]> The Tcpdump Group git mirrors - tcpdump/blob - print-icmp.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Revert "Clean a bunch of fuzzed files not to fuzz the container."
[tcpdump] / print-icmp.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Internet Control Message Protocol (ICMP) printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include <stdio.h>
31 #include <string.h>
32
33 #include "netdissect.h"
34 #include "addrtoname.h"
35 #include "extract.h"
36
37 #include "ip.h"
38 #include "udp.h"
39 #include "ipproto.h"
40 #include "mpls.h"
41
42 /*
43 * Interface Control Message Protocol Definitions.
44 * Per RFC 792, September 1981.
45 */
46
47 /*
48 * Structure of an icmp header.
49 */
50 struct icmp {
51 nd_uint8_t icmp_type; /* type of message, see below */
52 nd_uint8_t icmp_code; /* type sub code */
53 nd_uint16_t icmp_cksum; /* ones complement cksum of struct */
54 union {
55 nd_uint8_t ih_pptr; /* ICMP_PARAMPROB */
56 nd_ipv4 ih_gwaddr; /* ICMP_REDIRECT */
57 struct ih_idseq {
58 nd_uint16_t icd_id;
59 nd_uint16_t icd_seq;
60 } ih_idseq;
61 nd_uint32_t ih_void;
62 } icmp_hun;
63 #define icmp_pptr icmp_hun.ih_pptr
64 #define icmp_gwaddr icmp_hun.ih_gwaddr
65 #define icmp_id icmp_hun.ih_idseq.icd_id
66 #define icmp_seq icmp_hun.ih_idseq.icd_seq
67 #define icmp_void icmp_hun.ih_void
68 union {
69 struct id_ts {
70 nd_uint32_t its_otime;
71 nd_uint32_t its_rtime;
72 nd_uint32_t its_ttime;
73 } id_ts;
74 struct id_ip {
75 struct ip idi_ip;
76 /* options and then 64 bits of data */
77 } id_ip;
78 nd_uint32_t id_mask;
79 nd_byte id_data[1];
80 } icmp_dun;
81 #define icmp_otime icmp_dun.id_ts.its_otime
82 #define icmp_rtime icmp_dun.id_ts.its_rtime
83 #define icmp_ttime icmp_dun.id_ts.its_ttime
84 #define icmp_ip icmp_dun.id_ip.idi_ip
85 #define icmp_mask icmp_dun.id_mask
86 #define icmp_data icmp_dun.id_data
87 };
88
89 #define ICMP_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
90 #define ICMP_MPLS_EXT_VERSION 2
91
92 /*
93 * Lower bounds on packet lengths for various types.
94 * For the error advice packets must first insure that the
95 * packet is large enough to contain the returned ip header.
96 * Only then can we do the check to see if 64 bits of packet
97 * data have been returned, since we need to check the returned
98 * ip header length.
99 */
100 #define ICMP_MINLEN 8 /* abs minimum */
101 #define ICMP_EXTD_MINLEN (156 - sizeof (struct ip)) /* draft-bonica-internet-icmp-08 */
102 #define ICMP_TSLEN (8 + 3 * sizeof (uint32_t)) /* timestamp */
103 #define ICMP_MASKLEN 12 /* address mask */
104 #define ICMP_ADVLENMIN (8 + sizeof (struct ip) + 8) /* min */
105 #define ICMP_ADVLEN(p) (8 + (IP_HL(&(p)->icmp_ip) << 2) + 8)
106 /* N.B.: must separately check that ip_hl >= 5 */
107
108 /*
109 * Definition of type and code field values.
