]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-snmp.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use more the EXTRACT_U_1() macro (40/n)
[tcpdump] / print-snmp.c
diff --git a/print-snmp.c b/print-snmp.c
index f348cd3bf08efd5d50ea6a815732eb7e705c5238..fdb3499dc65e6ffb33060123eff82a63fb9f0de0 100644 (file)
--- a/print-snmp.c
+++ b/print-snmp.c
@@ -56,11 +56,13 @@
  #     @(#)snmp.awk.x  1.1 (LANL) 1/15/90
  */
 
+/* \summary: Simple Network Management Protocol (SNMP) printer */
+
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
 
 #include <stdio.h>
 #include <string.h>
@@ -69,7 +71,8 @@
 #include <smi.h>
 #endif
 
-#include "interface.h"
+#include "netdissect.h"
+#include "extract.h"
 
 #undef OPAQUE  /* defined in <wingdi.h> */
 
@@ -252,7 +255,7 @@ static const char *Form[] = {
  * A structure for the OID tree for the compiled-in MIB.
  * This is stored as a general-order tree.
  */
-struct obj {
+static struct obj {
        const char      *desc;          /* name of object */
        u_char  oid;                    /* sub-id following parent */
        u_char  type;                   /* object type (unused) */
@@ -274,28 +277,46 @@ struct obj {
  * Currently, this includes the prefixes for the Internet MIB, the
  * private enterprises tree, and the experimental tree.
  */
+#define OID_FIRST_OCTET(x, y)  (((x)*40) + (y))        /* X.690 8.19.4 */
+
+#ifndef NO_ABREV_MIB
+static const uint8_t mib_oid[] = { OID_FIRST_OCTET(1, 3), 6, 1, 2, 1 };
+#endif
+#ifndef NO_ABREV_ENTER
+static const uint8_t enterprises_oid[] = { OID_FIRST_OCTET(1, 3), 6, 1, 4, 1 };
+#endif
+#ifndef NO_ABREV_EXPERI
+static const uint8_t experimental_oid[] = { OID_FIRST_OCTET(1, 3), 6, 1, 3 };
+#endif
+#ifndef NO_ABBREV_SNMPMODS
+static const uint8_t snmpModules_oid[] = { OID_FIRST_OCTET(1, 3), 6, 1, 6, 3 };
+#endif
+
+#define OBJ_ABBREV_ENTRY(prefix, obj) \
+       { prefix, &_ ## obj ## _obj, obj ## _oid, sizeof (obj ## _oid) }
 static const struct obj_abrev {
        const char *prefix;             /* prefix for this abrev */
        struct obj *node;               /* pointer into object table */
-       const char *oid;                /* ASN.1 encoded OID */
+       const uint8_t *oid;             /* ASN.1 encoded OID */
+       size_t oid_len;                 /* length of OID */
 } obj_abrev_list[] = {
 #ifndef NO_ABREV_MIB
        /* .iso.org.dod.internet.mgmt.mib */
-       { "",   &_mib_obj,              "\53\6\1\2\1" },
+       OBJ_ABBREV_ENTRY("",    mib),
 #endif
 #ifndef NO_ABREV_ENTER
        /* .iso.org.dod.internet.private.enterprises */
-       { "E:", &_enterprises_obj,      "\53\6\1\4\1" },
+       OBJ_ABBREV_ENTRY("E:",  enterprises),
 #endif
 #ifndef NO_ABREV_EXPERI
        /* .iso.org.dod.internet.experimental */
-       { "X:", &_experimental_obj,     "\53\6\1\3" },
+       OBJ_ABBREV_ENTRY("X:",  experimental),
 #endif
 #ifndef NO_ABBREV_SNMPMODS
        /* .iso.org.dod.internet.snmpV2.snmpModules */
-        { "S:", &_snmpModules_obj,      "\53\6\1\6\3" },
+       OBJ_ABBREV_ENTRY("S:",  snmpModules),
 #endif
-       { 0,0,0 }
+       { 0,0,0,0 }
 };
 
