,7 @@ ldp_pdu_print(netdissect_options *ndo,
}
return pdu_len+4;
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
ND_PRINT((ndo, "%s", tstr));
return 0;
}

59
contrib/tcpdump/print-lmp.c
View File

@ -31,6 +31,8 @@
#include "addrtoname.h"
#include "gmpls.h"
static const char tstr[] = " [|LMP]";
/*
* LMP common header
*
@ -367,8 +369,9 @@ lmp_print_data_link_subobjs(netdissect_options *ndo, const u_char *obj_tptr,
} bw;
while (total_subobj_len > 0 && hexdump == FALSE ) {
subobj_type = EXTRACT_8BITS(obj_tptr+offset);
subobj_len = EXTRACT_8BITS(obj_tptr+offset+1);
ND_TCHECK_16BITS(obj_tptr + offset);
subobj_type = EXTRACT_8BITS(obj_tptr + offset);
subobj_len = EXTRACT_8BITS(obj_tptr + offset + 1);
ND_PRINT((ndo, "\n\t Subobject, Type: %s (%u), Length: %u",
tok2str(lmp_data_link_subobj,
"Unknown",
@ -389,24 +392,29 @@ lmp_print_data_link_subobjs(netdissect_options *ndo, const u_char *obj_tptr,
}
switch(subobj_type) {
case INT_SWITCHING_TYPE_SUBOBJ:
ND_TCHECK_8BITS(obj_tptr + offset + 2);
ND_PRINT((ndo, "\n\t Switching Type: %s (%u)",
tok2str(gmpls_switch_cap_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+offset+2)),
EXTRACT_8BITS(obj_tptr+offset+2)));
EXTRACT_8BITS(obj_tptr + offset + 2)),
EXTRACT_8BITS(obj_tptr + offset + 2)));
ND_TCHECK_8BITS(obj_tptr + offset + 3);
ND_PRINT((ndo, "\n\t Encoding Type: %s (%u)",
tok2str(gmpls_encoding_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+offset+3)),
EXTRACT_8BITS(obj_tptr+offset+3)));
EXTRACT_8BITS(obj_tptr + offset + 3)),
EXTRACT_8BITS(obj_tptr + offset + 3)));
ND_TCHECK_32BITS(obj_tptr + offset + 4);
bw.i = EXTRACT_32BITS(obj_tptr+offset+4);
ND_PRINT((ndo, "\n\t Min Reservable Bandwidth: %.3f Mbps",
bw.f*8/1000000));
ND_TCHECK_32BITS(obj_tptr + offset + 8);
bw.i = EXTRACT_32BITS(obj_tptr+offset+8);
ND_PRINT((ndo, "\n\t Max Reservable Bandwidth: %.3f Mbps",
bw.f*8/1000000));
break;
case WAVELENGTH_SUBOBJ:
ND_TCHECK_32BITS(obj_tptr + offset + 4);
ND_PRINT((ndo, "\n\t Wavelength: %u",
EXTRACT_32BITS(obj_tptr+offset+4)));
break;
@ -419,6 +427,8 @@ lmp_print_data_link_subobjs(netdissect_options *ndo, const u_char *obj_tptr,
offset+=subobj_len;
}
return (hexdump);
trunc:
return -1;
}
void
@ -429,7 +439,7 @@ lmp_print(netdissect_options *ndo,
const struct lmp_object_header *lmp_obj_header;
const u_char *tptr,*obj_tptr;
u_int tlen,lmp_obj_len,lmp_obj_ctype,obj_tlen;
int hexdump;
int hexdump, ret;
u_int offset;
u_int link_type;
@ -731,7 +741,10 @@ lmp_print(netdissect_options *ndo,
ipaddr_string(ndo, obj_tptr+8),
EXTRACT_32BITS(obj_tptr+8)));
if (lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12))
ret = lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12);
if (ret == -1)
goto trunc;
if (ret == TRUE)
hexdump=TRUE;
break;
@ -751,7 +764,10 @@ lmp_print(netdissect_options *ndo,
ip6addr_string(ndo, obj_tptr+20),
EXTRACT_32BITS(obj_tptr+20)));
if (lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 36, 36))
ret = lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 36, 36);
if (ret == -1)
goto trunc;
if (ret == TRUE)
hexdump=TRUE;
break;
@ -771,7 +787,10 @@ lmp_print(netdissect_options *ndo,
EXTRACT_32BITS(obj_tptr+8),
EXTRACT_32BITS(obj_tptr+8)));
if (lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12))
ret = lmp_print_data_link_subobjs(ndo, obj_tptr, obj_tlen - 12, 12);
if (ret == -1)
goto trunc;
if (ret == TRUE)
hexdump=TRUE;
break;
@ -1012,7 +1031,7 @@ lmp_print(netdissect_options *ndo,
EXTRACT_8BITS(obj_tptr))));
ND_PRINT((ndo, "\n\t UNI Version: %u",
EXTRACT_8BITS(obj_tptr+1)));
EXTRACT_8BITS(obj_tptr + 1)));
break;
@ -1034,28 +1053,28 @@ lmp_print(netdissect_options *ndo,
ND_PRINT((ndo, "\n\t Signal Type: %s (%u)",
tok2str(lmp_sd_service_config_cpsa_signal_type_sdh_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+1)),
EXTRACT_8BITS(obj_tptr+1)));
EXTRACT_8BITS(obj_tptr + 1)),
EXTRACT_8BITS(obj_tptr + 1)));
break;
case LMP_SD_SERVICE_CONFIG_CPSA_LINK_TYPE_SONET:
ND_PRINT((ndo, "\n\t Signal Type: %s (%u)",
tok2str(lmp_sd_service_config_cpsa_signal_type_sonet_values,
"Unknown",
EXTRACT_8BITS(obj_tptr+1)),
EXTRACT_8BITS(obj_tptr+1)));
EXTRACT_8BITS(obj_tptr + 1)),
EXTRACT_8BITS(obj_tptr + 1)));
break;
}
ND_PRINT((ndo, "\n\t Transparency: %s",
bittok2str(lmp_obj_service_config_cpsa_tp_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+2))));
EXTRACT_8BITS(obj_tptr + 2))));
ND_PRINT((ndo, "\n\t Contiguous Concatenation Types: %s",
bittok2str(lmp_obj_service_config_cpsa_cct_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+3))));
EXTRACT_8BITS(obj_tptr + 3))));
ND_PRINT((ndo, "\n\t Minimum NCC: %u",
EXTRACT_16BITS(obj_tptr+4)));
@ -1091,7 +1110,7 @@ lmp_print(netdissect_options *ndo,
bittok2str(
lmp_obj_service_config_nsa_tcm_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+7))));
EXTRACT_8BITS(obj_tptr + 7))));
break;
@ -1105,7 +1124,7 @@ lmp_print(netdissect_options *ndo,
bittok2str(
lmp_obj_service_config_nsa_network_diversity_flag_values,
"none",
EXTRACT_8BITS(obj_tptr+3))));
EXTRACT_8BITS(obj_tptr + 3))));
break;
default:
@ -1129,7 +1148,7 @@ lmp_print(netdissect_options *ndo,
}
return;
trunc:
ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
ND_PRINT((ndo, "%s", tstr));
}
/*
* Local Variables:

4
contrib/tcpdump/print-nfs.c
View File

@ -1568,8 +1568,8 @@ interp_reply(netdissect_options *ndo,
tok2str(nfsv3_writemodes,
NULL, EXTRACT_32BITS(&dp[1]))));
}
return;
}
return;
} else {
if (parseattrstat(ndo, dp, ndo->ndo_vflag, v3) != 0)
return;
@ -1655,8 +1655,8 @@ interp_reply(netdissect_options *ndo,
ND_PRINT((ndo, " dir:"));
if (!(dp = parse_wcc_data(ndo, dp, ndo->ndo_vflag)))
break;
return;
}
return;
} else {
if (parsestatus(ndo, dp, &er) != NULL)
return;

8
contrib/tcpdump/print-openflow.c
View File

@ -132,11 +132,9 @@ of_header_body_print(netdissect_options *ndo, const u_char *cp, const u_char *ep
/* Print a TCP segment worth of OpenFlow messages presuming the segment begins
* on a message boundary. */
void
openflow_print(netdissect_options *ndo, const u_char *cp, const u_int len)
openflow_print(netdissect_options *ndo, const u_char *cp, const u_int len _U_)
{
const u_char *ep = cp + len;
ND_PRINT((ndo, ": OpenFlow"));
while (cp < ep)
cp = of_header_body_print(ndo, cp, ep);
while (cp < ndo->ndo_snapend)
cp = of_header_body_print(ndo, cp, ndo->ndo_snapend);
}

