When checking for pcap_if_t, add $V_INCLS to CFLAGS, so we look at the

[tcpdump] / print-l2tp.c

diff --git a/print-l2tp.c b/print-l2tp.c
index b8087fcd98fc4eb83ca32bab462586f6ea09e265..7546a860621f00552419544bc3617085cff1b64e 100644 (file)
--- a/print-l2tp.c
+++ b/print-l2tp.c
@@ -22,8 +22,8 @@
  */
 
 #ifndef lint
-static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-l2tp.c,v 1.13 2002-08-01 08:53:15 risso Exp $";
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/print-l2tp.c,v 1.17 2003-12-26 23:20:58 guy Exp $";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -244,7 +244,7 @@ static char *l2tp_error_code_general[] = {
 static void
 print_string(const u_char *dat, u_int length)
 {
-       int i;
+       u_int i;
        for (i=0; i<length; i++) {
                printf("%c", *dat++);
        }
@@ -253,7 +253,7 @@ print_string(const u_char *dat, u_int length)
 static void
 print_octets(const u_char *dat, u_int length)
 {
-       int i;
+       u_int i;
        for (i=0; i<length; i++) {
                printf("%02x", *dat++);
        }
@@ -474,8 +474,17 @@ l2tp_avp_print(const u_char *dat, int length)
        TCHECK(*ptr);   /* Flags & Length */
        len = EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_LEN_MASK;
 
-       /* If it is not long enough to decode the entire AVP, we'll
-          abandon. */
+       /* If it is not long enough to contain the header, we'll give up. */
+       if (len < 6)
+               goto trunc;
+
+       /* If it goes past the end of the remaining length of the packet,
+          we'll give up. */
+       if (len > (u_int)length)
+               goto trunc;
+
+       /* If it goes past the end of the remaining length of the captured
+          data, we'll give up. */
        TCHECK2(*ptr, len);
        /* After this point, no need to worry about truncation */