Handle very large -f files by rejecting them.

[tcpdump] / print-dhcp6.c
diff --git a/print-dhcp6.c b/print-dhcp6.c

index ff55917a0db656436567a1473b0da3b71ec39883..cbb6d84a0588b8204f1c930a089136925e46197f 100644 (file)
--- a/print-dhcp6.c
+++ b/print-dhcp6.c
@@ -26,6 +26,9 @@
   * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   */
+
+/* \summary: IPv6 DHCP printer */
+
  /*
   * RFC3315: DHCPv6
   * supported DHCPv6 options:
@@ -44,12 +47,12 @@
  #include "config.h"
  #endif
  
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
  
  #include <stdio.h>
  #include <string.h>
  
-#include "interface.h"
+#include "netdissect.h"
  #include "addrtoname.h"
  #include "extract.h"
  
@@ -102,8 +105,8 @@ static const struct tok dh6_msgtype_str[] = {
  /* DHCP6 base packet format */
  struct dhcp6 {
         union {
-               uint8_t m;
-               uint32_t x;
+               nd_uint8_t m;
+               nd_uint32_t x;
         } dh6_msgtypexid;
         /* options follow */
  };
@@ -113,10 +116,10 @@ struct dhcp6 {
  
  /* DHCPv6 relay messages */
  struct dhcp6_relay {
-       uint8_t dh6relay_msgtype;
-       uint8_t dh6relay_hcnt;
-       uint8_t dh6relay_linkaddr[16];  /* XXX: badly aligned */
-       uint8_t dh6relay_peeraddr[16];
+       nd_uint8_t dh6relay_msgtype;
+       nd_uint8_t dh6relay_hcnt;
+       nd_uint8_t dh6relay_linkaddr[16];       /* XXX: badly aligned */
+       nd_uint8_t dh6relay_peeraddr[16];
         /* options follow */
  };
  
@@ -191,6 +194,7 @@ struct dhcp6_relay {
  #  define DH6OPT_NTP_SUBOPTION_MC_ADDR 2
  #  define DH6OPT_NTP_SUBOPTION_SRV_FQDN 3
  #define DH6OPT_AFTR_NAME 64
+#define DH6OPT_MUDURL 112
  
  static const struct tok dh6opt_str[] = {
         { DH6OPT_CLIENTID,           "client-ID"            },
@@ -241,27 +245,28 @@ static const struct tok dh6opt_str[] = {
         { DH6OPT_LQ_CLIENT_LINK,     "LQ-client-link"       },
         { DH6OPT_NTP_SERVER,         "NTP-server"           },
         { DH6OPT_AFTR_NAME,          "AFTR-Name"            },
+       { DH6OPT_MUDURL,             "MUD-URL"              },
         { 0, NULL }
  };
  
  static const struct tok dh6opt_stcode_str[] = {
-       { DH6OPT_STCODE_SUCCESS,          "success"            },
-       { DH6OPT_STCODE_UNSPECFAIL,       "unspec failure"     },
-       { DH6OPT_STCODE_NOADDRAVAIL,      "no addresses"       },
-       { DH6OPT_STCODE_NOBINDING,        "no binding"         },
-       { DH6OPT_STCODE_NOTONLINK,        "not on-link"        },
-       { DH6OPT_STCODE_USEMULTICAST,     "use multicast"      },
-       { DH6OPT_STCODE_NOPREFIXAVAIL,    "no prefixes"        },
-       { DH6OPT_STCODE_UNKNOWNQUERYTYPE, "unknown query type" },
-       { DH6OPT_STCODE_MALFORMEDQUERY,   "malformed query"    },
-       { DH6OPT_STCODE_NOTCONFIGURED,    "not configured"     },
-       { DH6OPT_STCODE_NOTALLOWED,       "not allowed"        },
+       { DH6OPT_STCODE_SUCCESS,          "Success"          }, /* RFC3315 */
+       { DH6OPT_STCODE_UNSPECFAIL,       "UnspecFail"       }, /* RFC3315 */
+       { DH6OPT_STCODE_NOADDRAVAIL,      "NoAddrsAvail"     }, /* RFC3315 */
+       { DH6OPT_STCODE_NOBINDING,        "NoBinding"        }, /* RFC3315 */
+       { DH6OPT_STCODE_NOTONLINK,        "NotOnLink"        }, /* RFC3315 */
+       { DH6OPT_STCODE_USEMULTICAST,     "UseMulticast"     }, /* RFC3315 */
+       { DH6OPT_STCODE_NOPREFIXAVAIL,    "NoPrefixAvail"    }, /* RFC3633 */
+       { DH6OPT_STCODE_UNKNOWNQUERYTYPE, "UnknownQueryType" }, /* RFC5007 */
+       { DH6OPT_STCODE_MALFORMEDQUERY,   "MalformedQuery"   }, /* RFC5007 */
+       { DH6OPT_STCODE_NOTCONFIGURED,    "NotConfigured"    }, /* RFC5007 */
+       { DH6OPT_STCODE_NOTALLOWED,       "NotAllowed"       }, /* RFC5007 */
         { 0, NULL }
  };
  
  struct dhcp6opt {
-       uint16_t dh6opt_type;
-       uint16_t dh6opt_len;
+       nd_uint16_t dh6opt_type;
+       nd_uint16_t dh6opt_len;
         /* type-dependent data follows */
  };
  
