Use more the ND_TTEST_1() macro

[tcpdump] / print-hncp.c

diff --git a/print-hncp.c b/print-hncp.c
index 87ee8bbb9232e18d40cdca6efba4750e5bd5d7e2..00ab04d13499cf8536ec355efb6929daaed08f32 100644 (file)
--- a/print-hncp.c
+++ b/print-hncp.c
@@ -68,8 +68,8 @@ hncp_print(netdissect_options *ndo,
 #define HNCP_EXTERNAL_CONNECTION   33
 #define HNCP_DELEGATED_PREFIX      34
 #define HNCP_PREFIX_POLICY         43
-#define HNCP_DHCPV4_DATA           37
-#define HNCP_DHCPV6_DATA           38
+#define HNCP_DHCPV4_DATA           37 /* This is correct, see RFC 7788 Errata ID 5113. */
+#define HNCP_DHCPV6_DATA           38 /* idem */
 #define HNCP_ASSIGNED_PREFIX       35
 #define HNCP_NODE_ADDRESS          36
 #define HNCP_DNS_DELEGATED_ZONE    39
@@ -158,25 +158,26 @@ is_ipv4_mapped_address(const u_char *addr)
 static const char *
 format_nid(const u_char *data)
 {
-    static char buf[4][11+5];
+    static char buf[4][sizeof("01:01:01:01")];
     static int i = 0;
     i = (i + 1) % 4;
-    snprintf(buf[i], 16, "%02x:%02x:%02x:%02x",
-             data[0], data[1], data[2], data[3]);
+    snprintf(buf[i], sizeof(buf[i]), "%02x:%02x:%02x:%02x",
+             EXTRACT_U_1(data), EXTRACT_U_1(data + 1), EXTRACT_U_1(data + 2),
+             EXTRACT_U_1(data + 3));
     return buf[i];
 }
 
 static const char *
 format_256(const u_char *data)
 {
-    static char buf[4][64+5];
+    static char buf[4][sizeof("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")];
     static int i = 0;
     i = (i + 1) % 4;
-    snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
-         EXTRACT_64BITS(data),
-         EXTRACT_64BITS(data + 8),
-         EXTRACT_64BITS(data + 16),
-         EXTRACT_64BITS(data + 24)
+    snprintf(buf[i], sizeof(buf[i]), "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
+         EXTRACT_BE_U_8(data),
+         EXTRACT_BE_U_8(data + 8),
+         EXTRACT_BE_U_8(data + 16),
+         EXTRACT_BE_U_8(data + 24)
     );
     return buf[i];
 }
@@ -206,12 +207,12 @@ print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length)
     int plenbytes;
     char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::/128")];
 
-    if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 &&
-        is_ipv4_mapped_address(&prefix[1])) {
+    if (EXTRACT_U_1(prefix) >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 &&
+        is_ipv4_mapped_address(prefix + 1)) {
         struct in_addr addr;
         u_int plen;
 
-        plen = prefix[0]-96;
+        plen = EXTRACT_U_1(prefix) - 96;
         if (32 < plen)
             return -1;
         max_length -= 1;
@@ -220,7 +221,7 @@ print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length)
         plenbytes = (plen + 7) / 8;
         if (max_length < (u_int)plenbytes + IPV4_MAPPED_HEADING_LEN)
             return -3;
-        memcpy(&addr, &prefix[1 + IPV4_MAPPED_HEADING_LEN], plenbytes);
+        memcpy(&addr, prefix + IPV4_MAPPED_HEADING_LEN + 1, plenbytes);
         if (plen % 8) {
                ((u_char *)&addr)[plenbytes - 1] &=
                        ((0xff00 >> (plen % 8)) & 0xff);
@@ -241,7 +242,8 @@ print_dns_label(netdissect_options *ndo,
 {
     u_int length = 0;
     while (length < max_length) {
-        u_int lab_length = cp[length++];
+        u_int lab_length = EXTRACT_U_1(cp + length);
+        length++;
         if (lab_length == 0)
             return (int)length;
         if (length > 1 && print)
@@ -265,14 +267,16 @@ dhcpv4_print(netdissect_options *ndo,
              const u_char *cp, u_int length, int indent)
 {
     u_int i, t;
-    const u_char *tlv, *value;
+    const uint8_t *tlv, *value;
     uint8_t type, optlen;
 
     i = 0;
     while (i < length) {
+        if (i + 2 > length)
+            return -1;
         tlv = cp + i;
-        type = (uint8_t)tlv[0];
-        optlen = (uint8_t)tlv[1];
+        type = EXTRACT_U_1(tlv);
+        optlen = EXTRACT_U_1(tlv + 1);
         value = tlv + 2;
 