110 */
111 #define ICMP_ECHOREPLY 0 /* echo reply */
112 #define ICMP_UNREACH 3 /* dest unreachable, codes: */
113 #define ICMP_UNREACH_NET 0 /* bad net */
114 #define ICMP_UNREACH_HOST 1 /* bad host */
115 #define ICMP_UNREACH_PROTOCOL 2 /* bad protocol */
116 #define ICMP_UNREACH_PORT 3 /* bad port */
117 #define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */
118 #define ICMP_UNREACH_SRCFAIL 5 /* src route failed */
119 #define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */
120 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */
121 #define ICMP_UNREACH_ISOLATED 8 /* src host isolated */
122 #define ICMP_UNREACH_NET_PROHIB 9 /* prohibited access */
123 #define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */
124 #define ICMP_UNREACH_TOSNET 11 /* bad tos for net */
125 #define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */
126 #define ICMP_SOURCEQUENCH 4 /* packet lost, slow down */
127 #define ICMP_REDIRECT 5 /* shorter route, codes: */
128 #define ICMP_REDIRECT_NET 0 /* for network */
129 #define ICMP_REDIRECT_HOST 1 /* for host */
130 #define ICMP_REDIRECT_TOSNET 2 /* for tos and net */
131 #define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */
132 #define ICMP_ECHO 8 /* echo service */
133 #define ICMP_ROUTERADVERT 9 /* router advertisement */
134 #define ICMP_ROUTERSOLICIT 10 /* router solicitation */
135 #define ICMP_TIMXCEED 11 /* time exceeded, code: */
136 #define ICMP_TIMXCEED_INTRANS 0 /* ttl==0 in transit */
137 #define ICMP_TIMXCEED_REASS 1 /* ttl==0 in reass */
138 #define ICMP_PARAMPROB 12 /* ip header bad */
139 #define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */
140 #define ICMP_TSTAMP 13 /* timestamp request */
141 #define ICMP_TSTAMPREPLY 14 /* timestamp reply */
142 #define ICMP_IREQ 15 /* information request */
143 #define ICMP_IREQREPLY 16 /* information reply */
144 #define ICMP_MASKREQ 17 /* address mask request */
145 #define ICMP_MASKREPLY 18 /* address mask reply */
146
147 #define ICMP_MAXTYPE 18
148
149 #define ICMP_ERRTYPE(type) \
150 ((type) == ICMP_UNREACH || (type) == ICMP_SOURCEQUENCH || \
151 (type) == ICMP_REDIRECT || (type) == ICMP_TIMXCEED || \
152 (type) == ICMP_PARAMPROB)
153 #define ICMP_MULTIPART_EXT_TYPE(type) \
154 ((type) == ICMP_UNREACH || \
155 (type) == ICMP_TIMXCEED || \
156 (type) == ICMP_PARAMPROB)
157 /* rfc1700 */
158 #ifndef ICMP_UNREACH_NET_UNKNOWN
159 #define ICMP_UNREACH_NET_UNKNOWN 6 /* destination net unknown */
160 #endif
161 #ifndef ICMP_UNREACH_HOST_UNKNOWN
162 #define ICMP_UNREACH_HOST_UNKNOWN 7 /* destination host unknown */
163 #endif
164 #ifndef ICMP_UNREACH_ISOLATED
165 #define ICMP_UNREACH_ISOLATED 8 /* source host isolated */
166 #endif
167 #ifndef ICMP_UNREACH_NET_PROHIB
168 #define ICMP_UNREACH_NET_PROHIB 9 /* admin prohibited net */
169 #endif
170 #ifndef ICMP_UNREACH_HOST_PROHIB
171 #define ICMP_UNREACH_HOST_PROHIB 10 /* admin prohibited host */
172 #endif
173 #ifndef ICMP_UNREACH_TOSNET
174 #define ICMP_UNREACH_TOSNET 11 /* tos prohibited net */
175 #endif
176 #ifndef ICMP_UNREACH_TOSHOST
177 #define ICMP_UNREACH_TOSHOST 12 /* tos prohibited host */
178 #endif
179
180 /* rfc1716 */
181 #ifndef ICMP_UNREACH_FILTER_PROHIB
182 #define ICMP_UNREACH_FILTER_PROHIB 13 /* admin prohibited filter */
183 #endif
184 #ifndef ICMP_UNREACH_HOST_PRECEDENCE
185 #define ICMP_UNREACH_HOST_PRECEDENCE 14 /* host precedence violation */
