]> The Tcpdump Group git mirrors - tcpdump/blob - print-sl.c
projects / tcpdump / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SLIP: Add some bounds checks
[tcpdump] / print-sl.c
1 /*
2 * Copyright (c) 1989, 1990, 1991, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 /* \summary: Compressed Serial Line Internet Protocol printer */
23
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
27
28 #include "netdissect-stdinc.h"
29
30 #include "netdissect.h"
31 #include "extract.h"
32
33 #include "ip.h"
34 #include "tcp.h"
35 #include "slcompress.h"
36
37 /*
38 * definitions of the pseudo- link-level header attached to slip
39 * packets grabbed by the packet filter (bpf) traffic monitor.
40 */
41 #define SLIP_HDRLEN 16
42
43 #define SLX_DIR 0
44 #define SLX_CHDR 1
45 #define CHDR_LEN 15
46
47 #define SLIPDIR_IN 0
48 #define SLIPDIR_OUT 1
49
50
51 static u_int lastlen[2][256];
52 static u_int lastconn = 255;
53
54 static int sliplink_print(netdissect_options *, const u_char *, const struct ip *, u_int);
55 static int compressed_sl_print(netdissect_options *, const u_char *, const struct ip *, u_int, int);
56
57 u_int
58 sl_if_print(netdissect_options *ndo,
59 const struct pcap_pkthdr *h, const u_char *p)
60 {
61 u_int caplen = h->caplen;
62 u_int length = h->len;
63 const struct ip *ip;
64
65 ndo->ndo_protocol = "sl_if";
66 if (caplen < SLIP_HDRLEN) {
67 nd_print_trunc(ndo);
68 return (caplen);
69 }
70
71 caplen -= SLIP_HDRLEN;
72 length -= SLIP_HDRLEN;
73
74 ip = (const struct ip *)(p + SLIP_HDRLEN);
75
76 if (ndo->ndo_eflag)
77 if (sliplink_print(ndo, p, ip, length) == -1) {
78 nd_print_trunc(ndo);
79 return (caplen + SLIP_HDRLEN);
80 }
81
82 if (caplen < 1) {
83 nd_print_trunc(ndo);
84 return (caplen + SLIP_HDRLEN);
85 }
86
87 switch (IP_V(ip)) {
88 case 4:
89 ip_print(ndo, (const u_char *)ip, length);
90 break;
91 case 6:
92 ip6_print(ndo, (const u_char *)ip, length);
93 break;
94 default:
95 ND_PRINT("ip v%u", IP_V(ip));
96 }
97
98 return (SLIP_HDRLEN);
99 }
100
101 u_int
102 sl_bsdos_if_print(netdissect_options *ndo,
103 const struct pcap_pkthdr *h, const u_char *p)
104 {
105 u_int caplen = h->caplen;
106 u_int length = h->len;
107 const struct ip *ip;
108
109 ndo->ndo_protocol = "sl_bsdos_if";
110 if (caplen < SLIP_HDRLEN) {
111 nd_print_trunc(ndo);
112 return (caplen);
113 }
114
115 length -= SLIP_HDRLEN;
116
117 ip = (const struct ip *)(p + SLIP_HDRLEN);
118
119 #ifdef notdef
120 if (ndo->ndo_eflag)
121 sliplink_print(ndo, p, ip, length);
122 #endif
123
124 ip_print(ndo, (const u_char *)ip, length);
125
126 return (SLIP_HDRLEN);
127 }
128
129 static int
130 sliplink_print(netdissect_options *ndo,
131 const u_char *p, const struct ip *ip,
132 u_int length)
133 {
134 int dir;
135 u_int hlen;
136
137 dir = EXTRACT_U_1(p + SLX_DIR);
138 switch (dir) {
139
140 case SLIPDIR_IN:
141 ND_PRINT("I ");
142 break;
143
144 case SLIPDIR_OUT:
145 ND_PRINT("O ");
146 break;
147
148 default:
149 ND_PRINT("Invalid direction %d ", dir);
150 dir = -1;
151 break;
152 }
153 if (ndo->ndo_nflag) {
154 /* XXX just dump the header */
155 int i;
156
157 for (i = SLX_CHDR; i < SLX_CHDR + CHDR_LEN - 1; ++i)
158 ND_PRINT("%02x.", EXTRACT_U_1(p + i));
159 ND_PRINT("%02x: ", EXTRACT_U_1(p + SLX_CHDR + CHDR_LEN - 1));
160 return 0;
161 }
162 switch (EXTRACT_U_1(p + SLX_CHDR) & 0xf0) {
163
164 case TYPE_IP:
165 ND_PRINT("ip %u: ", length + SLIP_HDRLEN);
166 break;
167
168 case TYPE_UNCOMPRESSED_TCP:
169 /*
170 * The connection id is stored in the IP protocol field.
