]> The Tcpdump Group git mirrors - tcpdump/blob - print-dvmrp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
More bounds checking when fetching addresses and converting to strings.
[tcpdump] / print-dvmrp.c
1 /*
2 * Copyright (c) 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Distance Vector Multicast Routing Protocol printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include "netdissect.h"
31 #include "extract.h"
32 #include "addrtoname.h"
33
34 /*
35 * See: RFC 1075 and draft-ietf-idmr-dvmrp-v3
36 *
37 * DVMRP message types and flag values shamelessly stolen from
38 * mrouted/dvmrp.h.
39 */
40 #define DVMRP_PROBE 1 /* for finding neighbors */
41 #define DVMRP_REPORT 2 /* for reporting some or all routes */
42 #define DVMRP_ASK_NEIGHBORS 3 /* sent by mapper, asking for a list */
43 /* of this router's neighbors */
44 #define DVMRP_NEIGHBORS 4 /* response to such a request */
45 #define DVMRP_ASK_NEIGHBORS2 5 /* as above, want new format reply */
46 #define DVMRP_NEIGHBORS2 6
47 #define DVMRP_PRUNE 7 /* prune message */
48 #define DVMRP_GRAFT 8 /* graft message */
49 #define DVMRP_GRAFT_ACK 9 /* graft acknowledgement */
50
51 /*
52 * 'flags' byte values in DVMRP_NEIGHBORS2 reply.
53 */
54 #define DVMRP_NF_TUNNEL 0x01 /* neighbors reached via tunnel */
55 #define DVMRP_NF_SRCRT 0x02 /* tunnel uses IP source routing */
56 #define DVMRP_NF_DOWN 0x10 /* kernel state of interface */
57 #define DVMRP_NF_DISABLED 0x20 /* administratively disabled */
58 #define DVMRP_NF_QUERIER 0x40 /* I am the subnet's querier */
59
60 static int print_probe(netdissect_options *, const u_char *, const u_char *, u_int);
61 static int print_report(netdissect_options *, const u_char *, const u_char *, u_int);
62 static int print_neighbors(netdissect_options *, const u_char *, const u_char *, u_int);
63 static int print_neighbors2(netdissect_options *, const u_char *, const u_char *, u_int, uint8_t, uint8_t);
64 static int print_prune(netdissect_options *, const u_char *);
65 static int print_graft(netdissect_options *, const u_char *);
66 static int print_graft_ack(netdissect_options *, const u_char *);
67
68 void
69 dvmrp_print(netdissect_options *ndo,
70 const u_char *bp, u_int len)
71 {
72 const u_char *ep;
73 u_char type;
74 uint8_t major_version, minor_version;
75
76 ndo->ndo_protocol = "dvmrp";
77 ep = ndo->ndo_snapend;
78 if (bp >= ep)
79 return;
80
81 ND_TCHECK_1(bp + 1);
82 type = GET_U_1(bp + 1);
83
84 /* Skip IGMP header */
85 bp += 8;
86 len -= 8;
87
88 switch (type) {
89
90 case DVMRP_PROBE:
91 ND_PRINT(" Probe");
92 if (ndo->ndo_vflag) {
93 if (print_probe(ndo, bp, ep, len) < 0)
94 goto trunc;
95 }
96 break;
97
98 case DVMRP_REPORT:
99 ND_PRINT(" Report");
100 if (ndo->ndo_vflag > 1) {
101 if (print_report(ndo, bp, ep, len) < 0)
102 goto trunc;
103 }
104 break;
105
106 case DVMRP_ASK_NEIGHBORS:
107 ND_PRINT(" Ask-neighbors(old)");
108 break;
109
110 case DVMRP_NEIGHBORS:
111 ND_PRINT(" Neighbors(old)");
112 if (print_neighbors(ndo, bp, ep, len) < 0)
113 goto trunc;
114 break;
115
116 case DVMRP_ASK_NEIGHBORS2:
117 ND_PRINT(" Ask-neighbors2");
118 break;
119
120 case DVMRP_NEIGHBORS2:
121 ND_PRINT(" Neighbors2");
122 /*
123 * extract version from IGMP group address field
124 */
125 bp -= 4;
126 ND_TCHECK_4(bp);
127 major_version = GET_U_1(bp + 3);
128 minor_version = GET_U_1(bp + 2);
129 bp += 4;
130 if (print_neighbors2(ndo, bp, ep, len, major_version,
131 minor_version) < 0)
132 goto trunc;
133 break;
134
135 case DVMRP_PRUNE:
136 ND_PRINT(" Prune");
137 if (print_prune(ndo, bp) < 0)
138 goto trunc;
139 break;
140
141 case DVMRP_GRAFT:
142 ND_PRINT(" Graft");
143 if (print_graft(ndo, bp) < 0)
144 goto trunc;
145 break;
146
147 case DVMRP_GRAFT_ACK:
148 ND_PRINT(" Graft-ACK");
149 if (print_graft_ack(ndo, bp) < 0)
150 goto trunc;
151 break;
152
153 default:
154 ND_PRINT(" [type %u]", type);
155 break;
156 }
157 return;
158
159 trunc:
160 nd_print_trunc(ndo);
161 return;
162 }
163
164 static int
165 print_report(netdissect_options *ndo,
166 const u_char *bp, const u_char *ep,
167 u_int len)
168 {
169 uint32_t mask, origin;
170 u_int metric, done;
171 u_int i, width;
172
173 while (len > 0) {
174 if (len < 3) {
175 ND_PRINT(" [|]");
176 return (0);
177 }
178 ND_TCHECK_3(bp);
179 mask = (uint32_t)0xff << 24 | GET_U_1(bp) << 16 |
180 GET_U_1(bp + 1) << 8 | GET_U_1(bp + 2);
181 width = 1;
182 if (GET_U_1(bp))
183 width = 2;
184 if (GET_U_1(bp + 1))
185 width = 3;
186 if (GET_U_1(bp + 2))
187 width = 4;
188
189 ND_PRINT("\n\tMask %s", intoa(htonl(mask)));
190 bp += 3;
191 len -= 3;
192 do {
193 if (bp + width + 1 > ep) {
194 ND_PRINT(" [|]");
195 return (0);
196 }
197 if (len < width + 1) {
198 ND_PRINT("\n\t [Truncated Report]");
199 return (0);
200 }
201 origin = 0;
202 for (i = 0; i < width; ++i) {
203 ND_TCHECK_1(bp);
204 origin = origin << 8 | GET_U_1(bp);
205 bp++;
206 }
207 for ( ; i < 4; ++i)
208 origin <<= 8;
209
210 ND_TCHECK_1(bp);
211 metric = GET_U_1(bp);
212 bp++;
213 done = metric & 0x80;
214 metric &= 0x7f;
215 ND_PRINT("\n\t %s metric %u", intoa(htonl(origin)),
216 metric);
217 len -= width + 1;
218 } while (!done);
219 }
220 return (0);
221 trunc:
222 return (-1);
223 }
224
225 static int
226 print_probe(netdissect_options *ndo,
227 const u_char *bp, const u_char *ep,
228 u_int len)
229 {
230 uint32_t genid;
231
232 ND_TCHECK_4(bp);
233 if ((len < 4) || ((bp + 4) > ep)) {
234 /* { (ctags) */
235 ND_PRINT(" [|}");
236 return (0);
237 }
238 genid = GET_BE_U_4(bp);
239 bp += 4;
240 len -= 4;
241 ND_PRINT(ndo->ndo_vflag > 1 ? "\n\t" : " ");
242 ND_PRINT("genid %u", genid);
243 if (ndo->ndo_vflag < 2)
244 return (0);
245
246 while ((len > 0) && (bp < ep)) {
247 ND_TCHECK_4(bp);
