* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
+/* \summary: Protocol Independent Multicast (PIM) printer */
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#include <tcpdump-stdinc.h>
+#include <netdissect-stdinc.h>
-#include "interface.h"
+#include "netdissect.h"
#include "addrtoname.h"
#include "extract.h"
#include "ip.h"
+#include "ip6.h"
+#include "ipproto.h"
#define PIMV1_TYPE_QUERY 0
#define PIMV1_TYPE_REGISTER 1
u_short pim_cksum; /* IP style check sum */
};
-static void pimv2_print(netdissect_options *, register const u_char *bp, register u_int len, u_int cksum);
+static void pimv2_print(netdissect_options *, register const u_char *bp, register u_int len, const u_char *);
static void
pimv1_join_prune_print(netdissect_options *ndo,
/* If it's a single group and a single source, use 1-line output. */
if (ND_TTEST2(bp[0], 30) && bp[11] == 1 &&
- ((njoin = EXTRACT_16BITS(&bp[20])) + EXTRACT_16BITS(&bp[22])) == 1) {
+ ((njoin = EXTRACT_BE_U_2(bp + 20)) + EXTRACT_BE_U_2(bp + 22)) == 1) {
int hold;
ND_PRINT((ndo, " RPF %s ", ipaddr_string(ndo, bp)));
- hold = EXTRACT_16BITS(&bp[6]);
+ hold = EXTRACT_BE_U_2(bp + 6);
if (hold != 180) {
ND_PRINT((ndo, "Hold "));
- relts_print(ndo, hold);
+ unsigned_relts_print(ndo, hold);
}
ND_PRINT((ndo, "%s (%s/%d, %s", njoin ? "Join" : "Prune",
ipaddr_string(ndo, &bp[26]), bp[25] & 0x3f,
ipaddr_string(ndo, &bp[12])));
- if (EXTRACT_32BITS(&bp[16]) != 0xffffffff)
+ if (EXTRACT_BE_U_4(bp + 16) != 0xffffffff)
ND_PRINT((ndo, "/%s", ipaddr_string(ndo, &bp[16])));
ND_PRINT((ndo, ") %s%s %s",
(bp[24] & 0x01) ? "Sparse" : "Dense",
return;
}
+ if (len < sizeof(struct in_addr))
+ goto trunc;
ND_TCHECK2(bp[0], sizeof(struct in_addr));
if (ndo->ndo_vflag > 1)
ND_PRINT((ndo, "\n"));
ND_PRINT((ndo, " Upstream Nbr: %s", ipaddr_string(ndo, bp)));
- ND_TCHECK2(bp[6], 2);
+ bp += 4;
+ len -= 4;
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK2(bp[2], 2);
if (ndo->ndo_vflag > 1)
ND_PRINT((ndo, "\n"));
ND_PRINT((ndo, " Hold time: "));
- relts_print(ndo, EXTRACT_16BITS(&bp[6]));
+ unsigned_relts_print(ndo, EXTRACT_BE_U_2(bp + 2));
if (ndo->ndo_vflag < 2)
return;
- bp += 8;
- len -= 8;
+ bp += 4;
+ len -= 4;
+ if (len < 4)
+ goto trunc;
ND_TCHECK2(bp[0], 4);
ngroups = bp[3];
bp += 4;
* XXX - does the address have length "addrlen" and the
* mask length "maddrlen"?