186 #endif
187 #ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
188 #define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
189 #endif
190
191 /* rfc4950 */
192 #define MPLS_STACK_ENTRY_OBJECT_CLASS 1
193 /* rfc5837 */
194 #define INTERFACE_INFORMATION_OBJECT_CLASS 2
195
196 /* Most of the icmp types */
197 static const struct tok icmp2str[] = {
198 { ICMP_ECHOREPLY, "echo reply" },
199 { ICMP_SOURCEQUENCH, "source quench" },
200 { ICMP_ECHO, "echo request" },
201 { ICMP_ROUTERSOLICIT, "router solicitation" },
202 { ICMP_TSTAMP, "time stamp request" },
203 { ICMP_TSTAMPREPLY, "time stamp reply" },
204 { ICMP_IREQ, "information request" },
205 { ICMP_IREQREPLY, "information reply" },
206 { ICMP_MASKREQ, "address mask request" },
207 { 0, NULL }
208 };
209
210 /* rfc1191 */
211 struct mtu_discovery {
212 nd_uint16_t unused;
213 nd_uint16_t nexthopmtu;
214 };
215
216 /* rfc1256 */
217 struct ih_rdiscovery {
218 nd_uint8_t ird_addrnum;
219 nd_uint8_t ird_addrsiz;
220 nd_uint16_t ird_lifetime;
221 };
222
223 struct id_rdiscovery {
224 nd_uint32_t ird_addr;
225 nd_uint32_t ird_pref;
226 };
227
228 /*
229 * draft-bonica-internet-icmp-08
230 *
231 * The Destination Unreachable, Time Exceeded
232 * and Parameter Problem messages are slightly changed as per
233 * the above draft. A new Length field gets added to give
234 * the caller an idea about the length of the piggybacked
235 * IP packet before the MPLS extension header starts.
236 *
237 * The Length field represents length of the padded "original datagram"
238 * field measured in 32-bit words.
239 *
240 * 0 1 2 3
241 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
242 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
243 * | Type | Code | Checksum |
244 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
245 * | unused | Length | unused |
246 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
247 * | Internet Header + leading octets of original datagram |
248 * | |
249 * | // |
250 * | |
251 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
252 */
253
254 struct icmp_ext_t {
255 nd_uint8_t icmp_type;
256 nd_uint8_t icmp_code;
257 nd_uint16_t icmp_checksum;
258 nd_byte icmp_reserved;
259 nd_uint8_t icmp_length;
260 nd_byte icmp_reserved2[2];
261 nd_byte icmp_ext_legacy_header[128]; /* extension header starts 128 bytes after ICMP header */
262 nd_byte icmp_ext_version_res[2];
263 nd_uint16_t icmp_ext_checksum;
264 nd_byte icmp_ext_data[1];
265 };
266
267 struct icmp_multipart_ext_object_header_t {
268 nd_uint16_t length;
269 nd_uint8_t class_num;
270 nd_uint8_t ctype;
271 };
272
273 static const struct tok icmp_multipart_ext_obj_values[] = {
274 { 1, "MPLS Stack Entry" },
275 { 2, "Interface Identification" },
276 { 0, NULL}
277 };
278
279 /* rfc5837 */
280 static const struct tok icmp_interface_identification_role_values[] = {
281 { 0, "the IP interface upon which a datagram arrived"},
282 { 1, "the sub-IP component of an IP interface upon which a datagram arrived"},
283 { 2, "the IP interface through which the datagram would have been forwarded had it been forwardable"},
284 { 3, "the IP next hop to which the datagram would have been forwarded"},
285 { 0, NULL }
286 };
287
288 /*
289 Interface IP Address Sub-Object
290 0 31
291 +-------+-------+-------+-------+
292 | AFI | Reserved |
293 +-------+-------+-------+-------+
294 | IP Address ....
