#include <stdio.h>
#include <string.h>
+#define ND_LONGJMP_FROM_TCHECK
#include "netdissect.h"
#include "addrtoname.h"
#include "extract.h"
#define icmp_data icmp_dun.id_data
};
-#define ICMP_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
-#define ICMP_MPLS_EXT_VERSION 2
-
/*
* Lower bounds on packet lengths for various types.
* For the error advice packets must first insure that the
#define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
#endif
-/* rfc4950 */
-#define MPLS_STACK_ENTRY_OBJECT_CLASS 1
-/* rfc5837 */
-#define INTERFACE_INFORMATION_OBJECT_CLASS 2
-
/* Most of the icmp types */
static const struct tok icmp2str[] = {
{ ICMP_ECHOREPLY, "echo reply" },
};
/*
- * draft-bonica-internet-icmp-08
+ * RFC 4884 - Extended ICMP to Support Multi-Part Messages
+ *
+ * This is a general extension mechanism, based on the mechanism
+ * in draft-bonica-icmp-mpls-02 ICMP Extensions for MultiProtocol
+ * Label Switching.
*
* The Destination Unreachable, Time Exceeded
* and Parameter Problem messages are slightly changed as per
- * the above draft. A new Length field gets added to give
+ * the above RFC. A new Length field gets added to give
* the caller an idea about the length of the piggybacked
- * IP packet before the MPLS extension header starts.
+ * IP packet before the extension header starts.
*
* The Length field represents length of the padded "original datagram"
* field measured in 32-bit words.
nd_byte icmp_ext_data[1];
};
+/*
+ * Extract version from the first octet of icmp_ext_version_res.
+ */
+#define ICMP_EXT_EXTRACT_VERSION(x) (((x)&0xf0)>>4)
+
+/*
+ * Current version.
+ */
+#define ICMP_EXT_VERSION 2
+
+/*
+ * Extension object class numbers.
+ *
+ * Class 1 dates back to draft-bonica-icmp-mpls-02.
+ *
+ * Class 2 was used for an "Extended Payload Object Class", which
+ * contained bytes of the payload beyond the first 128 bytes, in
+ * draft-bonica-icmp-mpls-02; it was reassigned to an "Interface
+ * Information Object" in RFC 5837.
+ */
+
+/* rfc4950 */
+#define MPLS_STACK_ENTRY_OBJECT_CLASS 1
+/* rfc5837 */
+#define INTERFACE_INFORMATION_OBJECT_CLASS 2
+
struct icmp_multipart_ext_object_header_t {
nd_uint16_t length;
nd_uint8_t class_num;
};
static const struct tok icmp_multipart_ext_obj_values[] = {
- { 1, "MPLS Stack Entry" },
- { 2, "Interface Identification" },
+ { 1, "MPLS Stack Entry Object" },
+ { 2, "Interface Information Object" },
{ 0, NULL}
};
+/* rfc5837 */
+static const struct tok icmp_interface_information_role_values[] = {
+ { 0, "Incoming IP Interface"},
+ { 1, "Sub-IP Component of Incoming IP Interface"},
+ { 2, "Outgoing IP Interface"},
+ { 3, "IP Next hop"},
+ { 0, NULL }
+};
+
+/*
+Interface IP Address Sub-Object
+0 31
++-------+-------+-------+-------+
+| AFI | Reserved |
++-------+-------+-------+-------+
+| IP Address ....