*/
+ if (len < 4)
+ goto trunc;
ND_TCHECK2(bp[0], sizeof(struct in_addr));
ND_PRINT((ndo, "\n\tGroup: %s", ipaddr_string(ndo, bp)));
- ND_TCHECK2(bp[4], sizeof(struct in_addr));
- if (EXTRACT_32BITS(&bp[4]) != 0xffffffff)
- ND_PRINT((ndo, "/%s", ipaddr_string(ndo, &bp[4])));
- ND_TCHECK2(bp[8], 4);
- njoin = EXTRACT_16BITS(&bp[8]);
- nprune = EXTRACT_16BITS(&bp[10]);
+ bp += 4;
+ len -= 4;
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK2(bp[0], sizeof(struct in_addr));
+ if (EXTRACT_BE_U_4(bp) != 0xffffffff)
+ ND_PRINT((ndo, "/%s", ipaddr_string(ndo, &bp[0])));
+ bp += 4;
+ len -= 4;
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK2(bp[0], 4);
+ njoin = EXTRACT_BE_U_2(bp);
+ nprune = EXTRACT_BE_U_2(bp + 2);
ND_PRINT((ndo, " joined: %d pruned: %d", njoin, nprune));
- bp += 12;
- len -= 12;
+ bp += 4;
+ len -= 4;
for (njp = 0; njp < (njoin + nprune); njp++) {
const char *type;
type = "Join ";
else
type = "Prune";
+ if (len < 6)
+ goto trunc;
ND_TCHECK2(bp[0], 6);
ND_PRINT((ndo, "\n\t%s %s%s%s%s/%d", type,
(bp[0] & 0x01) ? "Sparse " : "Dense ",
(bp[1] & 0x80) ? "WC " : "",
(bp[1] & 0x40) ? "RP " : "SPT ",
- ipaddr_string(ndo, &bp[2]), bp[1] & 0x3f));
+ ipaddr_string(ndo, &bp[2]),
+ bp[1] & 0x3f));
bp += 6;
len -= 6;
}
pimv1_print(netdissect_options *ndo,
register const u_char *bp, register u_int len)
{
- register const u_char *ep;
register u_char type;
- ep = (const u_char *)ndo->ndo_snapend;
- if (bp >= ep)
- return;
-
ND_TCHECK(bp[1]);
type = bp[1];
if (ndo->ndo_vflag) {
ND_TCHECK2(bp[10],2);
ND_PRINT((ndo, " (Hold-time "));
- relts_print(ndo, EXTRACT_16BITS(&bp[10]));
+ unsigned_relts_print(ndo, EXTRACT_BE_U_2(bp + 10));
ND_PRINT((ndo, ")"));
}
break;
if (ndo->ndo_vflag) {
ND_TCHECK2(bp[22], 2);
ND_PRINT((ndo, " group %s", ipaddr_string(ndo, &bp[8])));
- if (EXTRACT_32BITS(&bp[12]) != 0xffffffff)
+ if (EXTRACT_BE_U_4(bp + 12) != 0xffffffff)
ND_PRINT((ndo, "/%s", ipaddr_string(ndo, &bp[12])));
ND_PRINT((ndo, " RP %s hold ", ipaddr_string(ndo, &bp[16])));
- relts_print(ndo, EXTRACT_16BITS(&bp[22]));
+ unsigned_relts_print(ndo, EXTRACT_BE_U_2(bp + 22));
}
break;
case PIMV1_TYPE_ASSERT:
ND_TCHECK2(bp[16], sizeof(struct in_addr));
ND_PRINT((ndo, " for %s > %s", ipaddr_string(ndo, &bp[16]),
ipaddr_string(ndo, &bp[8])));
- if (EXTRACT_32BITS(&bp[12]) != 0xffffffff)
+ if (EXTRACT_BE_U_4(bp + 12) != 0xffffffff)
ND_PRINT((ndo, "/%s", ipaddr_string(ndo, &bp[12])));
ND_TCHECK2(bp[24], 4);
ND_PRINT((ndo, " %s pref %d metric %d",
(bp[20] & 0x80) ? "RP-tree" : "SPT",
- EXTRACT_32BITS(&bp[20]) & 0x7fffffff,
- EXTRACT_32BITS(&bp[24])));
+ EXTRACT_BE_U_4(bp + 20) & 0x7fffffff,
+ EXTRACT_BE_U_4(bp + 24)));
break;
case PIMV1_TYPE_JOIN_PRUNE:
case PIMV1_TYPE_GRAFT:
case PIMV1_TYPE_GRAFT_ACK:
- if (ndo->ndo_vflag)
+ if (ndo->ndo_vflag) {
+ if (len < 8)
+ goto trunc;
pimv1_join_prune_print(ndo, &bp[8], len - 8);
+ }
break;
}
+ ND_TCHECK(bp[4]);
if ((bp[4] >> 4) != 1)
ND_PRINT((ndo, " [v%d]", bp[4] >> 4));
return;
int numrps;
int hold;
+ if (len < 8)
+ goto trunc;
ND_TCHECK(bp[0]);