295 */
296 struct icmp_interface_identification_ipaddr_subobject_t {
297 nd_uint16_t afi;
298 nd_uint16_t reserved;
299 nd_uint32_t ip_addr;
300 };
301
302 /*
303 Interface Name Sub-Object
304 octet 0 1 63
305 +--------+-----------................-----------------+
306 | length | interface name octets 1-63 |
307 +--------+-----------................-----------------+
308 */
309 struct icmp_interface_identification_ifname_subobject_t {
310 nd_uint8_t length;
311 nd_byte if_name[63];
312 };
313
314
315 /* prototypes */
316 const char *icmp_tstamp_print(u_int);
317
318 /* print the milliseconds since midnight UTC */
319 const char *
320 icmp_tstamp_print(u_int tstamp)
321 {
322 u_int msec,sec,min,hrs;
323
324 static char buf[64];
325
326 msec = tstamp % 1000;
327 sec = tstamp / 1000;
328 min = sec / 60; sec -= min * 60;
329 hrs = min / 60; min -= hrs * 60;
330 snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
331 return buf;
332 }
333
334 void
335 icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *bp2,
336 int fragmented)
337 {
338 char *cp;
339 const struct icmp *dp;
340 uint8_t icmp_type, icmp_code;
341 const struct icmp_ext_t *ext_dp;
342 const struct ip *ip;
343 const char *str;
344 const struct ip *oip;
345 uint8_t ip_proto;
346 const struct udphdr *ouh;
347 const uint8_t *obj_tptr;
348 uint32_t raw_label;
349 const struct icmp_multipart_ext_object_header_t *icmp_multipart_ext_object_header;
350 u_int interface_role, if_index_flag, ipaddr_flag, name_flag, mtu_flag;
351 const uint8_t *offset;
352 const struct icmp_interface_identification_ipaddr_subobject_t *ipaddr_subobj;
353 const struct icmp_interface_identification_ifname_subobject_t *ifname_subobj;
354 u_int hlen, mtu, obj_tlen, obj_class_num, obj_ctype;
355 uint16_t dport;
356 char buf[MAXHOSTNAMELEN + 100];
357 struct cksum_vec vec[1];
358
359 ndo->ndo_protocol = "icmp";
360 dp = (const struct icmp *)bp;
361 ext_dp = (const struct icmp_ext_t *)bp;
362 ip = (const struct ip *)bp2;
363 str = buf;
364
365 icmp_type = GET_U_1(dp->icmp_type);
366 icmp_code = GET_U_1(dp->icmp_code);
367 switch (icmp_type) {
368
369 case ICMP_ECHO:
370 case ICMP_ECHOREPLY:
371 (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
372 icmp_type == ICMP_ECHO ?
373 "request" : "reply",
374 GET_BE_U_2(dp->icmp_id),
375 GET_BE_U_2(dp->icmp_seq));
376 break;
377
378 case ICMP_UNREACH:
379 switch (icmp_code) {
380
381 case ICMP_UNREACH_NET:
382 (void)snprintf(buf, sizeof(buf),
383 "net %s unreachable",
384 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
385 break;
386
387 case ICMP_UNREACH_HOST:
388 (void)snprintf(buf, sizeof(buf),
389 "host %s unreachable",
390 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
391 break;
392
393 case ICMP_UNREACH_PROTOCOL:
394 (void)snprintf(buf, sizeof(buf),
395 "%s protocol %u unreachable",
396 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
397 GET_U_1(dp->icmp_ip.ip_p));
398 break;
399
400 case ICMP_UNREACH_PORT:
401 ND_TCHECK_1(dp->icmp_ip.ip_p);
402 oip = &dp->icmp_ip;
403 hlen = IP_HL(oip) * 4;
404 ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
405 dport = GET_BE_U_2(ouh->uh_dport);
406 ip_proto = GET_U_1(oip->ip_p);
407 switch (ip_proto) {
408
409 case IPPROTO_TCP:
410 (void)snprintf(buf, sizeof(buf),
411 "%s tcp port %s unreachable",
412 GET_IPADDR_STRING(oip->ip_dst),
413 tcpport_string(ndo, dport));
414 break;
415
416 case IPPROTO_UDP:
417 (void)snprintf(buf, sizeof(buf),
418 "%s udp port %s unreachable",
419 GET_IPADDR_STRING(oip->ip_dst),
420 udpport_string(ndo, dport));
421 break;
422
423 default:
424 (void)snprintf(buf, sizeof(buf),
425 "%s protocol %u port %u unreachable",
426 GET_IPADDR_STRING(oip->ip_dst),
427 ip_proto, dport);
428 break;
