CVE-2016-7931/Add bounds and length checks.

[tcpdump] / util-print.c

diff --git a/util-print.c b/util-print.c
index b481e9e6d8d6396325038793157dcd5aafdf9ab6..113f784660c8652d8da5bcddc8a347d617904a8a 100644 (file)
--- a/util-print.c
+++ b/util-print.c
@@ -57,6 +57,8 @@
 #include "timeval-operations.h"
 
 int32_t thiszone;              /* seconds offset from gmt to local time */
+/* invalid string to print '(invalid)' for malformed or corrupted packets */
+const char istr[] = " (invalid)";
 
 /*
  * timestamp display buffer size, the biggest size of both formats is needed
@@ -66,6 +68,23 @@ int32_t thiszone;            /* seconds offset from gmt to local time */
 
 #define TOKBUFSIZE 128
 
+/*
+ * Print out a character, filtering out the non-printable ones
+ */
+void
+fn_print_char(netdissect_options *ndo, u_char c)
+{
+       if (!ND_ISASCII(c)) {
+               c = ND_TOASCII(c);
+               ND_PRINT((ndo, "M-"));
+       }
+       if (!ND_ISPRINT(c)) {
+               c ^= 0x40;      /* DEL to ?, others to alpha */
+               ND_PRINT((ndo, "^"));
+       }
+       ND_PRINT((ndo, "%c", c));
+}
+
 /*
  * Print out a null-terminated filename (or other ascii string).
  * If ep is NULL, assume no truncation check is needed.
@@ -525,7 +544,6 @@ mask2plen(uint32_t mask)
        return (prefix_len);
 }
 
-#ifdef INET6
 int
 mask62plen(const u_char *mask)
 {
@@ -552,7 +570,6 @@ mask62plen(const u_char *mask)
        }
        return (cidr_len);
 }
-#endif /* INET6 */
 
 /*
  * Routine to print out information for text-based protocols such as FTP,
@@ -766,7 +783,7 @@ txtproto_print(netdissect_options *ndo, const u_char *pptr, u_int len,
 
        /* Capitalize the protocol name */
        for (pnp = protoname; *pnp != '\0'; pnp++)
-               ND_PRINT((ndo, "%c", toupper(*pnp)));
+               ND_PRINT((ndo, "%c", toupper((u_char)*pnp)));
 
        if (is_reqresp) {
                /*