ND_PRINT((ndo, " auto-rp "));
type = bp[0];
ND_TCHECK2(bp[2], 2);
ND_PRINT((ndo, " Hold "));
- hold = EXTRACT_16BITS(&bp[2]);
+ hold = EXTRACT_BE_U_2(bp + 2);
if (hold)
- relts_print(ndo, EXTRACT_16BITS(&bp[2]));
+ unsigned_relts_print(ndo, EXTRACT_BE_U_2(bp + 2));
else
ND_PRINT((ndo, "FOREVER"));
int nentries;
char s;
+ if (len < 4)
+ goto trunc;
ND_TCHECK2(bp[0], 4);
ND_PRINT((ndo, " RP %s", ipaddr_string(ndo, bp)));
- ND_TCHECK(bp[4]);
- switch (bp[4] & 0x3) {
+ bp += 4;
+ len -= 4;
+ if (len < 1)
+ goto trunc;
+ ND_TCHECK(bp[0]);
+ switch (bp[0] & 0x3) {
case 0: ND_PRINT((ndo, " PIMv?"));
break;
case 1: ND_PRINT((ndo, " PIMv1"));
case 3: ND_PRINT((ndo, " PIMv1+2"));
break;
}
- if (bp[4] & 0xfc)
- ND_PRINT((ndo, " [rsvd=0x%02x]", bp[4] & 0xfc));
- ND_TCHECK(bp[5]);
- nentries = bp[5];
- bp += 6; len -= 6;
+ if (bp[0] & 0xfc)
+ ND_PRINT((ndo, " [rsvd=0x%02x]", bp[0] & 0xfc));
+ bp += 1;
+ len -= 1;
+ if (len < 1)
+ goto trunc;
+ ND_TCHECK(bp[0]);
+ nentries = bp[0];
+ bp += 1;
+ len -= 1;
s = ' ';
for (; nentries; nentries--) {
+ if (len < 6)
+ goto trunc;
ND_TCHECK2(bp[0], 6);
ND_PRINT((ndo, "%c%s%s/%d", s, bp[0] & 1 ? "!" : "",
ipaddr_string(ndo, &bp[2]), bp[1]));
void
pim_print(netdissect_options *ndo,
- register const u_char *bp, register u_int len, u_int cksum)
+ register const u_char *bp, register u_int len, const u_char *bp2)
{
- register const u_char *ep;
- register struct pim *pim = (struct pim *)bp;
+ register const struct pim *pim = (const struct pim *)bp;
- ep = (const u_char *)ndo->ndo_snapend;
- if (bp >= ep)
- return;
#ifdef notyet /* currently we see only version and type */
ND_TCHECK(pim->pim_rsv);
#endif
+ ND_TCHECK(pim->pim_typever);
switch (PIM_VER(pim->pim_typever)) {
case 2:
if (!ndo->ndo_vflag) {
PIM_VER(pim->pim_typever),
len,
tok2str(pimv2_type_values,"Unknown Type",PIM_TYPE(pim->pim_typever))));
- pimv2_print(ndo, bp, len, cksum);
+ pimv2_print(ndo, bp, len, bp2);
}
break;
default:
break;
}
return;
+
+trunc:
+ ND_PRINT((ndo, "[|pim]"));
+ return;
}
/*
*
*/
-static int pimv2_addr_len;
-
enum pimv2_addrtype {
pimv2_unicast, pimv2_group, pimv2_source
};
*/
static int
pimv2_addr_print(netdissect_options *ndo,
- const u_char *bp, enum pimv2_addrtype at, int silent)
+ const u_char *bp, u_int len, enum pimv2_addrtype at,
+ u_int addr_len, int silent)
{
int af;
- int len, hdrlen;
+ int hdrlen;
- ND_TCHECK(bp[0]);
-
- if (pimv2_addr_len == 0) {
+ if (addr_len == 0) {
+ if (len < 2)
+ goto trunc;
ND_TCHECK(bp[1]);
switch (bp[0]) {
case 1:
af = AF_INET;
- len = sizeof(struct in_addr);
+ addr_len = (u_int)sizeof(struct in_addr);
break;
-#ifdef INET6
case 2:
af = AF_INET6;
- len = sizeof(struct in6_addr);
+ addr_len = (u_int)sizeof(struct in6_addr);
break;
-#endif
default:
return -1;
}
return -1;
hdrlen = 2;
} else {
- switch (pimv2_addr_len) {
+ switch (addr_len) {
case sizeof(struct in_addr):
af = AF_INET;
break;
-#ifdef INET6
case sizeof(struct in6_addr):
af = AF_INET6;
break;
-#endif
default:
return -1;
break;
}
- len = pimv2_addr_len;