4
contrib/tcpdump/print-ospf.c
View File

@ -706,7 +706,7 @@ ospf_print_lsa(netdissect_options *ndo,
while ((const u_char *)lp < ls_end) {
register uint32_t ul;
ND_TCHECK(*lp);
ND_TCHECK_32BITS(lp);
ul = EXTRACT_32BITS(lp);
topology = (ul & SLA_MASK_TOS) >> SLA_SHIFT_TOS;
ND_PRINT((ndo, "\n\t\ttopology %s (%u) metric %d",
@ -723,7 +723,7 @@ ospf_print_lsa(netdissect_options *ndo,
while ((const u_char *)lp < ls_end) {
register uint32_t ul;
ND_TCHECK(*lp);
ND_TCHECK_32BITS(lp);
ul = EXTRACT_32BITS(lp);
topology = (ul & SLA_MASK_TOS) >> SLA_SHIFT_TOS;
ND_PRINT((ndo, "\n\t\ttopology %s (%u) metric %d",

3
contrib/tcpdump/print-ospf6.c
View File

@ -389,8 +389,7 @@ ospf6_print_lshdr(netdissect_options *ndo,
{
if ((const u_char *)(lshp + 1) > dataend)
goto trunc;
ND_TCHECK(lshp->ls_type);
ND_TCHECK(lshp->ls_seq);
ND_TCHECK(lshp->ls_length); /* last field of struct lsa6_hdr */
ND_PRINT((ndo, "\n\t Advertising Router %s, seq 0x%08x, age %us, length %u",
ipaddr_string(ndo, &lshp->ls_router),

4
contrib/tcpdump/print-ppi.c
View File

@ -68,6 +68,7 @@ ppi_print(netdissect_options *ndo,
}
hdr = (const ppi_header_t *)p;
ND_TCHECK_16BITS(&hdr->ppi_len);
len = EXTRACT_LE_16BITS(&hdr->ppi_len);
if (caplen < len) {
/*
@ -81,6 +82,7 @@ ppi_print(netdissect_options *ndo,
ND_PRINT((ndo, "[|ppi]"));
return (len);
}
ND_TCHECK_32BITS(&hdr->ppi_dlt);
dlt = EXTRACT_LE_32BITS(&hdr->ppi_dlt);
if (ndo->ndo_eflag)
@ -104,6 +106,8 @@ ppi_print(netdissect_options *ndo,
hdrlen = 0;
}
return (len + hdrlen);
trunc:
return (caplen);
}
/*

2
contrib/tcpdump/print-rsvp.c
View File

@ -499,6 +499,7 @@ rsvp_intserv_print(netdissect_options *ndo,
if (obj_tlen < 4)
return 0;
ND_TCHECK_8BITS(tptr);
parameter_id = *(tptr);
ND_TCHECK2(*(tptr + 2), 2);
parameter_length = EXTRACT_16BITS(tptr+2)<<2; /* convert wordcount to bytecount */
@ -1554,6 +1555,7 @@ rsvp_obj_print(netdissect_options *ndo,
case RSVP_OBJ_CLASSTYPE_OLD: /* fall through */
switch(rsvp_obj_ctype) {
case RSVP_CTYPE_1:
ND_TCHECK_32BITS(obj_tptr);
ND_PRINT((ndo, "%s CT: %u",
ident,
EXTRACT_32BITS(obj_tptr) & 0x7));