429 }
430 break;
431
432 case ICMP_UNREACH_NEEDFRAG:
433 {
434 const struct mtu_discovery *mp;
435 mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
436 mtu = GET_BE_U_2(mp->nexthopmtu);
437 if (mtu) {
438 (void)snprintf(buf, sizeof(buf),
439 "%s unreachable - need to frag (mtu %u)",
440 GET_IPADDR_STRING(dp->icmp_ip.ip_dst), mtu);
441 } else {
442 (void)snprintf(buf, sizeof(buf),
443 "%s unreachable - need to frag",
444 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
445 }
446 }
447 break;
448
449 case ICMP_UNREACH_SRCFAIL:
450 (void)snprintf(buf, sizeof(buf),
451 "%s unreachable - source route failed",
452 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
453 break;
454
455 case ICMP_UNREACH_NET_UNKNOWN:
456 (void)snprintf(buf, sizeof(buf),
457 "net %s unreachable - unknown",
458 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
459 break;
460
461 case ICMP_UNREACH_HOST_UNKNOWN:
462 (void)snprintf(buf, sizeof(buf),
463 "host %s unreachable - unknown",
464 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
465 break;
466
467 case ICMP_UNREACH_ISOLATED:
468 (void)snprintf(buf, sizeof(buf),
469 "%s unreachable - source host isolated",
470 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
471 break;
472
473 case ICMP_UNREACH_NET_PROHIB:
474 (void)snprintf(buf, sizeof(buf),
475 "net %s unreachable - admin prohibited",
476 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
477 break;
478
479 case ICMP_UNREACH_HOST_PROHIB:
480 (void)snprintf(buf, sizeof(buf),
481 "host %s unreachable - admin prohibited",
482 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
483 break;
484
485 case ICMP_UNREACH_TOSNET:
486 (void)snprintf(buf, sizeof(buf),
487 "net %s unreachable - tos prohibited",
488 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
489 break;
490
491 case ICMP_UNREACH_TOSHOST:
492 (void)snprintf(buf, sizeof(buf),
493 "host %s unreachable - tos prohibited",
494 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
495 break;
496
497 case ICMP_UNREACH_FILTER_PROHIB:
498 (void)snprintf(buf, sizeof(buf),
499 "host %s unreachable - admin prohibited filter",
500 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
501 break;
502
503 case ICMP_UNREACH_HOST_PRECEDENCE:
504 (void)snprintf(buf, sizeof(buf),
505 "host %s unreachable - host precedence violation",
506 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
507 break;
508
509 case ICMP_UNREACH_PRECEDENCE_CUTOFF:
510 (void)snprintf(buf, sizeof(buf),
511 "host %s unreachable - precedence cutoff",
512 GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
513 break;
514
515 default:
516 (void)snprintf(buf, sizeof(buf),
517 "%s unreachable - #%u",
518 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
519 icmp_code);
520 break;
521 }
522 break;
523
524 case ICMP_REDIRECT:
525 switch (icmp_code) {
526
527 case ICMP_REDIRECT_NET:
528 (void)snprintf(buf, sizeof(buf),
529 "redirect %s to net %s",
530 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
531 GET_IPADDR_STRING(dp->icmp_gwaddr));
532 break;
533
534 case ICMP_REDIRECT_HOST:
535 (void)snprintf(buf, sizeof(buf),
536 "redirect %s to host %s",
537 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
538 GET_IPADDR_STRING(dp->icmp_gwaddr));
539 break;
540
541 case ICMP_REDIRECT_TOSNET:
542 (void)snprintf(buf, sizeof(buf),
543 "redirect-tos %s to net %s",
544 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
545 GET_IPADDR_STRING(dp->icmp_gwaddr));
546 break;
547
548 case ICMP_REDIRECT_TOSHOST:
549 (void)snprintf(buf, sizeof(buf),
550 "redirect-tos %s to host %s",
551 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
552 GET_IPADDR_STRING(dp->icmp_gwaddr));
553 break;
554
555 default:
556 (void)snprintf(buf, sizeof(buf),
