#include "oui.h"
#include "signature.h"
+static const char tstr[] = " [|isis]";
+
/*
* IS-IS is defined in ISO 10589. Look there for protocol definitions.
*/
uint8_t neighbor_extd_local_circuit_id[4];
};
-static void osi_print_cksum(netdissect_options *, const uint8_t *pptr,
+static int osi_print_cksum(netdissect_options *, const uint8_t *pptr,
uint16_t checksum, int checksum_offset, int length);
static int clnp_print(netdissect_options *, const uint8_t *, u_int);
static void esis_print(netdissect_options *, const uint8_t *, u_int);
#define ISIS_CSNP_HEADER_SIZE (sizeof(struct isis_csnp_header))
#define ISIS_PSNP_HEADER_SIZE (sizeof(struct isis_psnp_header))
-void isoclns_print(netdissect_options *ndo,
- const uint8_t *p, u_int length, u_int caplen)
+void
+isoclns_print(netdissect_options *ndo,
+ const uint8_t *p, u_int length, u_int caplen)
{
if (caplen <= 1) { /* enough bytes on the wire ? */
ND_PRINT((ndo, "|OSI"));
EXTRACT_16BITS(clnp_header->segment_length),
EXTRACT_16BITS(clnp_header->cksum)));
- osi_print_cksum(ndo, optr, EXTRACT_16BITS(clnp_header->cksum), 7,
- clnp_header->length_indicator);
+ if (osi_print_cksum(ndo, optr, EXTRACT_16BITS(clnp_header->cksum), 7,
+ clnp_header->length_indicator) == 0)
+ goto trunc;
ND_PRINT((ndo, "\n\tFlags [%s]",
bittok2str(clnp_flag_values, "none", clnp_flags)));
ND_PRINT((ndo, ", v: %u%s", esis_header->version, esis_header->version == ESIS_VERSION ? "" : "unsupported" ));
ND_PRINT((ndo, ", checksum: 0x%04x", EXTRACT_16BITS(esis_header->cksum)));
- osi_print_cksum(ndo, pptr, EXTRACT_16BITS(esis_header->cksum), 7, li);
+ if (osi_print_cksum(ndo, pptr, EXTRACT_16BITS(esis_header->cksum), 7, li) == 0)
+ goto trunc;
ND_PRINT((ndo, ", holding time: %us, length indicator: %u",
EXTRACT_16BITS(esis_header->holdtime), li));
{
int i;
+ ND_TCHECK(*mcid);
ND_PRINT((ndo, "ID: %d, Name: ", mcid->format_id));
- for(i=0; i<32; i++)
- {
- ND_PRINT((ndo, "%c", mcid->name[i]));
- if(mcid->name[i] == '\0')
- break;
- }
+ if (fn_printzp(ndo, mcid->name, 32, ndo->ndo_snapend))
+ goto trunc;
ND_PRINT((ndo, "\n\t Lvl: %d", EXTRACT_16BITS(mcid->revision_lvl)));
for(i=0;i<16;i++)
ND_PRINT((ndo, "%.2x ", mcid->digest[i]));
+
+trunc:
+ ND_PRINT((ndo, "%s", tstr));
}
static int
const struct isis_subtlv_spb_mcid *subtlv_spb_mcid;
int i;
- while (len > 0)
+ while (len > 2)
{
stlv_type = *(tptr++);
stlv_len = *(tptr++);
if (!ND_TTEST2(*(tptr), stlv_len))
goto trunctlv;
- while (len)
+ while (len >= ISIS_SUBTLV_SPB_BVID_MIN_LEN)
{
if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_BVID_MIN_LEN))
goto trunctlv;
return 0;
trunctlv:
- ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
+ ND_PRINT((ndo, "\n\t\t"));
+ ND_PRINT((ndo, "%s", tstr));
return(1);
}
{
int stlv_type, stlv_len, tmp;
- while (len > 0)