         ND_PRINT((ndo, "\n"));
@@ -281,6 +285,8 @@ dhcpv4_print(netdissect_options *ndo,
 
         ND_PRINT((ndo, "%s", tok2str(dh4opt_str, "Unknown", type)));
         ND_PRINT((ndo," (%u)", optlen + 2 ));
+        if (i + 2 + optlen > length)
+            return -1;
 
         switch (type) {
         case DH4OPT_DNS_SERVERS:
@@ -318,9 +324,11 @@ dhcpv6_print(netdissect_options *ndo,
 
     i = 0;
     while (i < length) {
+        if (i + 4 > length)
+            return -1;
         tlv = cp + i;
-        type = EXTRACT_16BITS(tlv);
-        optlen = EXTRACT_16BITS(tlv + 2);
+        type = EXTRACT_BE_U_2(tlv);
+        optlen = EXTRACT_BE_U_2(tlv + 2);
         value = tlv + 4;
 
         ND_PRINT((ndo, "\n"));
@@ -329,6 +337,8 @@ dhcpv6_print(netdissect_options *ndo,
 
         ND_PRINT((ndo, "%s", tok2str(dh6opt_str, "Unknown", type)));
         ND_PRINT((ndo," (%u)", optlen + 4 ));
+        if (i + 4 + optlen > length)
+            return -1;
 
         switch (type) {
             case DH6OPT_DNS_SERVERS:
@@ -388,7 +398,7 @@ print_type_in_line(netdissect_options *ndo,
     }
 }
 
-void
+static void
 hncp_print_rec(netdissect_options *ndo,
                const u_char *cp, u_int length, int indent)
 {
@@ -400,7 +410,7 @@ hncp_print_rec(netdissect_options *ndo,
     uint32_t last_type_mask = 0xffffffffU;
     int last_type_count = -1;
 
-    const u_char *tlv, *value;
+    const uint8_t *tlv, *value;
     uint16_t type, bodylen;
     uint32_t type_mask;
 
@@ -414,14 +424,14 @@ hncp_print_rec(netdissect_options *ndo,
                 ND_PRINT((ndo, "\t"));
         }
 
-        ND_TCHECK2(*tlv, 4);
+        ND_TCHECK_4(tlv);
         if (i + 4 > length)
             goto invalid;
 
-        type = EXTRACT_16BITS(tlv);
-        bodylen = EXTRACT_16BITS(tlv + 2);
+        type = EXTRACT_BE_U_2(tlv);
+        bodylen = EXTRACT_BE_U_2(tlv + 2);
         value = tlv + 4;
-        ND_TCHECK2(*value, bodylen);
+        ND_TCHECK_LEN(value, bodylen);
         if (i + bodylen + 4 > length)
             goto invalid;
 
@@ -491,7 +501,7 @@ hncp_print_rec(netdissect_options *ndo,
                 break;
             }
             node_identifier = format_nid(value);
-            endpoint_identifier = EXTRACT_32BITS(value + 4);
+            endpoint_identifier = EXTRACT_BE_U_4(value + 4);
             ND_PRINT((ndo, " NID: %s EPID: %08x",
                 node_identifier,
                 endpoint_identifier
@@ -505,7 +515,7 @@ hncp_print_rec(netdissect_options *ndo,
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
-            hash = EXTRACT_64BITS(value);
+            hash = EXTRACT_BE_U_8(value);
             ND_PRINT((ndo, " hash: %016" PRIx64, hash));
         }
             break;
@@ -519,9 +529,9 @@ hncp_print_rec(netdissect_options *ndo,
                 break;
             }
             node_identifier = format_nid(value);
-            sequence_number = EXTRACT_32BITS(value + 4);
-            interval = format_interval(EXTRACT_32BITS(value + 8));
-            hash = EXTRACT_64BITS(value + 12);
+            sequence_number = EXTRACT_BE_U_4(value + 4);
+            interval = format_interval(EXTRACT_BE_U_4(value + 8));
+            hash = EXTRACT_BE_U_8(value + 12);
             ND_PRINT((ndo, " NID: %s seqno: %u %s hash: %016" PRIx64,
                 node_identifier,
                 sequence_number,
@@ -540,8 +550,8 @@ hncp_print_rec(netdissect_options *ndo,
                 break;
             }
             peer_node_identifier = format_nid(value);
-            peer_endpoint_identifier = EXTRACT_32BITS(value + 4);
-            endpoint_identifier = EXTRACT_32BITS(value + 8);
+            peer_endpoint_identifier = EXTRACT_BE_U_4(value + 4);
+            endpoint_identifier = EXTRACT_BE_U_4(value + 8);
             ND_PRINT((ndo, " Peer-NID: %s Peer-EPID: %08x Local-EPID: %08x",
                 peer_node_identifier,
                 peer_endpoint_identifier,
@@ -557,8 +567,8 @@ hncp_print_rec(netdissect_options *ndo,
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
-            endpoint_identifier = EXTRACT_32BITS(value);
-            interval = format_interval(EXTRACT_32BITS(value + 4));
+            endpoint_identifier = EXTRACT_BE_U_4(value);
+            interval = format_interval(EXTRACT_BE_U_4(value + 4));
             ND_PRINT((ndo, " EPID: %08x Interval: %s",
                 endpoint_identifier,
                 interval
@@ -572,7 +582,7 @@ hncp_print_rec(netdissect_options *ndo,
                 break;
             }
             ND_PRINT((ndo, " Verdict: %u Fingerprint: %s Common Name: ",
-                *value,
+                EXTRACT_U_1(value),
                 format_256(value + 4)));
             safeputs(ndo, value + 36, bodylen - 36);
         }
@@ -585,7 +595,7 @@ hncp_print_rec(netdissect_options *ndo,
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
-            capabilities = EXTRACT_16BITS(value + 2);
+            capabilities = EXTRACT_BE_U_2(value + 2);
             M = (uint8_t)((capabilities >> 12) & 0xf);
             P = (uint8_t)((capabilities >> 8) & 0xf);
             H = (uint8_t)((capabilities >> 4) & 0xf);
@@ -605,13 +615,13 @@ hncp_print_rec(netdissect_options *ndo,
 