8
contrib/tcpdump/print-rx.c
View File

@ -694,7 +694,7 @@ rx_cache_insert(netdissect_options *ndo,
UNALIGNED_MEMCPY(&rxent->client, &ip->ip_src, sizeof(uint32_t));
UNALIGNED_MEMCPY(&rxent->server, &ip->ip_dst, sizeof(uint32_t));
rxent->dport = dport;
rxent->serviceId = EXTRACT_32BITS(&rxh->serviceId);
rxent->serviceId = EXTRACT_16BITS(&rxh->serviceId);
rxent->opcode = EXTRACT_32BITS(bp + sizeof(struct rx_header));
}
@ -725,7 +725,7 @@ rx_cache_find(const struct rx_header *rxh, const struct ip *ip, int sport,
if (rxent->callnum == EXTRACT_32BITS(&rxh->callNumber) &&
rxent->client.s_addr == clip &&
rxent->server.s_addr == sip &&
rxent->serviceId == EXTRACT_32BITS(&rxh->serviceId) &&
rxent->serviceId == EXTRACT_16BITS(&rxh->serviceId) &&
rxent->dport == sport) {
/* We got a match! */
@ -1019,6 +1019,7 @@ fs_print(netdissect_options *ndo,
}
if (j == 0)
ND_PRINT((ndo, " <none!>"));
break;
}
case 65537: /* Fetch data 64 */
FIDOUT();
@ -1279,6 +1280,7 @@ cb_print(netdissect_options *ndo,
bp += sizeof(int32_t);
tok2str(cb_types, "type %d", t);
}
break;
}
case 214: {
ND_PRINT((ndo, " afsuuid"));
@ -1740,6 +1742,7 @@ vldb_reply_print(netdissect_options *ndo,
INTOUT();
ND_PRINT((ndo, " nextindex"));
INTOUT();
/*FALLTHROUGH*/
case 503: /* Get entry by id */
case 504: /* Get entry by name */
{ unsigned long nservers, j;
@ -1789,6 +1792,7 @@ vldb_reply_print(netdissect_options *ndo,
INTOUT();
ND_PRINT((ndo, " nextindex"));
INTOUT();
/*FALLTHROUGH*/
case 518: /* Get entry by ID N */
case 519: /* Get entry by name N */
{ unsigned long nservers, j;

10
contrib/tcpdump/print-sflow.c
View File

@ -881,6 +881,14 @@ sflow_print(netdissect_options *ndo,
tptr = pptr;
tlen = len;
sflow_datagram = (const struct sflow_datagram_t *)pptr;
if (len < sizeof(struct sflow_datagram_t)) {
ND_TCHECK(sflow_datagram->version);
ND_PRINT((ndo, "sFlowv%u", EXTRACT_32BITS(sflow_datagram->version)));
ND_PRINT((ndo, " [length %u < %zu]",
len, sizeof(struct sflow_datagram_t)));
ND_PRINT((ndo, " (invalid)"));
return;
}
ND_TCHECK(*sflow_datagram);
/*
@ -916,6 +924,8 @@ sflow_print(netdissect_options *ndo,
/* skip Common header */
tptr += sizeof(const struct sflow_datagram_t);
if(tlen <= sizeof(const struct sflow_datagram_t)) goto trunc;
tlen -= sizeof(const struct sflow_datagram_t);
while (nsamples > 0 && tlen > 0) {