+ while (len > 2)
{
stlv_type = *(tptr++);
stlv_len = *(tptr++);
{
case ISIS_SUBTLV_SPB_INSTANCE:
- if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN))
- goto trunctlv;
+ ND_TCHECK2(*tptr, ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN);
ND_PRINT((ndo, "\n\t CIST Root-ID: %08x", EXTRACT_32BITS(tptr)));
tptr = tptr+4;
while (tmp)
{
- if (!ND_TTEST2(*(tptr), ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN))
- goto trunctlv;
+ ND_TCHECK2(*tptr, ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN);
ND_PRINT((ndo, "\n\t U:%d, M:%d, A:%d, RES:%d",
*(tptr) >> 7, (*(tptr) >> 6) & 0x01,
case ISIS_SUBTLV_SPBM_SI:
- if (!ND_TTEST2(*(tptr), 6))
- goto trunctlv;
+ ND_TCHECK2(*tptr, 8);
ND_PRINT((ndo, "\n\t BMAC: %08x", EXTRACT_32BITS(tptr)));
tptr = tptr+4;
len = len - 8;
stlv_len = stlv_len - 8;
- while (stlv_len)
- {
+ while (stlv_len >= 4) {
+ ND_TCHECK2(*tptr, 4);
ND_PRINT((ndo, "\n\t T: %d, R: %d, RES: %d, ISID: %d",
(EXTRACT_32BITS(tptr) >> 31),
(EXTRACT_32BITS(tptr) >> 30) & 0x01,
}
return 0;
- trunctlv:
- ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
+ trunc:
+ ND_PRINT((ndo, "\n\t\t"));
+ ND_PRINT((ndo, "%s", tstr));
return(1);
}
return(1);
trunctlv:
- ND_PRINT((ndo, "%spacket exceeded snapshot", ident));
+ ND_PRINT((ndo, "%s", ident));
+ ND_PRINT((ndo, "%s", tstr));
return(0);
}
ident, tok2str(isis_ext_is_reach_subtlv_values, "unknown", subt),
subt, subl));
- if (!ND_TTEST2(*tptr,subl))
- goto trunctlv;
+ ND_TCHECK2(*tptr, subl);
switch(subt) {
case ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP:
tptr++;
/* decode BCs until the subTLV ends */
for (te_class = 0; te_class < (subl-1)/4; te_class++) {
+ ND_TCHECK2(*tptr, 4);
bw.i = EXTRACT_32BITS(tptr);
ND_PRINT((ndo, "%s Bandwidth constraint CT%u: %.3f Mbps",
ident,
case GMPLS_PSC2:
case GMPLS_PSC3:
case GMPLS_PSC4:
+ ND_TCHECK2(*tptr, 6);
bw.i = EXTRACT_32BITS(tptr);
ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000));
ND_PRINT((ndo, "%s Interface MTU: %u", ident, EXTRACT_16BITS(tptr + 4)));
break;
case GMPLS_TSC:
+ ND_TCHECK2(*tptr, 8);
bw.i = EXTRACT_32BITS(tptr);
ND_PRINT((ndo, "%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000));
ND_PRINT((ndo, "%s Indication %s", ident,
}
return(1);
-trunctlv:
- ND_PRINT((ndo, "%spacket exceeded snapshot", ident));
+trunc:
return(0);
}
-
/*
* this is the common IS-REACH decoder it is called
* from various EXTD-IS REACH style TLVs (22,24,222)
return(0);
subtlv_type=*(tptr++);
subtlv_len=*(tptr++);
- /* prepend the ident string */
+ /* prepend the indent string */
snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident);
if (!isis_print_is_reach_subtlv(ndo, tptr, subtlv_type, subtlv_len, ident_buffer))
return(0);
return (0);
subtlvtype=*(tptr++);
subtlvlen=*(tptr++);