 /*
@@ -328,10 +349,7 @@ struct be {
                int32_t integer;
                uint32_t uns;
                const u_char *str;
-               struct {
-                       uint32_t high;
-                       uint32_t low;
-               } uns64;
+               uint64_t uns64;
        } data;
        u_short id;
        u_char form, class;             /* tag info */
@@ -420,9 +438,9 @@ asn1_parse(netdissect_options *ndo,
         *  +---+---+---+---+---+---+---+---+
         *    7   6   5   4   3   2   1   0
         */
-       id = *p & ASN_ID_BITS;          /* lower 5 bits, range 00-1f */
+       id = EXTRACT_U_1(p) & ASN_ID_BITS;              /* lower 5 bits, range 00-1f */
 #ifdef notdef
-       form = (*p & 0xe0) >> 5;        /* move upper 3 bits to lower 3 */
+       form = (EXTRACT_U_1(p) & 0xe0) >> 5;    /* move upper 3 bits to lower 3 */
        class = form >> 1;              /* bits 7&6 -> bits 1&0, range 0-3 */
        form &= 0x1;                    /* bit 5 -> bit 0, range 0-1 */
 #else
@@ -445,20 +463,25 @@ asn1_parse(netdissect_options *ndo,
                 * bit set.  XXX - this doesn't handle a value
                 * that won't fit in 32 bits.
                 */
-               for (id = 0; *p & ASN_BIT8; len--, hdr++, p++) {
+               id = 0;
+               ND_TCHECK(*p);
+               while (EXTRACT_U_1(p) & ASN_BIT8) {
                        if (len < 1) {
                                ND_PRINT((ndo, "[Xtagfield?]"));
                                return -1;
                        }
-                       ND_TCHECK(*p);
                        id = (id << 7) | (*p & ~ASN_BIT8);
+                       len--;
+                       hdr++;
+                       p++;
+                       ND_TCHECK(*p);
                }
                if (len < 1) {
                        ND_PRINT((ndo, "[Xtagfield?]"));
                        return -1;
                }
                ND_TCHECK(*p);
-               elem->id = id = (id << 7) | *p;
+               elem->id = id = (id << 7) | EXTRACT_U_1(p);
                --len;
                ++hdr;
                ++p;
@@ -478,8 +501,10 @@ asn1_parse(netdissect_options *ndo,
                        return -1;
                }
                ND_TCHECK2(*p, noct);
-               for (; noct-- > 0; len--, hdr++)
-                       elem->asnlen = (elem->asnlen << ASN_SHIFT8) | *p++;
+               for (; noct-- > 0; len--, hdr++) {
+                       elem->asnlen = (elem->asnlen << ASN_SHIFT8) | EXTRACT_U_1(p);
+                       p++;
+               }
        }
        if (len < elem->asnlen) {
                ND_PRINT((ndo, "[len%d<asnlen%u]", len, elem->asnlen));
@@ -497,6 +522,7 @@ asn1_parse(netdissect_options *ndo,
                ND_PRINT((ndo, "[id?%c/%s/%d]", *Form[form], Class[class].name, id));
                return -1;
        }
+       ND_TCHECK2(*p, elem->asnlen);
 
        switch (form) {
        case PRIMITIVE:
@@ -513,11 +539,14 @@ asn1_parse(netdissect_options *ndo,
                                elem->type = BE_INT;
                                data = 0;
 
-                               ND_TCHECK2(*p, elem->asnlen);
+                               if (elem->asnlen == 0) {
+                                       ND_PRINT((ndo, "[asnlen=0]"));
+                                       return -1;
+                               }
                                if (*p & ASN_BIT8)      /* negative */
                                        data = -1;
                                for (i = elem->asnlen; i-- > 0; p++)
-                                       data = (data << ASN_SHIFT8) | *p;
+                                       data = (data << ASN_SHIFT8) | EXTRACT_U_1(p);
                                elem->data.integer = data;
                                break;
                        }
@@ -551,27 +580,21 @@ asn1_parse(netdissect_options *ndo,
                        case GAUGE:
                        case TIMETICKS: {
                                register uint32_t data;
-                               ND_TCHECK2(*p, elem->asnlen);
                                elem->type = BE_UNS;
                                data = 0;
                                for (i = elem->asnlen; i-- > 0; p++)
-                                       data = (data << 8) + *p;
+                                       data = (data << 8) + EXTRACT_U_1(p);
                                elem->data.uns = data;
                                break;
                        }
 