+*/
+struct icmp_interface_information_ipaddr_subobject_t {
+ nd_uint16_t afi;
+ nd_uint16_t reserved;
+ nd_uint32_t ip_addr;
+};
+
+/*
+Interface Name Sub-Object
+octet 0 1 63
+ +--------+-----------................-----------------+
+ | length | interface name octets 1-63 |
+ +--------+-----------................-----------------+
+*/
+struct icmp_interface_information_ifname_subobject_t {
+ nd_uint8_t length;
+ nd_byte if_name[63];
+};
+
/* prototypes */
const char *icmp_tstamp_print(u_int);
return buf;
}
+static int
+print_icmp_multipart_ext_object(netdissect_options *ndo, const uint8_t *obj_tptr)
+{
+ u_int obj_tlen, obj_class_num, obj_ctype;
+ const struct icmp_multipart_ext_object_header_t *icmp_multipart_ext_object_header;
+
+ icmp_multipart_ext_object_header = (const struct icmp_multipart_ext_object_header_t *)obj_tptr;
+ obj_tlen = GET_BE_U_2(icmp_multipart_ext_object_header->length);
+ obj_class_num = GET_U_1(icmp_multipart_ext_object_header->class_num);
+ obj_ctype = GET_U_1(icmp_multipart_ext_object_header->ctype);
+ obj_tptr += sizeof(struct icmp_multipart_ext_object_header_t);
+
+ ND_PRINT("\n\t %s (%u), Class-Type: %u, length %u",
+ tok2str(icmp_multipart_ext_obj_values,"unknown",obj_class_num),
+ obj_class_num,
+ obj_ctype,
+ obj_tlen);
+
+ /* infinite loop protection */
+ if ((obj_class_num == 0) ||
+ (obj_tlen < sizeof(struct icmp_multipart_ext_object_header_t))) {
+ return -1;
+ }
+ obj_tlen -= sizeof(struct icmp_multipart_ext_object_header_t);
+
+ switch (obj_class_num) {
+ case MPLS_STACK_ENTRY_OBJECT_CLASS:
+ switch(obj_ctype) {
+ case 1:
+ {
+ uint32_t raw_label;
+
+ raw_label = GET_BE_U_4(obj_tptr);
+ ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
+ if (MPLS_STACK(raw_label))
+ ND_PRINT(", [S]");
+ ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
+ break;
+ }
+ default:
+ print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
+ }
+ break;
+
+ case INTERFACE_INFORMATION_OBJECT_CLASS:
+ {
+ /*
+ Ctype in a INTERFACE_INFORMATION_OBJECT_CLASS object:
+
+ Bit 0 1 2 3 4 5 6 7
+ +-------+-------+-------+-------+-------+-------+-------+-------+
+ | Interface Role| Rsvd1 | Rsvd2 |ifIndex| IPAddr| name | MTU |
+ +-------+-------+-------+-------+-------+-------+-------+-------+
+ */
+ const uint8_t *offset;
+ u_int interface_role, if_index_flag, ipaddr_flag, name_flag, mtu_flag;
+
+ interface_role = (obj_ctype & 0xc0) >> 6;
+ if_index_flag = (obj_ctype & 0x8) >> 3;
+ ipaddr_flag = (obj_ctype & 0x4) >> 2;
+ name_flag = (obj_ctype & 0x2) >> 1;
+ mtu_flag = (obj_ctype & 0x1);
+
+ ND_PRINT("\n\t Interface Role: %s",
+ tok2str(icmp_interface_information_role_values,
+ "an unknown interface role",interface_role));
+
+ offset = obj_tptr;
+
+ if (if_index_flag) {
+ ND_PRINT("\n\t Interface Index: %u", GET_BE_U_4(offset));
+ offset += 4;
+ }
+ if (ipaddr_flag) {
+ const struct icmp_interface_information_ipaddr_subobject_t *ipaddr_subobj;
+
+ ND_PRINT("\n\t IP Address sub-object: ");
+ ipaddr_subobj = (const struct icmp_interface_information_ipaddr_subobject_t *) offset;
+ switch (GET_BE_U_2(ipaddr_subobj->afi)) {
+ case 1:
+ ND_PRINT("%s", GET_IPADDR_STRING(ipaddr_subobj->ip_addr));
+ offset += 4;
+ break;
+ case 2:
+ ND_PRINT("%s", GET_IP6ADDR_STRING(ipaddr_subobj->ip_addr));
+ offset += 16;
+ break;
+ default:
+ ND_PRINT("Unknown Address Family Identifier");
+ return -1;
+ }
+ offset += 4;
+ }
+ if (name_flag) {
+ uint8_t inft_name_length_field;