@@ -292,13 +297,14 @@ dhcp6opt_print(netdissect_options *ndo,
         while (cp < ep) {
                 if (ep < cp + sizeof(*dh6o))
                         goto trunc;
-               dh6o = (struct dhcp6opt *)cp;
+               dh6o = (const struct dhcp6opt *)cp;
                 ND_TCHECK(*dh6o);
                 optlen = EXTRACT_16BITS(&dh6o->dh6opt_len);
                 if (ep < cp + sizeof(*dh6o) + optlen)
                         goto trunc;
                 opttype = EXTRACT_16BITS(&dh6o->dh6opt_type);
                 ND_PRINT((ndo, " (%s", tok2str(dh6opt_str, "opt_%u", opttype)));
+               ND_TCHECK2(*(cp + sizeof(*dh6o)), optlen);
                 switch (opttype) {
                 case DH6OPT_CLIENTID:
                 case DH6OPT_SERVERID:
@@ -307,7 +313,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         switch (EXTRACT_16BITS(tp)) {
                         case 1:
                                 if (optlen >= 2 + 6) {
@@ -359,7 +365,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[0])));
                         ND_PRINT((ndo, " pltime:%u vltime:%u",
                             EXTRACT_32BITS(&tp[16]),
@@ -376,7 +382,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         for (i = 0; i < optlen; i += 2) {
                                 ND_PRINT((ndo, " %s",
                                     tok2str(dh6opt_str, "opt_%u", EXTRACT_16BITS(&tp[i]))));
@@ -388,7 +394,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %d)", *tp));
                         break;
                 case DH6OPT_ELAPSED_TIME:
@@ -396,12 +402,12 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %d)", EXTRACT_16BITS(tp)));
                         break;
                 case DH6OPT_RELAY_MSG:
                         ND_PRINT((ndo, " ("));
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         dhcp6_print(ndo, tp, optlen);
                         ND_PRINT((ndo, ")"));
                         break;
@@ -410,7 +416,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         auth_proto = *tp;
                         switch (auth_proto) {
                         case DH6OPT_AUTHPROTO_DELAYED:
@@ -505,14 +511,18 @@ dhcp6opt_print(netdissect_options *ndo,
                          * Since we cannot predict the encoding, print hex dump
                          * at most 10 characters.
                          */
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " "));
                         for (i = 0; i < optlen && i < 10; i++)
                                 ND_PRINT((ndo, "%02x", tp[i]));
                         ND_PRINT((ndo, "...)"));
                         break;
                 case DH6OPT_RECONF_MSG:
-                       tp = (u_char *)(dh6o + 1);
+                       if (optlen != 1) {
+                               ND_PRINT((ndo, " ?)"));
+                               break;
+                       }
+                       tp = (const u_char *)(dh6o + 1);
                         switch (*tp) {
                         case DH6_RENEW:
                                 ND_PRINT((ndo, " for renew)"));
@@ -540,14 +550,14 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         for (i = 0; i < optlen; i += 16)
                                 ND_PRINT((ndo, " %s", ip6addr_string(ndo, &tp[i])));
                         ND_PRINT((ndo, ")"));
                         break;
                 case DH6OPT_SIP_SERVER_D:
                 case DH6OPT_DOMAIN_LIST:
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         while (tp < cp + sizeof(*dh6o) + optlen) {
                                 ND_PRINT((ndo, " "));
                                 if ((tp = ns_nprint(ndo, tp, cp + sizeof(*dh6o) + optlen)) == NULL)
@@ -560,7 +570,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %s)", dhcp6stcode(EXTRACT_16BITS(&tp[0]))));
                         break;
                 case DH6OPT_IA_NA:
@@ -569,7 +579,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " IAID:%u T1:%u T2:%u",
                             EXTRACT_32BITS(&tp[0]),
                             EXTRACT_32BITS(&tp[4]),
@@ -585,7 +595,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " IAID:%u", EXTRACT_32BITS(tp)));
                         if (optlen > 4) {
                                 /* there are sub-options */
@@ -598,7 +608,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %s/%d", ip6addr_string(ndo, &tp[9]), tp[8]));
                         ND_PRINT((ndo, " pltime:%u vltime:%u",
                             EXTRACT_32BITS(&tp[0]),
@@ -615,7 +625,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %d)", EXTRACT_32BITS(tp)));
                         break;
                 case DH6OPT_REMOTE_ID:
@@ -623,7 +633,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %d ", EXTRACT_32BITS(tp)));
                         /*
                          * Print hex dump first 10 characters.
@@ -637,7 +647,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         switch (*tp) {
                         case 1:
                                 ND_PRINT((ndo, " by-address"));
@@ -657,7 +667,7 @@ dhcp6opt_print(netdissect_options *ndo,
                         ND_PRINT((ndo, ")"));
                         break;
                 case DH6OPT_CLIENT_DATA:
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         if (optlen > 0) {
                                 /* there are encapsulated options */
                                 dhcp6opt_print(ndo, tp, tp + optlen);
@@ -669,7 +679,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         ND_PRINT((ndo, " %s ", ip6addr_string(ndo, &tp[0])));
                         /*
                          * Print hex dump first 10 characters.
@@ -683,7 +693,7 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         while (tp < cp + sizeof(*dh6o) + optlen - 4) {
                                 subopt_code = EXTRACT_16BITS(tp);
                                 tp += 2;
@@ -719,14 +729,14 @@ dhcp6opt_print(netdissect_options *ndo,
                                 ND_PRINT((ndo, " ?)"));
                                 break;
                         }
-                       tp = (u_char *)(dh6o + 1);
+                       tp = (const u_char *)(dh6o + 1);
                         remain_len = optlen;
                         ND_PRINT((ndo, " "));
                         /* Encoding is described in section 3.1 of RFC 1035 */
                         while (remain_len && *tp) {
                                 label_len =  *tp++;
                                 if (label_len < remain_len - 1) {
-                                       ND_PRINT((ndo, "%.*s", label_len, tp));
+                                       (void)fn_printn(ndo, tp, label_len, NULL);
                                         tp += label_len;
                                         remain_len -= (label_len + 1);
                                         if(*tp) ND_PRINT((ndo, "."));
@@ -737,6 +747,19 @@ dhcp6opt_print(netdissect_options *ndo,
                         }
                         ND_PRINT((ndo, ")"));
                         break;
+               case DH6OPT_NEW_POSIX_TIMEZONE: /* all three of these options */
+               case DH6OPT_NEW_TZDB_TIMEZONE:  /* are encoded similarly */
+               case DH6OPT_MUDURL:             /* although GMT might not work */
+                       if (optlen < 5) {
+                               ND_PRINT((ndo, " ?)"));
+                               break;
+                       }
+                       tp = (const u_char *)(dh6o + 1);
+                       ND_PRINT((ndo, "="));
+                       (void)fn_printn(ndo, tp, (u_int)optlen, NULL);
+                       ND_PRINT((ndo, ")"));
+                       break;
+
                 default:
                         ND_PRINT((ndo, ")"));
                         break;
@@ -757,20 +780,20 @@ void
  dhcp6_print(netdissect_options *ndo,
              const u_char *cp, u_int length)
  {
-       struct dhcp6 *dh6;
-       struct dhcp6_relay *dh6relay;
+       const struct dhcp6 *dh6;
+       const struct dhcp6_relay *dh6relay;
         const u_char *ep;
-       u_char *extp;
+       const u_char *extp;
         const char *name;
  