34
contrib/tcpdump/print-sl.c
View File

@ -52,8 +52,8 @@ static const char tstr[] = "[|slip]";
static u_int lastlen[2][256];
static u_int lastconn = 255;
static void sliplink_print(netdissect_options *, const u_char *, const struct ip *, u_int);
static void compressed_sl_print(netdissect_options *, const u_char *, const struct ip *, u_int, int);
static int sliplink_print(netdissect_options *, const u_char *, const struct ip *, u_int);
static int compressed_sl_print(netdissect_options *, const u_char *, const struct ip *, u_int, int);
u_int
sl_if_print(netdissect_options *ndo,
@ -74,7 +74,10 @@ sl_if_print(netdissect_options *ndo,
ip = (const struct ip *)(p + SLIP_HDRLEN);
if (ndo->ndo_eflag)
sliplink_print(ndo, p, ip, length);
if (sliplink_print(ndo, p, ip, length) == -1) {
ND_PRINT((ndo, "%s", tstr));
return (caplen + SLIP_HDRLEN);
}
if (caplen < 1 || length < 1) {
ND_PRINT((ndo, "%s", tstr));
@ -122,7 +125,7 @@ sl_bsdos_if_print(netdissect_options *ndo,
return (SLIP_HDRLEN);
}
static void
static int
sliplink_print(netdissect_options *ndo,
register const u_char *p, register const struct ip *ip,
register u_int length)
@ -153,7 +156,7 @@ sliplink_print(netdissect_options *ndo,
for (i = SLX_CHDR; i < SLX_CHDR + CHDR_LEN - 1; ++i)
ND_PRINT((ndo, "%02x.", p[i]));
ND_PRINT((ndo, "%02x: ", p[SLX_CHDR + CHDR_LEN - 1]));
return;
return 0;
}
switch (p[SLX_CHDR] & 0xf0) {
@ -171,9 +174,11 @@ sliplink_print(netdissect_options *ndo,
ND_PRINT((ndo, "utcp %d: ", lastconn));
if (dir == -1) {
/* Direction is bogus, don't use it */
return;
return 0;
}
ND_TCHECK(*ip);
hlen = IP_HL(ip);
ND_TCHECK(*((const struct tcphdr *)&((const int *)ip)[hlen]));
hlen += TH_OFF((const struct tcphdr *)&((const int *)ip)[hlen]);
lastlen[dir][lastconn] = length - (hlen << 2);
break;
@ -181,15 +186,19 @@ sliplink_print(netdissect_options *ndo,
default:
if (dir == -1) {
/* Direction is bogus, don't use it */
return;
return 0;
}
if (p[SLX_CHDR] & TYPE_COMPRESSED_TCP) {
compressed_sl_print(ndo, &p[SLX_CHDR], ip,
length, dir);
if (compressed_sl_print(ndo, &p[SLX_CHDR], ip,
length, dir) == -1)
goto trunc;
ND_PRINT((ndo, ": "));
} else
ND_PRINT((ndo, "slip-%d!: ", p[SLX_CHDR]));
}
return 0;
trunc:
return -1;
}
static const u_char *
@ -223,7 +232,7 @@ print_sl_winchange(netdissect_options *ndo,
return (cp);
}
static void
static int
compressed_sl_print(netdissect_options *ndo,
const u_char *chdr, const struct ip *ip,
u_int length, int dir)
@ -269,8 +278,13 @@ compressed_sl_print(netdissect_options *ndo,
* 'cp - chdr' is the length of the compressed header.
* 'length - hlen' is the amount of data in the packet.
*/
ND_TCHECK(*ip);
hlen = IP_HL(ip);
ND_TCHECK(*((const struct tcphdr *)&((const int32_t *)ip)[hlen]));
hlen += TH_OFF((const struct tcphdr *)&((const int32_t *)ip)[hlen]);
lastlen[dir][lastconn] = length - (hlen << 2);
ND_PRINT((ndo, " %d (%ld)", lastlen[dir][lastconn], (long)(cp - chdr)));
return 0;
trunc:
return -1;
}

11
contrib/tcpdump/print-sll.c
View File

@ -198,6 +198,7 @@ sll_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char
u_int caplen = h->caplen;
u_int length = h->len;
register const struct sll_header *sllp;
u_short hatype;
u_short ether_type;
int llc_hdrlen;
u_int hdrlen;
@ -225,6 +226,16 @@ sll_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char
p += SLL_HDR_LEN;
hdrlen = SLL_HDR_LEN;
hatype = EXTRACT_16BITS(&sllp->sll_hatype);
switch (hatype) {
case 803:
/*
* This is an packet with a radiotap header;
* just dissect the payload as such.
*/
return (SLL_HDR_LEN + ieee802_11_radio_print(ndo, p, length, caplen));
}
ether_type = EXTRACT_16BITS(&sllp->sll_protocol);
recurse:

13
contrib/tcpdump/print-smb.c
View File

@ -371,16 +371,21 @@ print_trans(netdissect_options *ndo,
ND_PRINT((ndo, "smb_bcc=%u\n", bcc));
if (bcc > 0) {
smb_fdata(ndo, data1 + 2, f2, maxbuf - (paramlen + datalen), unicodestr);
if (strcmp((const char *)(data1 + 2), "\\MAILSLOT\\BROWSE") == 0) {
#define MAILSLOT_BROWSE_STR "\\MAILSLOT\\BROWSE"
ND_TCHECK2(*(data1 + 2), strlen(MAILSLOT_BROWSE_STR) + 1);
if (strcmp((const char *)(data1 + 2), MAILSLOT_BROWSE_STR) == 0) {
print_browse(ndo, param, paramlen, data, datalen);
return;
}
#undef MAILSLOT_BROWSE_STR
if (strcmp((const char *)(data1 + 2), "\\PIPE\\LANMAN") == 0) {
#define PIPE_LANMAN_STR "\\PIPE\\LANMAN"
ND_TCHECK2(*(data1 + 2), strlen(PIPE_LANMAN_STR) + 1);
if (strcmp((const char *)(data1 + 2), PIPE_LANMAN_STR) == 0) {
print_ipc(ndo, param, paramlen, data, datalen);
return;
}
#undef PIPE_LANMAN_STR
if (paramlen)
smb_fdata(ndo, param, f3, min(param + paramlen, maxbuf), unicodestr);
@ -940,7 +945,9 @@ nbt_tcp_print(netdissect_options *ndo,
if (caplen < 4)
goto trunc;
maxbuf = data + caplen;
ND_TCHECK_8BITS(data);
type = data[0];
ND_TCHECK_16BITS(data + 2);
nbt_len = EXTRACT_16BITS(data + 2);
length -= 4;
caplen -= 4;