171 * Get it from the link layer since sl_uncompress_tcp()
172 * has restored the IP header copy to IPPROTO_TCP.
173 */
174 lastconn = EXTRACT_U_1(((const struct ip *)(p + SLX_CHDR))->ip_p);
175 ND_PRINT("utcp %u: ", lastconn);
176 if (dir == -1) {
177 /* Direction is bogus, don't use it */
178 return 0;
179 }
180 ND_TCHECK_SIZE(ip);
181 hlen = IP_HL(ip);
182 ND_TCHECK_SIZE((const struct tcphdr *)&((const int *)ip)[hlen]);
183 hlen += TH_OFF((const struct tcphdr *)&((const int *)ip)[hlen]);
184 lastlen[dir][lastconn] = length - (hlen << 2);
185 break;
186
187 default:
188 if (dir == -1) {
189 /* Direction is bogus, don't use it */
190 return 0;
191 }
192 if (EXTRACT_U_1(p + SLX_CHDR) & TYPE_COMPRESSED_TCP) {
193 if (compressed_sl_print(ndo, p + SLX_CHDR, ip,
194 length, dir) == -1)
195 goto trunc;
196 ND_PRINT(": ");
197 } else
198 ND_PRINT("slip-%u!: ", EXTRACT_U_1(p + SLX_CHDR));
199 }
200 return 0;
201 trunc:
202 return -1;
203 }
204
205 static const u_char *
206 print_sl_change(netdissect_options *ndo,
207 const char *str, const u_char *cp)
208 {
209 u_int i;
210
211 if ((i = EXTRACT_U_1(cp)) == 0) {
212 cp++;
213 i = EXTRACT_BE_U_2(cp);
214 cp += 2;
215 }
216 ND_PRINT(" %s%u", str, i);
217 return (cp);
218 }
219
220 static const u_char *
221 print_sl_winchange(netdissect_options *ndo,
222 const u_char *cp)
223 {
224 int16_t i;
225
226 if ((i = EXTRACT_U_1(cp)) == 0) {
227 cp++;
228 i = EXTRACT_BE_S_2(cp);
229 cp += 2;
230 }
231 if (i >= 0)
232 ND_PRINT(" W+%d", i);
233 else
234 ND_PRINT(" W%d", i);
235 return (cp);
236 }
237
238 static int
239 compressed_sl_print(netdissect_options *ndo,
240 const u_char *chdr, const struct ip *ip,
241 u_int length, int dir)
242 {
243 const u_char *cp = chdr;
244 u_int flags, hlen;
245
246 flags = EXTRACT_U_1(cp);
247 cp++;
248 if (flags & NEW_C) {
249 lastconn = EXTRACT_U_1(cp);
250 cp++;
251 ND_PRINT("ctcp %u", lastconn);
252 } else
253 ND_PRINT("ctcp *");
254
255 /* skip tcp checksum */
256 cp += 2;
257
258 switch (flags & SPECIALS_MASK) {
259 case SPECIAL_I:
260 ND_PRINT(" *SA+%u", lastlen[dir][lastconn]);
261 break;
262
263 case SPECIAL_D:
264 ND_PRINT(" *S+%u", lastlen[dir][lastconn]);
265 break;
266
267 default:
268 if (flags & NEW_U)
269 cp = print_sl_change(ndo, "U=", cp);
270 if (flags & NEW_W)
271 cp = print_sl_winchange(ndo, cp);
272 if (flags & NEW_A)
273 cp = print_sl_change(ndo, "A+", cp);
274 if (flags & NEW_S)
275 cp = print_sl_change(ndo, "S+", cp);
276 break;
277 }
278 if (flags & NEW_I)
279 cp = print_sl_change(ndo, "I+", cp);
280
281 /*
282 * 'hlen' is the length of the uncompressed TCP/IP header (in words).
283 * 'cp - chdr' is the length of the compressed header.
284 * 'length - hlen' is the amount of data in the packet.
285 */
286 ND_TCHECK_SIZE(ip);
287 hlen = IP_HL(ip);
288 ND_TCHECK_SIZE((const struct tcphdr *)&((const int32_t *)ip)[hlen]);
289 hlen += TH_OFF((const struct tcphdr *)&((const int32_t *)ip)[hlen]);
290 lastlen[dir][lastconn] = length - (hlen << 2);
291 ND_PRINT(" %u (%ld)", lastlen[dir][lastconn], (long)(cp - chdr));
292 return 0;
293 trunc:
294 return -1;
295 }
[mirror] the TCPdump network dissector