hdrlen = 0;
}
bp += hdrlen;
+ len -= hdrlen;
switch (at) {
case pimv2_unicast:
- ND_TCHECK2(bp[0], len);
+ if (len < addr_len)
+ goto trunc;
+ ND_TCHECK2(bp[0], addr_len);
if (af == AF_INET) {
if (!silent)
ND_PRINT((ndo, "%s", ipaddr_string(ndo, bp)));
}
-#ifdef INET6
else if (af == AF_INET6) {
if (!silent)
ND_PRINT((ndo, "%s", ip6addr_string(ndo, bp)));
}
-#endif
- return hdrlen + len;
+ return hdrlen + addr_len;
case pimv2_group:
case pimv2_source:
- ND_TCHECK2(bp[0], len + 2);
+ if (len < addr_len + 2)
+ goto trunc;
+ ND_TCHECK2(bp[0], addr_len + 2);
if (af == AF_INET) {
if (!silent) {
ND_PRINT((ndo, "%s", ipaddr_string(ndo, bp + 2)));
ND_PRINT((ndo, "/%u", bp[1]));
}
}
-#ifdef INET6
else if (af == AF_INET6) {
if (!silent) {
ND_PRINT((ndo, "%s", ip6addr_string(ndo, bp + 2)));
ND_PRINT((ndo, "/%u", bp[1]));
}
}
-#endif
if (bp[0] && !silent) {
if (at == pimv2_group) {
ND_PRINT((ndo, "(0x%02x)", bp[0]));
ND_PRINT((ndo, ")"));
}
}
- return hdrlen + 2 + len;
+ return hdrlen + 2 + addr_len;
default:
return -1;
}
return -1;
}
+enum checksum_status {
+ CORRECT,
+ INCORRECT,
+ UNVERIFIED
+};
+
+static enum checksum_status
+pimv2_check_checksum(netdissect_options *ndo, const u_char *bp,
+ const u_char *bp2, u_int len)
+{
+ const struct ip *ip;
+ u_int cksum;
+
+ if (!ND_TTEST2(bp[0], len)) {
+ /* We don't have all the data. */
+ return (UNVERIFIED);
+ }
+ ip = (const struct ip *)bp2;
+ if (IP_V(ip) == 4) {
+ struct cksum_vec vec[1];
+
+ vec[0].ptr = bp;
+ vec[0].len = len;
+ cksum = in_cksum(vec, 1);
+ return (cksum ? INCORRECT : CORRECT);
+ } else if (IP_V(ip) == 6) {
+ const struct ip6_hdr *ip6;
+
+ ip6 = (const struct ip6_hdr *)bp2;
+ cksum = nextproto6_cksum(ndo, ip6, bp, len, len, IPPROTO_PIM);
+ return (cksum ? INCORRECT : CORRECT);
+ } else {
+ return (UNVERIFIED);
+ }
+}
+
static void
pimv2_print(netdissect_options *ndo,
- register const u_char *bp, register u_int len, u_int cksum)
+ register const u_char *bp, register u_int len, const u_char *bp2)
{
- register const u_char *ep;
- register struct pim *pim = (struct pim *)bp;
+ register const struct pim *pim = (const struct pim *)bp;
int advance;
+ enum checksum_status cksum_status;
+ int pimv2_addr_len;
- ep = (const u_char *)ndo->ndo_snapend;
- if (bp >= ep)
- return;
- if (ep > bp + len)
- ep = bp + len;
+ if (len < 2)
+ goto trunc;
ND_TCHECK(pim->pim_rsv);
pimv2_addr_len = pim->pim_rsv;
if (pimv2_addr_len != 0)
ND_PRINT((ndo, ", RFC2117-encoding"));
- ND_PRINT((ndo, ", cksum 0x%04x ", EXTRACT_16BITS(&pim->pim_cksum)));
- if (EXTRACT_16BITS(&pim->pim_cksum) == 0) {
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK(pim->pim_cksum);
+ ND_PRINT((ndo, ", cksum 0x%04x ", EXTRACT_BE_U_2(&pim->pim_cksum)));
+ if (EXTRACT_BE_U_2(&pim->pim_cksum) == 0) {
ND_PRINT((ndo, "(unverified)"));
} else {
- ND_PRINT((ndo, "(%scorrect)", ND_TTEST2(bp[0], len) && cksum ? "in" : "" ));
+ if (PIM_TYPE(pim->pim_typever) == PIMV2_TYPE_REGISTER) {
+ /*
+ * The checksum only covers the packet header,
+ * not the encapsulated packet.