         case HNCP_DELEGATED_PREFIX: {
             int l;
-            if (bodylen < 9 || bodylen < 9 + (value[8] + 7) / 8) {
+            if (bodylen < 9 || bodylen < 9 + (EXTRACT_U_1(value + 8) + 7) / 8) {
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
             ND_PRINT((ndo, " VLSO: %s PLSO: %s Prefix: ",
-                format_interval(EXTRACT_32BITS(value)),
-                format_interval(EXTRACT_32BITS(value + 4))
+                format_interval(EXTRACT_BE_U_4(value)),
+                format_interval(EXTRACT_BE_U_4(value + 4))
             ));
             l = print_prefix(ndo, value + 8, bodylen - 8);
             if (l == -1) {
@@ -645,7 +655,7 @@ hncp_print_rec(netdissect_options *ndo,
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
-            policy = value[0];
+            policy = EXTRACT_U_1(value);
             ND_PRINT((ndo, " type: "));
             if (policy == 0) {
                 if (bodylen != 1) {
@@ -716,13 +726,13 @@ hncp_print_rec(netdissect_options *ndo,
         case HNCP_ASSIGNED_PREFIX: {
             uint8_t prty;
             int l;
-            if (bodylen < 6 || bodylen < 6 + (value[5] + 7) / 8) {
+            if (bodylen < 6 || bodylen < 6 + (EXTRACT_U_1(value + 5) + 7) / 8) {
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
-            prty = (uint8_t)(value[4] & 0xf);
+            prty = EXTRACT_U_1(value + 4) & 0xf;
             ND_PRINT((ndo, " EPID: %08x Prty: %u",
-                EXTRACT_32BITS(value),
+                EXTRACT_BE_U_4(value),
                 prty
             ));
             ND_PRINT((ndo, " Prefix: "));
@@ -745,7 +755,7 @@ hncp_print_rec(netdissect_options *ndo,
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
-            endpoint_identifier = EXTRACT_32BITS(value);
+            endpoint_identifier = EXTRACT_BE_U_4(value);
             ip_address = format_ip6addr(ndo, value + 4);
             ND_PRINT((ndo, " EPID: %08x IP Address: %s",
                 endpoint_identifier,
@@ -766,9 +776,9 @@ hncp_print_rec(netdissect_options *ndo,
             ip_address = format_ip6addr(ndo, value);
             ND_PRINT((ndo, " IP-Address: %s %c%c%c ",
                 ip_address,
-                (value[16] & 4) ? 'l' : '-',
-                (value[16] & 2) ? 'b' : '-',
-                (value[16] & 1) ? 's' : '-'
+                (EXTRACT_U_1(value + 16) & 4) ? 'l' : '-',
+                (EXTRACT_U_1(value + 16) & 2) ? 'b' : '-',
+                (EXTRACT_U_1(value + 16) & 1) ? 's' : '-'
             ));
             len = print_dns_label(ndo, value+17, bodylen-17, 1);
             if (len < 0) {
@@ -798,7 +808,7 @@ hncp_print_rec(netdissect_options *ndo,
                 ND_PRINT((ndo, " %s", istr));
                 break;
             }
-            l = value[16];
+            l = EXTRACT_U_1(value + 16);
             if (bodylen < 17 + l) {
                 ND_PRINT((ndo, " %s", istr));
                 break;