14
contrib/tcpdump/print-tcp.c
View File

@ -267,11 +267,11 @@ tcp_print(netdissect_options *ndo,
if (rev) {
UNALIGNED_MEMCPY(&tha.src, dst, sizeof ip6->ip6_dst);
UNALIGNED_MEMCPY(&tha.dst, src, sizeof ip6->ip6_src);
tha.port = dport << 16 | sport;
tha.port = ((u_int)dport) << 16 | sport;
} else {
UNALIGNED_MEMCPY(&tha.dst, dst, sizeof ip6->ip6_dst);
UNALIGNED_MEMCPY(&tha.src, src, sizeof ip6->ip6_src);
tha.port = sport << 16 | dport;
tha.port = ((u_int)sport) << 16 | dport;
}
for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
@ -318,11 +318,11 @@ tcp_print(netdissect_options *ndo,
if (rev) {
UNALIGNED_MEMCPY(&tha.src, &ip->ip_dst, sizeof ip->ip_dst);
UNALIGNED_MEMCPY(&tha.dst, &ip->ip_src, sizeof ip->ip_src);
tha.port = dport << 16 | sport;
tha.port = ((u_int)dport) << 16 | sport;
} else {
UNALIGNED_MEMCPY(&tha.dst, &ip->ip_dst, sizeof ip->ip_dst);
UNALIGNED_MEMCPY(&tha.src, &ip->ip_src, sizeof ip->ip_src);
tha.port = sport << 16 | dport;
tha.port = ((u_int)sport) << 16 | dport;
}
for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
@ -714,6 +714,12 @@ tcp_print(netdissect_options *ndo,
rtsp_print(ndo, bp, length);
} else if (length > 2 &&
(IS_SRC_OR_DST_PORT(NAMESERVER_PORT))) {
/* domain_print() assumes it does not have to prepend a space before its
* own output to separate it from the output of the calling function. This
* works well with udp_print(), but requires a small prop here.
*/
ND_PRINT((ndo, " "));
/*
* TCP DNS query has 2byte length at the head.
* XXX packet could be unaligned, it can go strange

8
contrib/tcpdump/print-vrrp.c
View File

@ -142,17 +142,21 @@ vrrp_print(netdissect_options *ndo,
vec[0].ptr = bp;
vec[0].len = len;
if (in_cksum(vec, 1))
if (in_cksum(vec, 1)) {
ND_TCHECK_16BITS(&bp[6]);
ND_PRINT((ndo, ", (bad vrrp cksum %x)",
EXTRACT_16BITS(&bp[6])));
}
}
if (version == 3 && ND_TTEST2(bp[0], len)) {
uint16_t cksum = nextproto4_cksum(ndo, (const struct ip *)bp2, bp,
len, len, IPPROTO_VRRP);
if (cksum)
if (cksum) {
ND_TCHECK_16BITS(&bp[6]);
ND_PRINT((ndo, ", (bad vrrp cksum %x)",
EXTRACT_16BITS(&bp[6])));
}
}
ND_PRINT((ndo, ", addrs"));

2
contrib/tcpdump/print-vtp.c
View File

@ -241,7 +241,7 @@ vtp_print (netdissect_options *ndo,
*/
tptr += 4;
while (tptr < (pptr+length)) {
while ((unsigned)(tptr - pptr) < length) {
ND_TCHECK_8BITS(tptr);
len = *tptr;

2
contrib/tcpdump/print-wb.c
View File

@ -203,7 +203,7 @@ wb_id(netdissect_options *ndo,
len -= sizeof(*io) * nid;
io = (const struct id_off *)(id + 1);
cp = (const char *)(io + nid);
if (ND_TTEST2(cp, len)) {
if (ND_TTEST2(*cp, len)) {
ND_PRINT((ndo, "\""));
fn_print(ndo, (const u_char *)cp, (const u_char *)cp + len);
ND_PRINT((ndo, "\""));