+ */
+ cksum_status = pimv2_check_checksum(ndo, bp, bp2, 8);
+ if (cksum_status == INCORRECT) {
+ /*
+ * To quote RFC 4601, "For interoperability
+ * reasons, a message carrying a checksum
+ * calculated over the entire PIM Register
+ * message should also be accepted."
+ */
+ cksum_status = pimv2_check_checksum(ndo, bp, bp2, len);
+ }
+ } else {
+ /*
+ * The checksum covers the entire packet.
+ */
+ cksum_status = pimv2_check_checksum(ndo, bp, bp2, len);
+ }
+ switch (cksum_status) {
+
+ case CORRECT:
+ ND_PRINT((ndo, "(correct)"));
+ break;
+
+ case INCORRECT:
+ ND_PRINT((ndo, "(incorrect)"));
+ break;
+
+ case UNVERIFIED:
+ ND_PRINT((ndo, "(unverified)"));
+ break;
+ }
}
+ bp += 4;
+ len -= 4;
switch (PIM_TYPE(pim->pim_typever)) {
case PIMV2_TYPE_HELLO:
{
uint16_t otype, olen;
- bp += 4;
- while (bp < ep) {
+ while (len > 0) {
+ if (len < 4)
+ goto trunc;
ND_TCHECK2(bp[0], 4);
- otype = EXTRACT_16BITS(&bp[0]);
- olen = EXTRACT_16BITS(&bp[2]);
- ND_TCHECK2(bp[0], 4 + olen);
+ otype = EXTRACT_BE_U_2(bp);
+ olen = EXTRACT_BE_U_2(bp + 2);
ND_PRINT((ndo, "\n\t %s Option (%u), length %u, Value: ",
tok2str(pimv2_hello_option_values, "Unknown", otype),
otype,
olen));
bp += 4;
+ len -= 4;
+ if (len < olen)
+ goto trunc;
+ ND_TCHECK2(bp[0], olen);
switch (otype) {
case PIMV2_HELLO_OPTION_HOLDTIME:
- relts_print(ndo, EXTRACT_16BITS(bp));
+ if (olen != 2) {
+ ND_PRINT((ndo, "ERROR: Option Length != 2 Bytes (%u)", olen));
+ } else {
+ unsigned_relts_print(ndo,
+ EXTRACT_BE_U_2(bp));
+ }
break;
case PIMV2_HELLO_OPTION_LANPRUNEDELAY:
} else {
char t_bit;
uint16_t lan_delay, override_interval;
- lan_delay = EXTRACT_16BITS(bp);
- override_interval = EXTRACT_16BITS(bp+2);
+ lan_delay = EXTRACT_BE_U_2(bp);
+ override_interval = EXTRACT_BE_U_2(bp + 2);
t_bit = (lan_delay & 0x8000)? 1 : 0;
lan_delay &= ~0x8000;
ND_PRINT((ndo, "\n\t T-bit=%d, LAN delay %dms, Override interval %dms",
ND_PRINT((ndo, "Bi-Directional Capability (Old)"));
break;
case 4:
- ND_PRINT((ndo, "%u", EXTRACT_32BITS(bp)));
+ ND_PRINT((ndo, "%u", EXTRACT_BE_U_4(bp)));
break;
default:
ND_PRINT((ndo, "ERROR: Option Length != 4 Bytes (%u)", olen));
break;
case PIMV2_HELLO_OPTION_GENID:
- ND_PRINT((ndo, "0x%08x", EXTRACT_32BITS(bp)));
+ if (olen != 4) {
+ ND_PRINT((ndo, "ERROR: Option Length != 4 Bytes (%u)", olen));
+ } else {
+ ND_PRINT((ndo, "0x%08x", EXTRACT_BE_U_4(bp)));
+ }
break;
case PIMV2_HELLO_OPTION_REFRESH_CAP:
- ND_PRINT((ndo, "v%d", *bp));
- if (*(bp+1) != 0) {
- ND_PRINT((ndo, ", interval "));
- relts_print(ndo, *(bp+1));
- }
- if (EXTRACT_16BITS(bp+2) != 0) {
- ND_PRINT((ndo, " ?0x%04x?", EXTRACT_16BITS(bp+2)));
+ if (olen != 4) {
+ ND_PRINT((ndo, "ERROR: Option Length != 4 Bytes (%u)", olen));
+ } else {
+ ND_PRINT((ndo, "v%d", *bp));