                        case COUNTER64: {
-                               register uint32_t high, low;
-                               ND_TCHECK2(*p, elem->asnlen);
+                               register uint64_t data64;
                                elem->type = BE_UNS64;
-                               high = 0, low = 0;
-                               for (i = elem->asnlen; i-- > 0; p++) {
-                                       high = (high << 8) |
-                                           ((low & 0xFF000000) >> 24);
-                                       low = (low << 8) | *p;
-                               }
-                               elem->data.uns64.high = high;
-                               elem->data.uns64.low = low;
+                               data64 = 0;
+                               for (i = elem->asnlen; i-- > 0; p++)
+                                       data64 = (data64 << 8) + EXTRACT_U_1(p);
+                               elem->data.uns64 = data64;
                                break;
                        }
 
@@ -605,7 +628,6 @@ asn1_parse(netdissect_options *ndo,
 
                default:
                        ND_PRINT((ndo, "[P/%s/%s]", Class[class].name, Class[class].Id[id]));
-                       ND_TCHECK2(*p, elem->asnlen);
                        elem->type = BE_OCTET;
                        elem->data.raw = (const uint8_t *)p;
                        break;
@@ -651,6 +673,56 @@ trunc:
        return -1;
 }
 
+static int
+asn1_print_octets(netdissect_options *ndo, struct be *elem)
+{
+       const u_char *p = (const u_char *)elem->data.raw;
+       uint32_t asnlen = elem->asnlen;
+       uint32_t i;
+
+       ND_TCHECK2(*p, asnlen);
+       for (i = asnlen; i-- > 0; p++)
+               ND_PRINT((ndo, "_%.2x", EXTRACT_U_1(p)));
+       return 0;
+
+trunc:
+       ND_PRINT((ndo, "%s", tstr));
+       return -1;
+}
+
+static int
+asn1_print_string(netdissect_options *ndo, struct be *elem)
+{
+       register int printable = 1, first = 1;
+       const u_char *p;
+       uint32_t asnlen = elem->asnlen;
+       uint32_t i;
+
+       p = elem->data.str;
+       ND_TCHECK2(*p, asnlen);
+       for (i = asnlen; printable && i-- > 0; p++)
+               printable = ND_ISPRINT(EXTRACT_U_1(p));
+       p = elem->data.str;
+       if (printable) {
+               ND_PRINT((ndo, "\""));
+               if (fn_printn(ndo, p, asnlen, ndo->ndo_snapend)) {
+                       ND_PRINT((ndo, "\""));
+                       goto trunc;
+               }
+               ND_PRINT((ndo, "\""));
+       } else {
+               for (i = asnlen; i-- > 0; p++) {
+                       ND_PRINT((ndo, first ? "%.2x" : "_%.2x", EXTRACT_U_1(p)));
+                       first = 0;
+               }
+       }
+       return 0;
+
+trunc:
+       ND_PRINT((ndo, "%s", tstr));
+       return -1;
+}
+
 /*
  * Display the ASN.1 object represented by the BE object.
  * This used to be an integral part of asn1_parse() before the intermediate
@@ -660,16 +732,15 @@ static int
 asn1_print(netdissect_options *ndo,
            struct be *elem)
 {
-       const u_char *p = (const u_char *)elem->data.raw;
+       const u_char *p;
        uint32_t asnlen = elem->asnlen;
        uint32_t i;
 
        switch (elem->type) {
 
        case BE_OCTET:
-               ND_TCHECK2(*p, asnlen);
-               for (i = asnlen; i-- > 0; p++)
-                       ND_PRINT((ndo, "_%.2x", *p));
+               if (asn1_print_octets(ndo, elem) == -1)
+                       return -1;
                break;
 
        case BE_NULL:
@@ -678,16 +749,19 @@ asn1_print(netdissect_options *ndo,
        case BE_OID: {
                int o = 0, first = -1;
 