4
contrib/tcpdump/signature.c
View File

@ -130,7 +130,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
/*
* Do we have all the packet data to be checked?
*/
if (!ND_TTEST2(pptr, plen)) {
if (!ND_TTEST2(*pptr, plen)) {
/* No. */
return (CANT_CHECK_SIGNATURE);
}
@ -138,7 +138,7 @@ signature_verify(netdissect_options *ndo, const u_char *pptr, u_int plen,
/*
* Do we have the entire signature to check?
*/
if (!ND_TTEST2(sig_ptr, sizeof(sig))) {
if (!ND_TTEST2(*sig_ptr, sizeof(sig))) {
/* No. */
return (CANT_CHECK_SIGNATURE);
}

42
contrib/tcpdump/smbutil.c
View File

@ -478,12 +478,13 @@ smb_fdata1(netdissect_options *ndo,
case 'P':
{
int l = atoi(fmt + 1);
int l = atoi(fmt + 1);
if(l <= 0) goto trunc; /* actually error in fmt string */
ND_TCHECK2(buf[0], l);
buf += l;
fmt++;
while (isdigit((unsigned char)*fmt))
fmt++;
fmt++;
break;
}
case 'r':
@ -797,17 +798,33 @@ smb_fdata(netdissect_options *ndo,
int unicodestr)
{
static int depth = 0;
const u_char *buf_start = buf;
char s[128];
char *p;
while (*fmt) {
switch (*fmt) {
case '*':
/*
* List of multiple instances of something described by the
* remainder of the string (which may itself include a list
* of multiple instances of something, so we recurse).
*/
fmt++;
while (buf < maxbuf) {
const u_char *buf2;
depth++;
buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
/*
* In order to avoid stack exhaustion recurse at most 10
* levels; that "should not happen", as no SMB structure
* should be nested *that* deeply, and we thus shouldn't
* have format strings with that level of nesting.
*/
if (depth == 10) {
ND_PRINT((ndo, "(too many nested levels, not recursing)"));
buf2 = buf;
} else
buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr);
depth--;
if (buf2 == NULL)
return(NULL);
@ -818,22 +835,35 @@ smb_fdata(netdissect_options *ndo,
return(buf);
case '|':
/*
* Just do a bounds check.
*/
fmt++;
if (buf >= maxbuf)
return(buf);
break;
case '%':
/*
* XXX - unused?
*/
fmt++;
buf = maxbuf;
break;
case '#':
/*
* Done?
*/
fmt++;
return(buf);
break;
case '[':
/*
* Format of an item, enclosed in square brackets; dissect
* the item with smb_fdata1().
*/
fmt++;
if (buf >= maxbuf)
return(buf);
@ -847,11 +877,15 @@ smb_fdata(netdissect_options *ndo,
s[p - fmt] = '\0';
fmt = p + 1;
buf = smb_fdata1(ndo, buf, s, maxbuf, unicodestr);
if (buf == NULL)
if(buf < buf_start || buf == NULL) {
return(NULL);
}
break;
default:
/*
* Not a formatting character, so just print it.
*/
ND_PRINT((ndo, "%c", *fmt));
fmt++;
break;

8
contrib/tcpdump/tcpdump.1.in
View File

@ -441,7 +441,7 @@ terminal rather than to a file or pipe.
.PD
Set the time stamp type for the capture to \fItstamp_type\fP. The names
to use for the time stamp types are given in
.BR pcap-tstamp (@MAN_MISC_INFO@);
.BR \%pcap-tstamp (@MAN_MISC_INFO@);
not all the types listed there will necessarily be valid for any given
interface.
.TP
@ -1878,8 +1878,8 @@ The `*' on the request
indicates that XO (`exactly once') was \fInot\fP set.
.SH "SEE ALSO"
stty(1), pcap(3PCAP), bpf(4), nit(4P), pcap-savefile(@MAN_FILE_FORMATS@),
pcap-filter(@MAN_MISC_INFO@), pcap-tstamp(@MAN_MISC_INFO@)
stty(1), pcap(3PCAP), bpf(4), nit(4P), \%pcap-savefile(@MAN_FILE_FORMATS@),
\%pcap-filter(@MAN_MISC_INFO@), \%pcap-tstamp(@MAN_MISC_INFO@)
.LP
.RS
.I http://www.iana.org/assignments/media-types/application/vnd.tcpdump.pcap
@ -1898,7 +1898,7 @@ It is currently being maintained by tcpdump.org.
The current version is available via http:
.LP
.RS
.I http://www.tcpdump.org/
.I https://www.tcpdump.org/
.RE
.LP
The original distribution is available via anonymous ftp:

45
contrib/tcpdump/tcpdump.c
View File

@ -113,10 +113,6 @@ The Regents of the University of California. All rights reserved.\n";
#endif /* HAVE_CAP_NG_H */
#endif /* HAVE_LIBCAP_NG */
#ifdef __FreeBSD__
#include <sys/sysctl.h>
#endif /* __FreeBSD__ */
#include "netdissect.h"
#include "interface.h"
#include "addrtoname.h"
@ -620,11 +616,10 @@ droproot(const char *username, const char *chroot_dir)
#ifdef HAVE_LIBCAP_NG
{
int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
if (ret < 0) {
fprintf(stderr, "error : ret %d\n", ret);
} else {
if (ret < 0)
error("capng_change_id(): return %d\n", ret);
else
fprintf(stderr, "dropped privs to %s\n", username);
}
}
#else
if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
@ -713,13 +708,15 @@ static char *
get_next_file(FILE *VFile, char *ptr)
{
char *ret;
size_t len;
ret = fgets(ptr, PATH_MAX, VFile);
if (!ret)
return NULL;
if (ptr[strlen(ptr) - 1] == '\n')
ptr[strlen(ptr) - 1] = '\0';
len = strlen (ptr);
if (len > 0 && ptr[len - 1] == '\n')
ptr[len - 1] = '\0';
return ret;
}
@ -1065,6 +1062,10 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf)
if (status < 0)
error("%s: Can't set time stamp type: %s",
device, pcap_statustostr(status));
else if (status > 0)
warning("When trying to set timestamp type '%s' on %s: %s",
pcap_tstamp_type_val_to_name(jflag), device,
pcap_statustostr(status));
}
#endif
status = pcap_activate(pc);
@ -1086,30 +1087,6 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf)
} else if (status == PCAP_ERROR_PERM_DENIED && *cp != '\0')
error("%s: %s\n(%s)", device,
pcap_statustostr(status), cp);
#ifdef __FreeBSD__
else if (status == PCAP_ERROR_RFMON_NOTSUP &&
strncmp(device, "wlan", 4) == 0) {
char parent[8], newdev[8];
char sysctl[32];
size_t s = sizeof(parent);
snprintf(sysctl, sizeof(sysctl),
"net.wlan.%d.%%parent", atoi(device + 4));
sysctlbyname(sysctl, parent, &s, NULL, 0);
strlcpy(newdev, device, sizeof(newdev));
/* Suggest a new wlan device. */
/* FIXME: incrementing the index this way is not going to work well
* when the index is 9 or greater but the only consequence in this
* specific case would be an error message that looks a bit odd.
*/
newdev[strlen(newdev)-1]++;
error("%s is not a monitor mode VAP\n"
"To create a new monitor mode VAP use:\n"
" ifconfig %s create wlandev %s wlanmode monitor\n"
"and use %s as the tcpdump interface",
device, newdev, parent, newdev);
}
#endif
else
error("%s: %s", device,
pcap_statustostr(status));

20
contrib/tcpdump/util-print.c
View File

@ -120,10 +120,21 @@ fn_print(netdissect_options *ndo,
/*
* Print out a null-terminated filename (or other ascii string) from
* a fixed-length buffer.
* If ep is NULL, assume no truncation check is needed.
* a fixed-length field in the packet buffer, or from what remains of
* the packet.
*
* n is the length of the fixed-length field, or the number of bytes
* remaining in the packet based on its on-the-network length.
*
* If ep is non-null, it should point just past the last captured byte
* of the packet, e.g. ndo->ndo_snapend. If ep is NULL, we assume no
* truncation check, other than the checks of the field length/remaining
* packet data length, is needed.
*
* Return the number of bytes of string processed, including the
* terminating null, if not truncated. Return 0 if truncated.
* terminating null, if not truncated; as the terminating null is
* included in the count, and as there must be a terminating null,
* this will always be non-zero. Return 0 if truncated.
*/
u_int
fn_printztn(netdissect_options *ndo,
@ -137,7 +148,8 @@ fn_printztn(netdissect_options *ndo,
if (n == 0 || (ep != NULL && s >= ep)) {
/*
* Truncated. This includes "no null before we
* got to the end of the fixed-length buffer".
* got to the end of the fixed-length buffer or
* the end of the packet".
*
* XXX - BOOTP says "null-terminated", which
* means the maximum length of the string, in