+ const struct icmp_interface_information_ifname_subobject_t *ifname_subobj;
+
+ ifname_subobj = (const struct icmp_interface_information_ifname_subobject_t *) offset;
+ inft_name_length_field = GET_U_1(ifname_subobj->length);
+ ND_PRINT("\n\t Interface Name");
+ if (inft_name_length_field == 0) {
+ ND_PRINT(" [length %u]", inft_name_length_field);
+ nd_print_invalid(ndo);
+ break;
+ }
+ if (inft_name_length_field % 4 != 0) {
+ ND_PRINT(" [length %u != N x 4]", inft_name_length_field);
+ nd_print_invalid(ndo);
+ offset += inft_name_length_field;
+ break;
+ }
+ if (inft_name_length_field > 64) {
+ ND_PRINT(" [length %u > 64]", inft_name_length_field);
+ nd_print_invalid(ndo);
+ offset += inft_name_length_field;
+ break;
+ }
+ ND_PRINT(", length %u: ", inft_name_length_field);
+ nd_printjnp(ndo, ifname_subobj->if_name,
+ inft_name_length_field - 1);
+ offset += inft_name_length_field;
+ }
+ if (mtu_flag) {
+ ND_PRINT("\n\t MTU: %u", GET_BE_U_4(offset));
+ offset += 4;
+ }
+ break;
+ }
+
+ default:
+ print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
+ break;
+ }
+ return obj_tlen + sizeof(struct icmp_multipart_ext_object_header_t);
+}
+
void
-icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen, const u_char *bp2,
+icmp_print(netdissect_options *ndo, const u_char *bp, u_int plen,
int fragmented)
{
- char *cp;
const struct icmp *dp;
uint8_t icmp_type, icmp_code;
- const struct icmp_ext_t *ext_dp;
- const struct ip *ip;
+ const struct icmp_ext_t *ext_dp;
const char *str;
- const struct ip *oip;
- uint8_t ip_proto;
- const struct udphdr *ouh;
- const uint8_t *obj_tptr;
- uint32_t raw_label;
- const struct icmp_multipart_ext_object_header_t *icmp_multipart_ext_object_header;
- u_int hlen, mtu, obj_tlen, obj_class_num, obj_ctype;
- uint16_t dport;
+ const uint8_t *obj_tptr;
+ u_int hlen;
char buf[MAXHOSTNAMELEN + 100];
struct cksum_vec vec[1];
ndo->ndo_protocol = "icmp";
dp = (const struct icmp *)bp;
- ext_dp = (const struct icmp_ext_t *)bp;
- ip = (const struct ip *)bp2;
+ ext_dp = (const struct icmp_ext_t *)bp;
str = buf;
icmp_type = GET_U_1(dp->icmp_type);
break;
case ICMP_UNREACH_PORT:
- ND_TCHECK_1(dp->icmp_ip.ip_p);
+ {
+ const struct ip *oip;
+ const struct udphdr *ouh;
+ uint8_t ip_proto;
+ uint16_t dport;
+
oip = &dp->icmp_ip;
hlen = IP_HL(oip) * 4;
ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
break;
}
break;
+ }
case ICMP_UNREACH_NEEDFRAG:
{
const struct mtu_discovery *mp;
+ u_int mtu;
+
mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
mtu = GET_BE_U_2(mp->nexthopmtu);
if (mtu) {
case ICMP_ROUTERADVERT:
{
+ char *cp;
const struct ih_rdiscovery *ihp;
const struct id_rdiscovery *idp;
u_int lifetime, num, size;
cp = buf + strlen(buf);
ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
- ND_TCHECK_SIZE(ihp);
(void)strncpy(cp, " lifetime ", sizeof(buf) - (cp - buf));
cp = buf + strlen(buf);
lifetime = GET_BE_U_2(ihp->ird_lifetime);
}
idp = (const struct id_rdiscovery *)&dp->icmp_data;
while (num > 0) {
- ND_TCHECK_SIZE(idp);
(void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
GET_IPADDR_STRING(idp->ird_addr),
GET_BE_U_4(idp->ird_pref));
cp = buf + strlen(buf);
++idp;
- num--;
+ num--;
}
}
break;
break;
case ICMP_TSTAMPREPLY:
- ND_TCHECK_4(dp->icmp_ttime);
(void)snprintf(buf, sizeof(buf),
"time stamp reply id %u seq %u: org %s",
GET_BE_U_2(dp->icmp_id),
* save the snaplength as this may get overridden in the IP printer.