557 "redirect-#%u %s to %s", icmp_code,
558 GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
559 GET_IPADDR_STRING(dp->icmp_gwaddr));
560 break;
561 }
562 break;
563
564 case ICMP_ROUTERADVERT:
565 {
566 const struct ih_rdiscovery *ihp;
567 const struct id_rdiscovery *idp;
568 u_int lifetime, num, size;
569
570 (void)snprintf(buf, sizeof(buf), "router advertisement");
571 cp = buf + strlen(buf);
572
573 ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
574 ND_TCHECK_SIZE(ihp);
575 (void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
576 cp = buf + strlen(buf);
577 lifetime = GET_BE_U_2(ihp->ird_lifetime);
578 if (lifetime < 60) {
579 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
580 lifetime);
581 } else if (lifetime < 60 * 60) {
582 (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
583 lifetime / 60, lifetime % 60);
584 } else {
585 (void)snprintf(cp, sizeof(buf) - (cp - buf),
586 "%u:%02u:%02u",
587 lifetime / 3600,
588 (lifetime % 3600) / 60,
589 lifetime % 60);
590 }
591 cp = buf + strlen(buf);
592
593 num = GET_U_1(ihp->ird_addrnum);
594 (void)snprintf(cp, sizeof(buf) - (cp - buf), " %u:", num);
595 cp = buf + strlen(buf);
596
597 size = GET_U_1(ihp->ird_addrsiz);
598 if (size != 2) {
599 (void)snprintf(cp, sizeof(buf) - (cp - buf),
600 " [size %u]", size);
601 break;
602 }
603 idp = (const struct id_rdiscovery *)&dp->icmp_data;
604 while (num > 0) {
605 ND_TCHECK_SIZE(idp);
606 (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
607 GET_IPADDR_STRING(idp->ird_addr),
608 GET_BE_U_4(idp->ird_pref));
609 cp = buf + strlen(buf);
610 ++idp;
611 num--;
612 }
613 }
614 break;
615
616 case ICMP_TIMXCEED:
617 ND_TCHECK_4(dp->icmp_ip.ip_dst);
618 switch (icmp_code) {
619
620 case ICMP_TIMXCEED_INTRANS:
621 str = "time exceeded in-transit";
622 break;
623
624 case ICMP_TIMXCEED_REASS:
625 str = "ip reassembly time exceeded";
626 break;
627
628 default:
629 (void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
630 icmp_code);
631 break;
632 }
633 break;
634
635 case ICMP_PARAMPROB:
636 if (icmp_code)
637 (void)snprintf(buf, sizeof(buf),
638 "parameter problem - code %u", icmp_code);
639 else {
640 (void)snprintf(buf, sizeof(buf),
641 "parameter problem - octet %u",
642 GET_U_1(dp->icmp_pptr));
643 }
644 break;
645
646 case ICMP_MASKREPLY:
647 (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
648 GET_BE_U_4(dp->icmp_mask));
649 break;
650
651 case ICMP_TSTAMP:
652 (void)snprintf(buf, sizeof(buf),
653 "time stamp query id %u seq %u",
654 GET_BE_U_2(dp->icmp_id),
655 GET_BE_U_2(dp->icmp_seq));
656 break;
657
658 case ICMP_TSTAMPREPLY:
659 ND_TCHECK_4(dp->icmp_ttime);
660 (void)snprintf(buf, sizeof(buf),
661 "time stamp reply id %u seq %u: org %s",
662 GET_BE_U_2(dp->icmp_id),
663 GET_BE_U_2(dp->icmp_seq),
664 icmp_tstamp_print(GET_BE_U_4(dp->icmp_otime)));
665
666 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
667 icmp_tstamp_print(GET_BE_U_4(dp->icmp_rtime)));
668 (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
669 icmp_tstamp_print(GET_BE_U_4(dp->icmp_ttime)));
670 break;
671
672 default:
673 str = tok2str(icmp2str, "type-#%u", icmp_type);
674 break;
675 }
676 ND_PRINT("ICMP %s, length %u", str, plen);
677 if (ndo->ndo_vflag && !fragmented) { /* don't attempt checksumming if this is a frag */
678 if (ND_TTEST_LEN(bp, plen)) {
679 uint16_t sum;
680
681 vec[0].ptr = (const uint8_t *)(const void *)dp;
682 vec[0].len = plen;
683 sum = in_cksum(vec, 1);
684 if (sum != 0) {
685 uint16_t icmp_sum = GET_BE_U_2(dp->icmp_cksum);
686 ND_PRINT(" (wrong icmp cksum %x (->%x)!)",
687 icmp_sum,
688 in_cksum_shouldbe(icmp_sum, sum));
689 }
690 }
691 }
692
693 /*
694 * print the remnants of the IP packet.