248 ND_PRINT("\n\tneighbor %s", GET_IPADDR_STRING(bp));
249 bp += 4; len -= 4;
250 }
251 return (0);
252 trunc:
253 return (-1);
254 }
255
256 static int
257 print_neighbors(netdissect_options *ndo,
258 const u_char *bp, const u_char *ep,
259 u_int len)
260 {
261 const u_char *laddr;
262 u_char metric;
263 u_char thresh;
264 int ncount;
265
266 while (len > 0 && bp < ep) {
267 ND_TCHECK_7(bp);
268 laddr = bp;
269 bp += 4;
270 metric = GET_U_1(bp);
271 bp++;
272 thresh = GET_U_1(bp);
273 bp++;
274 ncount = GET_U_1(bp);
275 bp++;
276 len -= 7;
277 while (--ncount >= 0) {
278 ND_TCHECK_4(bp);
279 ND_PRINT(" [%s ->", GET_IPADDR_STRING(laddr));
280 ND_PRINT(" %s, (%u/%u)]",
281 GET_IPADDR_STRING(bp), metric, thresh);
282 bp += 4;
283 len -= 4;
284 }
285 }
286 return (0);
287 trunc:
288 return (-1);
289 }
290
291 static int
292 print_neighbors2(netdissect_options *ndo,
293 const u_char *bp, const u_char *ep,
294 u_int len, uint8_t major_version,
295 uint8_t minor_version)
296 {
297 const u_char *laddr;
298 u_char metric, thresh, flags;
299 int ncount;
300
301 ND_PRINT(" (v %u.%u):", major_version, minor_version);
302
303 while (len > 0 && bp < ep) {
304 ND_TCHECK_8(bp);
305 laddr = bp;
306 bp += 4;
307 metric = GET_U_1(bp);
308 bp++;
309 thresh = GET_U_1(bp);
310 bp++;
311 flags = GET_U_1(bp);
312 bp++;
313 ncount = GET_U_1(bp);
314 bp++;
315 len -= 8;
316 while (--ncount >= 0 && (len >= 4) && (bp + 4) <= ep) {
317 ND_PRINT(" [%s -> ", GET_IPADDR_STRING(laddr));
318 ND_PRINT("%s (%u/%u", GET_IPADDR_STRING(bp),
319 metric, thresh);
320 if (flags & DVMRP_NF_TUNNEL)
321 ND_PRINT("/tunnel");
322 if (flags & DVMRP_NF_SRCRT)
323 ND_PRINT("/srcrt");
324 if (flags & DVMRP_NF_QUERIER)
325 ND_PRINT("/querier");
326 if (flags & DVMRP_NF_DISABLED)
327 ND_PRINT("/disabled");
328 if (flags & DVMRP_NF_DOWN)
329 ND_PRINT("/down");
330 ND_PRINT(")]");
331 bp += 4;
332 len -= 4;
333 }
334 if (ncount != -1) {
335 ND_PRINT(" [|]");
336 return (0);
337 }
338 }
339 return (0);
340 trunc:
341 return (-1);
342 }
343
344 static int
345 print_prune(netdissect_options *ndo,
346 const u_char *bp)
347 {
348 ND_TCHECK_LEN(bp, 12);
349 ND_PRINT(" src %s grp %s", GET_IPADDR_STRING(bp), GET_IPADDR_STRING(bp + 4));
350 bp += 8;
351 ND_PRINT(" timer ");
352 unsigned_relts_print(ndo, GET_BE_U_4(bp));
353 return (0);
354 trunc:
355 return (-1);
356 }
357
358 static int
359 print_graft(netdissect_options *ndo,
360 const u_char *bp)
361 {
362 ND_TCHECK_8(bp);
363 ND_PRINT(" src %s grp %s", GET_IPADDR_STRING(bp), GET_IPADDR_STRING(bp + 4));
364 return (0);
365 trunc:
366 return (-1);
367 }
368
369 static int
370 print_graft_ack(netdissect_options *ndo,
371 const u_char *bp)
372 {
373 ND_TCHECK_8(bp);
374 ND_PRINT(" src %s grp %s", GET_IPADDR_STRING(bp), GET_IPADDR_STRING(bp + 4));
375 return (0);
376 trunc:
377 return (-1);
378 }
[mirror] the TCPdump network dissector