- /* prepend the ident string */
+ /* prepend the indent string */
snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident);
if (!isis_print_ip_reach_subtlv(ndo, tptr, subtlvtype, subtlvlen, ident_buffer))
return(0);
case ISIS_PDU_L1_LAN_IIH:
case ISIS_PDU_L2_LAN_IIH:
+ ND_TCHECK(*header_iih_lan);
ND_PRINT((ndo, ", src-id %s",
isis_print_id(header_iih_lan->source_id, SYSTEM_ID_LEN)));
ND_PRINT((ndo, ", lan-id %s, prio %u",
header_iih_lan->priority));
break;
case ISIS_PDU_PTP_IIH:
+ ND_TCHECK(*header_iih_ptp);
ND_PRINT((ndo, ", src-id %s", isis_print_id(header_iih_ptp->source_id, SYSTEM_ID_LEN)));
break;
case ISIS_PDU_L1_LSP:
case ISIS_PDU_L2_LSP:
+ ND_TCHECK(*header_lsp);
ND_PRINT((ndo, ", lsp-id %s, seq 0x%08x, lifetime %5us",
isis_print_id(header_lsp->lsp_id, LSP_ID_LEN),
EXTRACT_32BITS(header_lsp->sequence_number),
break;
case ISIS_PDU_L1_CSNP:
case ISIS_PDU_L2_CSNP:
+ ND_TCHECK(*header_csnp);
ND_PRINT((ndo, ", src-id %s", isis_print_id(header_csnp->source_id, NODE_ID_LEN)));
break;
case ISIS_PDU_L1_PSNP:
case ISIS_PDU_L2_PSNP:
+ ND_TCHECK(*header_psnp);
ND_PRINT((ndo, ", src-id %s", isis_print_id(header_psnp->source_id, NODE_ID_LEN)));
break;
return (0);
}
+ ND_TCHECK(*header_iih_lan);
pdu_len=EXTRACT_16BITS(header_iih_lan->pdu_len);
if (packet_len>pdu_len) {
packet_len=pdu_len; /* do TLV decoding as long as it makes sense */
length=pdu_len;
}
- ND_TCHECK(*header_iih_lan);
ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]",
isis_print_id(header_iih_lan->source_id,SYSTEM_ID_LEN),
EXTRACT_16BITS(header_iih_lan->holding_time),
return (0);
}
+ ND_TCHECK(*header_iih_ptp);
pdu_len=EXTRACT_16BITS(header_iih_ptp->pdu_len);
if (packet_len>pdu_len) {
packet_len=pdu_len; /* do TLV decoding as long as it makes sense */
length=pdu_len;
}
- ND_TCHECK(*header_iih_ptp);
ND_PRINT((ndo, "\n\t source-id: %s, holding time: %us, Flags: [%s]",
isis_print_id(header_iih_ptp->source_id,SYSTEM_ID_LEN),
EXTRACT_16BITS(header_iih_ptp->holding_time),
return (0);
}
+ ND_TCHECK(*header_lsp);
pdu_len=EXTRACT_16BITS(header_lsp->pdu_len);
if (packet_len>pdu_len) {
packet_len=pdu_len; /* do TLV decoding as long as it makes sense */
length=pdu_len;
}
- ND_TCHECK(*header_lsp);
ND_PRINT((ndo, "\n\t lsp-id: %s, seq: 0x%08x, lifetime: %5us\n\t chksum: 0x%04x",
isis_print_id(header_lsp->lsp_id, LSP_ID_LEN),
EXTRACT_32BITS(header_lsp->sequence_number),
EXTRACT_16BITS(header_lsp->remaining_lifetime),
EXTRACT_16BITS(header_lsp->checksum)));
-
- osi_print_cksum(ndo, (uint8_t *)header_lsp->lsp_id,
- EXTRACT_16BITS(header_lsp->checksum), 12, length-12);
+ if (osi_print_cksum(ndo, (uint8_t *)header_lsp->lsp_id,
+ EXTRACT_16BITS(header_lsp->checksum),
+ 12, length-12) == 0)
+ goto trunc;
/*
* Clear checksum and lifetime prior to signature verification.
