Makefile.in: don't remove configure and config.h.in in make distclean.

[tcpdump] / print-esp.c

diff --git a/print-esp.c b/print-esp.c
index 22af35b372813862a19e80e6a6e98ec56f260f51..2cee08893a12a4f9d180e270c23733d5efa03fe9 100644 (file)
--- a/print-esp.c
+++ b/print-esp.c
@@ -238,7 +238,7 @@ do_decrypt(netdissect_options *ndo, const char *caller, struct sa_list *sa,
         * we can't decrypt on top of the input buffer.
         */
        ptlen = ctlen;
-       pt = (u_char *)malloc(ptlen);
+       pt = (u_char *)calloc(1, ptlen);
        if (pt == NULL) {
                EVP_CIPHER_CTX_free(ctx);
                (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
@@ -331,7 +331,8 @@ int esp_decrypt_buffer_by_ikev2_print(netdissect_options *ndo,
         */
        if (!nd_push_buffer(ndo, pt, pt, ctlen)) {
                free(pt);
-               return 0;
+               (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+                       "%s: can't push buffer on buffer stack", __func__);
        }
 
        return 1;
@@ -761,7 +762,7 @@ esp_print(netdissect_options *ndo,
        ND_PRINT(", length %u", length);
 
 #ifdef HAVE_LIBCRYPTO
-       /* initiailize SAs */
+       /* initialize SAs */
        if (ndo->ndo_sa_list_head == NULL) {
                if (!ndo->ndo_espsecret)
                        return;
@@ -907,7 +908,10 @@ esp_print(netdissect_options *ndo,
         * Don't put padding + padding length(1 byte) + next header(1 byte)
         * in the buffer because they are not part of the plaintext to decode.
         */
-       nd_push_snaplen(ndo, pt, payloadlen - (padlen + 2));
+       if (!nd_push_snaplen(ndo, pt, payloadlen - (padlen + 2))) {
+               (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+                       "%s: can't push snaplen on buffer stack", __func__);
+       }
 
        /* Now dissect the plaintext. */
        ip_demux_print(ndo, pt, payloadlen - (padlen + 2), ver, fragmented,