695 * save the snaplength as this may get overridden in the IP printer.
696 */
697 if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
698 const u_char *snapend_save;
699
700 bp += 8;
701 ND_PRINT("\n\t");
702 ip = (const struct ip *)bp;
703 snapend_save = ndo->ndo_snapend;
704 /*
705 * Update the snapend because extensions (MPLS, ...) may be
706 * present after the IP packet. In this case the current
707 * (outer) packet's snapend is not what ip_print() needs to
708 * decode an IP packet nested in the middle of an ICMP payload.
709 *
710 * This prevents that, in ip_print(), for the nested IP packet,
711 * the remaining length < remaining caplen.
712 */
713 ndo->ndo_snapend = ND_MIN(bp + GET_BE_U_2(ip->ip_len),
714 ndo->ndo_snapend);
715 ip_print(ndo, bp, GET_BE_U_2(ip->ip_len));
716 ndo->ndo_snapend = snapend_save;
717 }
718
719 /* ndo_protocol reassignment after ip_print() call */
720 ndo->ndo_protocol = "icmp";
721
722 /*
723 * Attempt to decode multi-part message extensions (rfc4884) only for some ICMP types.
724 */
725 if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MULTIPART_EXT_TYPE(icmp_type)) {
726
727 ND_TCHECK_SIZE(ext_dp);
728
729 /*
730 * Check first if the multi-part extension header shows a non-zero length.
731 * If the length field is not set then silently verify the checksum
732 * to check if an extension header is present. This is expedient,
733 * however not all implementations set the length field proper.
734 */
735 if (GET_U_1(ext_dp->icmp_length) == 0 &&
736 ND_TTEST_LEN(ext_dp->icmp_ext_version_res, plen - ICMP_EXTD_MINLEN)) {
737 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
738 vec[0].len = plen - ICMP_EXTD_MINLEN;
739 if (in_cksum(vec, 1)) {
740 return;
741 }
742 }
743
744 ND_PRINT("\n\tICMP Multi-Part extension v%u",
745 ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)));
746
747 /*
748 * Sanity checking of the header.
749 */
750 if (ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
751 ICMP_MPLS_EXT_VERSION) {
752 ND_PRINT(" packet not supported");
753 return;
754 }
755
756 hlen = plen - ICMP_EXTD_MINLEN;
757 if (ND_TTEST_LEN(ext_dp->icmp_ext_version_res, hlen)) {
758 vec[0].ptr = (const uint8_t *)(const void *)&ext_dp->icmp_ext_version_res;
759 vec[0].len = hlen;
760 ND_PRINT(", checksum 0x%04x (%scorrect), length %u",
761 GET_BE_U_2(ext_dp->icmp_ext_checksum),
762 in_cksum(vec, 1) ? "in" : "",
763 hlen);
764 }
765
766 hlen -= 4; /* subtract common header size */
767 obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
768
769 while (hlen > sizeof(struct icmp_multipart_ext_object_header_t)) {
770
771 icmp_multipart_ext_object_header = (const struct icmp_multipart_ext_object_header_t *)obj_tptr;
772 ND_TCHECK_SIZE(icmp_multipart_ext_object_header);
773 obj_tlen = GET_BE_U_2(icmp_multipart_ext_object_header->length);
774 obj_class_num = GET_U_1(icmp_multipart_ext_object_header->class_num);
775 obj_ctype = GET_U_1(icmp_multipart_ext_object_header->ctype);
776 obj_tptr += sizeof(struct icmp_multipart_ext_object_header_t);
777
778 ND_PRINT("\n\t %s Object (%u), Class-Type: %u, length %u",
779 tok2str(icmp_multipart_ext_obj_values,"unknown",obj_class_num),
780 obj_class_num,
781 obj_ctype,
782 obj_tlen);
783