*/
if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
+ const struct ip *ip;
const u_char *snapend_save;
bp += 8;
* Attempt to decode multi-part message extensions (rfc4884) only for some ICMP types.
*/
if (ndo->ndo_vflag >= 1 && plen > ICMP_EXTD_MINLEN && ICMP_MULTIPART_EXT_TYPE(icmp_type)) {
-
ND_TCHECK_SIZE(ext_dp);
/*
* Sanity checking of the header.
*/
if (ICMP_EXT_EXTRACT_VERSION(*(ext_dp->icmp_ext_version_res)) !=
- ICMP_MPLS_EXT_VERSION) {
+ ICMP_EXT_VERSION) {
ND_PRINT(" packet not supported");
return;
}
obj_tptr = (const uint8_t *)ext_dp->icmp_ext_data;
while (hlen > sizeof(struct icmp_multipart_ext_object_header_t)) {
-
- icmp_multipart_ext_object_header = (const struct icmp_multipart_ext_object_header_t *)obj_tptr;
- ND_TCHECK_SIZE(icmp_multipart_ext_object_header);
- obj_tlen = GET_BE_U_2(icmp_multipart_ext_object_header->length);
- obj_class_num = GET_U_1(icmp_multipart_ext_object_header->class_num);
- obj_ctype = GET_U_1(icmp_multipart_ext_object_header->ctype);
- obj_tptr += sizeof(struct icmp_multipart_ext_object_header_t);
-
- ND_PRINT("\n\t %s Object (%u), Class-Type: %u, length %u",
- tok2str(icmp_multipart_ext_obj_values,"unknown",obj_class_num),
- obj_class_num,
- obj_ctype,
- obj_tlen);
-
- hlen-=sizeof(struct icmp_multipart_ext_object_header_t); /* length field includes tlv header */
-
- /* infinite loop protection */
- if ((obj_class_num == 0) ||
- (obj_tlen < sizeof(struct icmp_multipart_ext_object_header_t))) {
+ int obj_tlen = print_icmp_multipart_ext_object(ndo, obj_tptr);
+ if (obj_tlen < 0) {
+ /* malformed object */
return;
}
- obj_tlen-=sizeof(struct icmp_multipart_ext_object_header_t);
-
- switch (obj_class_num) {
- case 1:
- switch(obj_ctype) {
- case 1:
- raw_label = GET_BE_U_4(obj_tptr);
- ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
- if (MPLS_STACK(raw_label))
- ND_PRINT(", [S]");
- ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
- break;
- default:
- print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
- }
- break;
-
- /*
- * FIXME those are the defined objects that lack a decoder
- * you are welcome to contribute code ;-)
- */
- case 2:
- default:
- print_unknown_data(ndo, obj_tptr, "\n\t ", obj_tlen);
- break;
- }
- if (hlen < obj_tlen)
+ if (hlen < (u_int)obj_tlen)
break;
hlen -= obj_tlen;
obj_tptr += obj_tlen;
}
}
-
- return;
-trunc:
- nd_print_trunc(ndo);
}
projects / tcpdump / blobdiff