header_lsp->remaining_lifetime[0] = 0;
header_lsp->remaining_lifetime[1] = 0;
-
ND_PRINT((ndo, ", PDU length: %u, Flags: [ %s",
pdu_len,
ISIS_MASK_LSP_OL_BIT(header_lsp->typeblock) ? "Overload bit set, " : ""));
return (0);
}
+ ND_TCHECK(*header_csnp);
pdu_len=EXTRACT_16BITS(header_csnp->pdu_len);
if (packet_len>pdu_len) {
packet_len=pdu_len; /* do TLV decoding as long as it makes sense */
length=pdu_len;
}
- ND_TCHECK(*header_csnp);
ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u",
isis_print_id(header_csnp->source_id, NODE_ID_LEN),
pdu_len));
return (0);
}
+ ND_TCHECK(*header_psnp);
pdu_len=EXTRACT_16BITS(header_psnp->pdu_len);
if (packet_len>pdu_len) {
packet_len=pdu_len; /* do TLV decoding as long as it makes sense */
length=pdu_len;
}
- ND_TCHECK(*header_psnp);
ND_PRINT((ndo, "\n\t source-id: %s, PDU length: %u",
isis_print_id(header_psnp->source_id, NODE_ID_LEN),
pdu_len));
return (1);
}
- if (!ND_TTEST2(*pptr, 2)) {
- ND_PRINT((ndo, "\n\t\t packet exceeded snapshot (%ld) bytes",
- (long)(pptr - ndo->ndo_snapend)));
- return (1);
- }
+ ND_TCHECK2(*pptr, 2);
tlv_type = *pptr++;
tlv_len = *pptr++;
tmp =tlv_len; /* copy temporary len & pointer to packet data */
switch (*tptr) {
case ISIS_SUBTLV_AUTH_SIMPLE:
- for(i=1;i<tlv_len;i++) {
- if (!ND_TTEST2(*(tptr + i), 1))
- goto trunctlv;
- ND_PRINT((ndo, "%c", *(tptr + i)));
- }
+ if (fn_printzp(ndo, tptr + 1, tlv_len - 1, ndo->ndo_snapend))
+ goto trunctlv;
break;
case ISIS_SUBTLV_AUTH_MD5:
for(i=1;i<tlv_len;i++) {
break;
case ISIS_SUBTLV_AUTH_GENERIC:
+ ND_TCHECK2(*(tptr + 1), 2);
key_id = EXTRACT_16BITS((tptr+1));
ND_PRINT((ndo, "%u, password: ", key_id));
for(i=1 + sizeof(uint16_t);i<tlv_len;i++) {
case ISIS_TLV_HOSTNAME:
ND_PRINT((ndo, "\n\t Hostname: "));
- while (tmp>0) {
- if (!ND_TTEST2(*tptr, 1))
- goto trunctlv;
- ND_PRINT((ndo, "%c", *tptr++));
- tmp--;
- }
+ if (fn_printzp(ndo, tptr, tmp, ndo->ndo_snapend))
+ goto trunctlv;
break;
case ISIS_TLV_SHARED_RISK_GROUP:
* to avoid conflicts the checksum TLV is zeroed.
* see rfc3358 for details
*/
- osi_print_cksum(ndo, optr, EXTRACT_16BITS(tptr), tptr-optr, length);
+ if (osi_print_cksum(ndo, optr, EXTRACT_16BITS(tptr), tptr-optr,
+ length) == 0)
+ goto trunc;
break;
case ISIS_TLV_POI:
return (1);
trunc:
- ND_PRINT((ndo, "[|isis]"));
+ ND_PRINT((ndo, "%s", tstr));
return (1);
trunctlv:
- ND_PRINT((ndo, "\n\t\t packet exceeded snapshot"));
+ ND_PRINT((ndo, "\n\t\t"));
+ ND_PRINT((ndo, "%s", tstr));
return(1);
}
-static void
+static int
osi_print_cksum(netdissect_options *ndo, const uint8_t *pptr,
uint16_t checksum, int checksum_offset, int length)
{
|| checksum_offset > ndo->ndo_snaplen
|| checksum_offset > length) {
ND_PRINT((ndo, " (unverified)"));
+ return 1;
} else {
- const char *truncated = "trunc";
#if 0
printf("\nosi_print_cksum: %p %u %u %u\n", pptr, checksum_offset, length, ndo->ndo_snaplen);
- ND_TCHECK2(pptr, checksum_offset+length);
#endif
+ ND_TCHECK2(*pptr, length);
calculated_checksum = create_osi_cksum(pptr, checksum_offset, length);
if (checksum == calculated_checksum) {
ND_PRINT((ndo, " (correct)"));
} else {
- truncated = "incorrect";
-#if 0
- trunc:
-#endif
- ND_PRINT((ndo, " (%s should be 0x%04x)", truncated, calculated_checksum));
+ ND_PRINT((ndo, " (incorrect should be 0x%04x)", calculated_checksum));
}
+ return 1;
}
+trunc:
+ return 0;
}
/*
projects / tcpdump / blobdiff