* LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE.
*
- * support for the Cisco prop. VQP Protocol
- *
*/
-#define NETDISSECT_REWORKED
+/* \summary: Cisco VLAN Query Protocol (VQP) printer */
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
-#include "interface.h"
+#include "netdissect.h"
#include "extract.h"
#include "addrtoname.h"
+#include "ether.h"
#define VQP_VERSION 1
#define VQP_EXTRACT_VERSION(x) ((x)&0xFF)
*/
struct vqp_common_header_t {
- u_int8_t version;
- u_int8_t msg_type;
- u_int8_t error_code;
- u_int8_t nitems;
- u_int8_t sequence[4];
+ uint8_t version;
+ uint8_t msg_type;
+ uint8_t error_code;
+ uint8_t nitems;
+ uint8_t sequence[4];
};
struct vqp_obj_tlv_t {
- u_int8_t obj_type[4];
- u_int8_t obj_length[2];
+ uint8_t obj_type[4];
+ uint8_t obj_length[2];
};
#define VQP_OBJ_REQ_JOIN_PORT 0x01
const struct vqp_obj_tlv_t *vqp_obj_tlv;
const u_char *tptr;
- u_int16_t vqp_obj_len;
- u_int32_t vqp_obj_type;
- int tlen;
- u_int8_t nitems;
+ uint16_t vqp_obj_len;
+ uint32_t vqp_obj_type;
+ u_int tlen;
+ uint8_t nitems;
tptr=pptr;
tlen = len;
vqp_common_header = (const struct vqp_common_header_t *)pptr;
ND_TCHECK(*vqp_common_header);
+ if (sizeof(struct vqp_common_header_t) > tlen)
+ goto trunc;
/*
* Sanity checking of the header.
tok2str(vqp_msg_type_values, "unknown (%u)",vqp_common_header->msg_type),
tok2str(vqp_error_code_values, "unknown (%u)",vqp_common_header->error_code),
vqp_common_header->error_code,
- EXTRACT_32BITS(&vqp_common_header->sequence),
+ EXTRACT_BE_U_4(&vqp_common_header->sequence),
nitems,
len));
/* skip VQP Common header */
- tptr+=sizeof(const struct vqp_common_header_t);
- tlen-=sizeof(const struct vqp_common_header_t);
+ tptr+=sizeof(struct vqp_common_header_t);
+ tlen-=sizeof(struct vqp_common_header_t);
while (nitems > 0 && tlen > 0) {
vqp_obj_tlv = (const struct vqp_obj_tlv_t *)tptr;
- vqp_obj_type = EXTRACT_32BITS(vqp_obj_tlv->obj_type);
- vqp_obj_len = EXTRACT_16BITS(vqp_obj_tlv->obj_length);
+ ND_TCHECK(*vqp_obj_tlv);
+ if (sizeof(struct vqp_obj_tlv_t) > tlen)
+ goto trunc;
+ vqp_obj_type = EXTRACT_BE_U_4(vqp_obj_tlv->obj_type);
+ vqp_obj_len = EXTRACT_BE_U_2(vqp_obj_tlv->obj_length);
tptr+=sizeof(struct vqp_obj_tlv_t);
tlen-=sizeof(struct vqp_obj_tlv_t);
}
/* did we capture enough for fully decoding the object ? */
- if (!ND_TTEST2(*tptr, vqp_obj_len))
+ ND_TCHECK2(*tptr, vqp_obj_len);
+ if (vqp_obj_len > tlen)
goto trunc;
switch(vqp_obj_type) {
case VQP_OBJ_IP_ADDRESS:
- ND_PRINT((ndo, "%s (0x%08x)", ipaddr_string(tptr), EXTRACT_32BITS(tptr)));
+ if (vqp_obj_len != 4)
+ goto trunc;
+ ND_PRINT((ndo, "%s (0x%08x)", ipaddr_string(ndo, tptr), EXTRACT_BE_U_4(tptr)));
break;
/* those objects have similar semantics - fall through */
case VQP_OBJ_PORT_NAME:
case VQP_OBJ_VLAN_NAME:
case VQP_OBJ_VTP_DOMAIN:
case VQP_OBJ_ETHERNET_PKT:
- safeputs((const char *)tptr, vqp_obj_len);
+ safeputs(ndo, tptr, vqp_obj_len);
break;
/* those objects have similar semantics - fall through */
case VQP_OBJ_MAC_ADDRESS:
case VQP_OBJ_MAC_NULL:
- ND_PRINT((ndo, "%s", etheraddr_string(tptr)));
+ if (vqp_obj_len != ETHER_ADDR_LEN)
+ goto trunc;
+ ND_PRINT((ndo, "%s", etheraddr_string(ndo, tptr)));
break;
default:
if (ndo->ndo_vflag <= 1)
projects / tcpdump / blobdiff