/* \summary: IPv6 printer */
-#ifdef HAVE_CONFIG_H
#include <config.h>
-#endif
#include "netdissect-stdinc.h"
ND_PRINT(" ");
}
- if (IP6_VERSION(ip6) != 6) {
- ND_PRINT("version error: %u != 6", IP6_VERSION(ip6));
- return;
- }
-
- ND_TCHECK_SIZE(ip6);
- if (length < sizeof (struct ip6_hdr)) {
- ND_PRINT("truncated-ip6 %u", length);
- return;
- }
+ ND_ICHECK_ZU(length, <, sizeof (struct ip6_hdr));
+ ND_ICHECKMSG_U("version", IP6_VERSION(ip6), !=, 6);
payload_len = GET_BE_U_2(ip6->ip6_plen);
/*
*/
if (payload_len != 0) {
len = payload_len + sizeof(struct ip6_hdr);
- if (length < len)
- ND_PRINT("truncated-ip6 - %u bytes missing!",
- len - length);
+ if (len > length) {
+ ND_PRINT("[header+payload length %u > length %u]",
+ len, length);
+ nd_print_invalid(ndo);
+ ND_PRINT(" ");
+ }
} else
len = length + sizeof(struct ip6_hdr);
if (flow & 0x000fffff)
ND_PRINT("flowlabel 0x%05x, ", flow & 0x000fffff);
- ND_PRINT("hlim %u, next-header %s (%u) payload length: %u) ",
+ ND_PRINT("hlim %u, next-header %s (%u), payload length %u) ",
GET_U_1(ip6->ip6_hlim),
tok2str(ipproto_values,"unknown",nh),
nh,
payload_len);
}
+ ND_TCHECK_SIZE(ip6);
/*
- * Cut off the snapshot length to the end of the IP payload.
+ * Cut off the snapshot length to the end of the IP payload
+ * or the end of the data in which it's contained, whichever
+ * comes first.
*/
- if (!nd_push_snaplen(ndo, bp, len)) {
+ if (!nd_push_snaplen(ndo, bp, ND_MIN(length, len))) {
(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
"%s: can't push snaplen on buffer stack", __func__);
}
nh != IPPROTO_TCP && nh != IPPROTO_UDP &&
nh != IPPROTO_DCCP && nh != IPPROTO_SCTP) {
ND_PRINT("%s > %s: ", GET_IP6ADDR_STRING(ip6->ip6_src),
- GET_IP6ADDR_STRING(ip6->ip6_dst));
+ GET_IP6ADDR_STRING(ip6->ip6_dst));
}
switch (nh) {
case IPPROTO_MOBILITY_OLD:
case IPPROTO_MOBILITY:
/*
- * XXX - we don't use "advance"; RFC 3775 says that
+ * RFC 3775 says that
* the next header field in a mobility header
* should be IPPROTO_NONE, but speaks of
* the possibility of a future extension in
len = payload_len + sizeof(struct ip6_hdr);
if (len < total_advance)
goto trunc;
- if (length < len)
- ND_PRINT("truncated-ip6 - %u bytes missing!",
- len - length);
+ if (len > length) {
+ ND_PRINT("[header+payload length %u > length %u]",
+ len, length);
+ nd_print_invalid(ndo);
+ ND_PRINT(" ");
+ }
nd_change_snaplen(ndo, bp, len);
/*
return;
trunc:
nd_print_trunc(ndo);
+ return;
+
+invalid:
+ nd_print_invalid(ndo);
}
projects / tcpdump / blobdiff