+               p = (const u_char *)elem->data.raw;
                i = asnlen;
-               if (!ndo->ndo_sflag && !ndo->ndo_nflag && asnlen > 2) {
+               if (!ndo->ndo_nflag && asnlen > 2) {
                        const struct obj_abrev *a = &obj_abrev_list[0];
-                       size_t a_len = strlen(a->oid);
                        for (; a->node; a++) {
-                               ND_TCHECK2(*p, a_len);
-                               if (memcmp(a->oid, p, a_len) == 0) {
+                               if (i < a->oid_len)
+                                       continue;
+                               if (!ND_TTEST2(*p, a->oid_len))
+                                       continue;
+                               if (memcmp(a->oid, p, a->oid_len) == 0) {
                                        objp = a->node->child;
-                                       i -= strlen(a->oid);
-                                       p += strlen(a->oid);
+                                       i -= a->oid_len;
+                                       p += a->oid_len;
                                        ND_PRINT((ndo, "%s", a->prefix));
                                        first = 1;
                                        break;
@@ -695,14 +769,15 @@ asn1_print(netdissect_options *ndo,
                        }
                }
 
-               for (; !ndo->ndo_sflag && i-- > 0; p++) {
+               for (; i-- > 0; p++) {
                        ND_TCHECK(*p);
                        o = (o << ASN_SHIFT7) + (*p & ~ASN_BIT8);
                        if (*p & ASN_LONGLEN)
                                continue;
 
                        /*
-                        * first subitem encodes two items with 1st*OIDMUX+2nd
+                        * first subitem encodes two items with
+                        * 1st*OIDMUX+2nd
                         * (see X.690:1997 clause 8.19 for the details)
                         */
                        if (first < 0) {
@@ -731,70 +806,14 @@ asn1_print(netdissect_options *ndo,
                ND_PRINT((ndo, "%u", elem->data.uns));
                break;
 
-       case BE_UNS64: {        /* idea borrowed from by Marshall Rose */
-               double d;
-               int j, carry;
-               char *cpf, *cpl, last[6], first[30];
-               if (elem->data.uns64.high == 0) {
-                       ND_PRINT((ndo, "%u", elem->data.uns64.low));
-                       break;
-               }
-               d = elem->data.uns64.high * 4294967296.0;       /* 2^32 */
-               if (elem->data.uns64.high <= 0x1fffff) {
-                       d += elem->data.uns64.low;
-#if 0 /*is looks illegal, but what is the intention?*/
-                       ND_PRINT((ndo, "%.f", d));
-#else
-                       ND_PRINT((ndo, "%f", d));
-#endif
-                       break;
-               }
-               d += (elem->data.uns64.low & 0xfffff000);
-#if 0 /*is looks illegal, but what is the intention?*/
-               snprintf(first, sizeof(first), "%.f", d);
-#else
-               snprintf(first, sizeof(first), "%f", d);
-#endif
-               snprintf(last, sizeof(last), "%5.5d",
-                   elem->data.uns64.low & 0xfff);
-               for (carry = 0, cpf = first+strlen(first)-1, cpl = last+4;
-                    cpl >= last;
-                    cpf--, cpl--) {
-                       j = carry + (*cpf - '0') + (*cpl - '0');
-                       if (j > 9) {
-                               j -= 10;
-                               carry = 1;
-                       } else {
-                               carry = 0;
-                       }
-                       *cpf = j + '0';
-               }
-               ND_PRINT((ndo, "%s", first));
+       case BE_UNS64:
+               ND_PRINT((ndo, "%" PRIu64, elem->data.uns64));
                break;
-       }
-
-       case BE_STR: {
-               register int printable = 1, first = 1;
 
