]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-dhcp6.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Handle very large -f files by rejecting them.
[tcpdump] / print-dhcp6.c
diff --git a/print-dhcp6.c b/print-dhcp6.c
index 1e249347fde500c90525a32f4517f2e12f5e61fa..cbb6d84a0588b8204f1c930a089136925e46197f 100644 (file)
--- a/print-dhcp6.c
+++ b/print-dhcp6.c
@@ -304,6 +304,7 @@ dhcp6opt_print(netdissect_options *ndo,
                        goto trunc;
                opttype = EXTRACT_16BITS(&dh6o->dh6opt_type);
                ND_PRINT((ndo, " (%s", tok2str(dh6opt_str, "opt_%u", opttype)));
+               ND_TCHECK2(*(cp + sizeof(*dh6o)), optlen);
                switch (opttype) {
                case DH6OPT_CLIENTID:
                case DH6OPT_SERVERID:
@@ -517,6 +518,10 @@ dhcp6opt_print(netdissect_options *ndo,
                        ND_PRINT((ndo, "...)"));
                        break;
                case DH6OPT_RECONF_MSG:
+                       if (optlen != 1) {
+                               ND_PRINT((ndo, " ?)"));
+                               break;
+                       }
                        tp = (const u_char *)(dh6o + 1);
                        switch (*tp) {
                        case DH6_RENEW:
@@ -731,7 +736,7 @@ dhcp6opt_print(netdissect_options *ndo,
                        while (remain_len && *tp) {
                                label_len =  *tp++;
                                if (label_len < remain_len - 1) {
-                                       ND_PRINT((ndo, "%.*s", label_len, tp));
+                                       (void)fn_printn(ndo, tp, label_len, NULL);
                                        tp += label_len;
                                        remain_len -= (label_len + 1);
                                        if(*tp) ND_PRINT((ndo, "."));
@@ -751,7 +756,7 @@ dhcp6opt_print(netdissect_options *ndo,
                        }
                        tp = (const u_char *)(dh6o + 1);
                        ND_PRINT((ndo, "="));
-                       fn_printn(ndo, tp, (u_int)optlen, NULL);
+                       (void)fn_printn(ndo, tp, (u_int)optlen, NULL);
                        ND_PRINT((ndo, ")"));
                        break;
 
[mirror] the TCPdump network dissector