         ND_PRINT((ndo, "dhcp6"));
  
-       ep = (u_char *)ndo->ndo_snapend;
+       ep = (const u_char *)ndo->ndo_snapend;
         if (cp + length < ep)
                 ep = cp + length;
  
-       dh6 = (struct dhcp6 *)cp;
-       dh6relay = (struct dhcp6_relay *)cp;
+       dh6 = (const struct dhcp6 *)cp;
+       dh6relay = (const struct dhcp6_relay *)cp;
         ND_TCHECK(dh6->dh6_xid);
         name = tok2str(dh6_msgtype_str, "msgtype-%u", dh6->dh6_msgtype);
  
@@ -785,7 +808,7 @@ dhcp6_print(netdissect_options *ndo,
         if (dh6->dh6_msgtype != DH6_RELAY_FORW &&
             dh6->dh6_msgtype != DH6_RELAY_REPLY) {
                 ND_PRINT((ndo, "xid=%x", EXTRACT_32BITS(&dh6->dh6_xid) & DH6_XIDMASK));
-               extp = (u_char *)(dh6 + 1);
+               extp = (const u_char *)(dh6 + 1);
                 dhcp6opt_print(ndo, extp, ep);
         } else {                /* relay messages */
                 struct in6_addr addr6;
@@ -798,7 +821,7 @@ dhcp6_print(netdissect_options *ndo,
                 memcpy(&addr6, dh6relay->dh6relay_peeraddr, sizeof (addr6));
                 ND_PRINT((ndo, " peeraddr=%s", ip6addr_string(ndo, &addr6)));
  
-               dhcp6opt_print(ndo, (u_char *)(dh6relay + 1), ep);
+               dhcp6opt_print(ndo, (const u_char *)(dh6relay + 1), ep);
         }
         /*(*/
         ND_PRINT((ndo, ")"));