-               p = elem->data.str;
-               ND_TCHECK2(*p, asnlen);
-               for (i = asnlen; printable && i-- > 0; p++)
-                       printable = ND_ISPRINT(*p);
-               p = elem->data.str;
-               if (printable) {
-                       ND_PRINT((ndo, "\""));
-                       if (fn_printn(ndo, p, asnlen, ndo->ndo_snapend)) {
-                               ND_PRINT((ndo, "\""));
-                               goto trunc;
-                       }
-                       ND_PRINT((ndo, "\""));
-               } else
-                       for (i = asnlen; i-- > 0; p++) {
-                               ND_PRINT((ndo, first ? "%.2x" : "_%.2x", *p));
-                               first = 0;
-                       }
+       case BE_STR:
+               if (asn1_print_string(ndo, elem) == -1)
+                       return -1;
                break;
-       }
 
        case BE_SEQ:
                ND_PRINT((ndo, "Seq(%u)", elem->asnlen));
@@ -803,9 +822,10 @@ asn1_print(netdissect_options *ndo,
        case BE_INETADDR:
                if (asnlen != ASNLEN_INETADDR)
                        ND_PRINT((ndo, "[inetaddr len!=%d]", ASNLEN_INETADDR));
+               p = (const u_char *)elem->data.raw;
                ND_TCHECK2(*p, asnlen);
                for (i = asnlen; i-- != 0; p++) {
-                       ND_PRINT((ndo, (i == asnlen-1) ? "%u" : ".%u", *p));
+                       ND_PRINT((ndo, (i == asnlen-1) ? "%u" : ".%u", EXTRACT_U_1(p)));
                }
                break;
 
@@ -901,7 +921,7 @@ smi_decode_oid(netdissect_options *ndo,
        int o = 0, first = -1, i = asnlen;
        unsigned int firstval;
 
-       for (*oidlen = 0; ndo->ndo_sflag && i-- > 0; p++) {
+       for (*oidlen = 0; i-- > 0; p++) {
                ND_TCHECK(*p);
                o = (o << ASN_SHIFT7) + (*p & ~ASN_BIT8);
                if (*p & ASN_LONGLEN)
@@ -912,7 +932,7 @@ smi_decode_oid(netdissect_options *ndo,
                 * (see X.690:1997 clause 8.19 for the details)
                 */
                if (first < 0) {
-                       first = 0;
+                       first = 0;
                        firstval = o / OIDMUX;
                        if (firstval > 2) firstval = 2;
                        o -= firstval * OIDMUX;
@@ -1030,6 +1050,10 @@ smi_print_variable(netdissect_options *ndo,
        SmiNode *smiNode = NULL;
        unsigned int i;
 
+       if (!nd_smi_module_loaded) {
+               *status = asn1_print(ndo, elem);
+               return NULL;
+       }
        *status = smi_decode_oid(ndo, elem, oid, sizeof(oid) / sizeof(unsigned int),
            &oidlen);
        if (*status < 0)
@@ -1054,7 +1078,7 @@ smi_print_variable(netdissect_options *ndo,
 
 static int
 smi_print_value(netdissect_options *ndo,
-                SmiNode *smiNode, u_char pduid, struct be *elem)
+                SmiNode *smiNode, u_short pduid, struct be *elem)
 {
        unsigned int i, oid[128], oidlen;
        SmiType *smiType;
@@ -1115,22 +1139,24 @@ smi_print_value(netdissect_options *ndo,
                if (smiType->basetype == SMI_BASETYPE_BITS) {
                        /* print bit labels */
                } else {
-                       smi_decode_oid(ndo, elem, oid,
-                                      sizeof(oid)/sizeof(unsigned int),
-                                      &oidlen);
-                       smiNode = smiGetNodeByOID(oidlen, oid);
-                       if (smiNode) {
-                               if (ndo->ndo_vflag) {
-                                       ND_PRINT((ndo, "%s::", smiGetNodeModule(smiNode)->name));
-                               }
-                               ND_PRINT((ndo, "%s", smiNode->name));
-                               if (smiNode->oidlen < oidlen) {
-                                       for (i = smiNode->oidlen;
-                                            i < oidlen; i++) {
-                                               ND_PRINT((ndo, ".%u", oid[i]));
+                       if (nd_smi_module_loaded &&
+                           smi_decode_oid(ndo, elem, oid,
+                                          sizeof(oid)/sizeof(unsigned int),
+                                          &oidlen) == 0) {
+                               smiNode = smiGetNodeByOID(oidlen, oid);
+                               if (smiNode) {
+                                       if (ndo->ndo_vflag) {
+                                               ND_PRINT((ndo, "%s::", smiGetNodeModule(smiNode)->name));
                                        }
+                                       ND_PRINT((ndo, "%s", smiNode->name));
+                                       if (smiNode->oidlen < oidlen) {
+                                               for (i = smiNode->oidlen;
+                                                    i < oidlen; i++) {
+                                                       ND_PRINT((ndo, ".%u", oid[i]));
+                                               }
+                                       }
+                                       done++;
                                }
-                               done++;
                        }
                }
                break;
@@ -1197,7 +1223,7 @@ smi_print_value(netdissect_options *ndo,
  */
 static void
 varbind_print(netdissect_options *ndo,
-              u_char pduid, const u_char *np, u_int length)
+              u_short pduid, const u_char *np, u_int length)
 {
        struct be elem;
        int count = 0, ind;
@@ -1527,7 +1553,7 @@ scopedpdu_print(netdissect_options *ndo,
                 const u_char *np, u_int length, int version)
 {
        struct be elem;
-       int i, count = 0;
+       int count = 0;
 