784 hlen-=sizeof(struct icmp_multipart_ext_object_header_t); /* length field includes tlv header */
785
786 /* infinite loop protection */
787 if ((obj_class_num == 0) ||
788 (obj_tlen < sizeof(struct icmp_multipart_ext_object_header_t))) {
789 return;
790 }
791 obj_tlen-=sizeof(struct icmp_multipart_ext_object_header_t);
792
793 switch (obj_class_num) {
794 case MPLS_STACK_ENTRY_OBJECT_CLASS:
795 switch(obj_ctype) {
796 case 1:
797 raw_label = GET_BE_U_4(obj_tptr);
798 ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
799 if (MPLS_STACK(raw_label))
800 ND_PRINT(", [S]");
801 ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
802 break;
803 default:
804 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
805 }
806 break;
807
808 case INTERFACE_INFORMATION_OBJECT_CLASS:
809 /*
810 Ctype in a INTERFACE_INFORMATION_OBJECT_CLASS object:
811
812 Bit 0 1 2 3 4 5 6 7
813 +-------+-------+-------+-------+-------+-------+-------+-------+
814 | Interface Role| Rsvd1 | Rsvd2 |ifIndex| IPAddr| name | MTU |
815 +-------+-------+-------+-------+-------+-------+-------+-------+
816 */
817 interface_role = (obj_ctype & 0xc0) >> 6;
818 if_index_flag = (obj_ctype & 0x8) >> 3;
819 ipaddr_flag = (obj_ctype & 0x4) >> 2;
820 name_flag = (obj_ctype & 0x2) >> 1;
821 mtu_flag = (obj_ctype & 0x1);
822
823 ND_PRINT("\n\t\t This object describes %s",
824 tok2str(icmp_interface_identification_role_values,
825 "an unknown interface role",interface_role));
826
827 offset = obj_tptr;
828
829 if (if_index_flag) {
830 ND_PRINT("\n\t\t Interface Index: %u", GET_BE_U_4(offset));
831 offset += 4;
832 }
833 if (ipaddr_flag) {
834 ND_PRINT("\n\t\t IP Address sub-object: ");
835 ipaddr_subobj = (const struct icmp_interface_identification_ipaddr_subobject_t *) offset;
836 switch (GET_BE_U_2(ipaddr_subobj->afi)) {
837 case 1:
838 ND_PRINT("%s", GET_IPADDR_STRING(ipaddr_subobj->ip_addr));
839 offset += 4;
840 break;
841 case 2:
842 ND_PRINT("%s", GET_IP6ADDR_STRING(ipaddr_subobj->ip_addr));
843 offset += 16;
844 break;
845 default:
846 ND_PRINT("Unknown Address Family Identifier");
847 return;
848 }
849 offset += 4;
850 }
851 if (name_flag) {
852 uint8_t inft_name_length_field;
853
854 ifname_subobj = (const struct icmp_interface_identification_ifname_subobject_t *) offset;
855 inft_name_length_field = GET_U_1(ifname_subobj->length);
856 ND_PRINT("\n\t\t Interface Name");
857 if (inft_name_length_field % 4 != 0) {
858 ND_PRINT(" [length %u != N x 4]", inft_name_length_field);
859 nd_print_invalid(ndo);
860 offset += inft_name_length_field;
861 break;
862 }
863 if (inft_name_length_field > 64) {
864 ND_PRINT(" [length %u > 64]", inft_name_length_field);
865 nd_print_invalid(ndo);
866 offset += inft_name_length_field;
867 break;
868 }
869 ND_PRINT(", length %u: ", inft_name_length_field);
870 nd_printjnp(ndo, ifname_subobj->if_name,
871 inft_name_length_field - 1);
872 offset += inft_name_length_field;
873 }
874 if (mtu_flag) {
875 ND_PRINT("\n\t\t MTU: %u", GET_BE_U_4(offset));
876 offset += 4;
877 }
878 break;
879
880 default:
881 print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
882 break;
883 }
884 if (hlen < obj_tlen)
885 break;
886 hlen -= obj_tlen;
887 obj_tptr += obj_tlen;
888 }
889 }
890
891 return;
892 trunc:
893 nd_print_trunc(ndo);
894 }
[mirror] the TCPdump network dissector