        /* Sequence */
        if ((count = asn1_parse(ndo, np, length, &elem)) < 0)
@@ -1551,10 +1577,9 @@ scopedpdu_print(netdissect_options *ndo,
        length -= count;
        np += count;
 
-       ND_PRINT((ndo, "E= "));
-       for (i = 0; i < (int)elem.asnlen; i++) {
-               ND_PRINT((ndo, "0x%02X", elem.data.str[i]));
-       }
+       ND_PRINT((ndo, "E="));
+       if (asn1_print_octets(ndo, &elem) == -1)
+               return;
        ND_PRINT((ndo, " "));
 
        /* contextName (OCTET STRING) */
@@ -1568,7 +1593,10 @@ scopedpdu_print(netdissect_options *ndo,
        length -= count;
        np += count;
 
-       ND_PRINT((ndo, "C=%.*s ", (int)elem.asnlen, elem.data.str));
+       ND_PRINT((ndo, "C="));
+       if (asn1_print_string(ndo, &elem) == -1)
+               return;
+       ND_PRINT((ndo, " "));
 
        pdu_print(ndo, np, length, version);
 }
@@ -1594,9 +1622,13 @@ community_print(netdissect_options *ndo,
        /* default community */
        if (!(elem.asnlen == sizeof(DEF_COMMUNITY) - 1 &&
            strncmp((const char *)elem.data.str, DEF_COMMUNITY,
-                   sizeof(DEF_COMMUNITY) - 1) == 0))
+                   sizeof(DEF_COMMUNITY) - 1) == 0)) {
                /* ! "public" */
-               ND_PRINT((ndo, "C=%.*s ", (int)elem.asnlen, elem.data.str));
+               ND_PRINT((ndo, "C="));
+               if (asn1_print_string(ndo, &elem) == -1)
+                       return;
+               ND_PRINT((ndo, " "));
+       }
        length -= count;
        np += count;
 
@@ -1672,7 +1704,10 @@ usm_print(netdissect_options *ndo,
        length -= count;
         np += count;
 
-       ND_PRINT((ndo, "U=%.*s ", (int)elem.asnlen, elem.data.str));
+       ND_PRINT((ndo, "U="));
+       if (asn1_print_string(ndo, &elem) == -1)
+               return;
+       ND_PRINT((ndo, " "));
 
        /* msgAuthenticationParameters (OCTET STRING) */
        if ((count = asn1_parse(ndo, np, length, &elem)) < 0)
@@ -1881,7 +1916,7 @@ snmp_print(netdissect_options *ndo,
                        ND_PRINT((ndo, "{ %s ", SnmpVersion[elem.data.integer]));
                break;
        default:
-               ND_PRINT((ndo, "[version = %d]", elem.data.integer));
+               ND_PRINT((ndo, "SNMP [version = %d]", elem.data.integer));
                return;
        }
        version = elem.data.integer;
[mirror] the TCPdump network dissector