+ if (*(bp+1) != 0) {
+ ND_PRINT((ndo, ", interval "));
+ unsigned_relts_print(ndo, *(bp+1));
+ }
+ if (EXTRACT_BE_U_2(bp + 2) != 0) {
+ ND_PRINT((ndo, " ?0x%04x?", EXTRACT_BE_U_2(bp + 2)));
+ }
}
break;
case PIMV2_HELLO_OPTION_ADDRESS_LIST:
if (ndo->ndo_vflag > 1) {
const u_char *ptr = bp;
+ u_int plen = len;
while (ptr < (bp+olen)) {
- int advance;
-
ND_PRINT((ndo, "\n\t "));
- advance = pimv2_addr_print(ndo, ptr, pimv2_unicast, 0);
- if (advance < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ advance = pimv2_addr_print(ndo, ptr, plen, pimv2_unicast, pimv2_addr_len, 0);
+ if (advance < 0)
+ goto trunc;
ptr += advance;
+ plen -= advance;
}
}
break;
if (ndo->ndo_vflag> 1)
print_unknown_data(ndo, bp, "\n\t ", olen);
bp += olen;
+ len -= olen;
}
break;
}
case PIMV2_TYPE_REGISTER:
{
- struct ip *ip;
+ const struct ip *ip;
- ND_TCHECK2(*(bp + 4), PIMV2_REGISTER_FLAG_LEN);
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK2(*bp, PIMV2_REGISTER_FLAG_LEN);
ND_PRINT((ndo, ", Flags [ %s ]\n\t",
tok2str(pimv2_register_flag_values,
"none",
- EXTRACT_32BITS(bp+4))));
+ EXTRACT_BE_U_4(bp))));
- bp += 8; len -= 8;
+ bp += 4; len -= 4;
/* encapsulated multicast packet */
- ip = (struct ip *)bp;
+ if (len == 0)
+ goto trunc;
+ ip = (const struct ip *)bp;
+ ND_TCHECK(ip->ip_vhl);
switch (IP_V(ip)) {
case 0: /* Null header */
+ ND_TCHECK(ip->ip_dst);
ND_PRINT((ndo, "IP-Null-header %s > %s",
ipaddr_string(ndo, &ip->ip_src),
ipaddr_string(ndo, &ip->ip_dst)));
}
case PIMV2_TYPE_REGISTER_STOP:
- bp += 4; len -= 4;
- if (bp >= ep)
- break;
ND_PRINT((ndo, " group="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_group, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_group, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
- if (bp >= ep)
- break;
ND_PRINT((ndo, " source="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_unicast, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_unicast, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
break;
uint16_t nprune;
int i, j;
- bp += 4; len -= 4;
if (PIM_TYPE(pim->pim_typever) != 7) { /*not for Graft-ACK*/
- if (bp >= ep)
- break;
ND_PRINT((ndo, ", upstream-neighbor: "));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_unicast, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_unicast, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
}
- if (bp + 4 > ep)
- break;
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK2(*bp, 4);
ngroup = bp[1];
- holdtime = EXTRACT_16BITS(&bp[2]);
+ holdtime = EXTRACT_BE_U_2(bp + 2);
ND_PRINT((ndo, "\n\t %u group(s)", ngroup));
if (PIM_TYPE(pim->pim_typever) != 7) { /*not for Graft-ACK*/
ND_PRINT((ndo, ", holdtime: "));
if (holdtime == 0xffff)
ND_PRINT((ndo, "infinite"));
else
- relts_print(ndo, holdtime);
+ unsigned_relts_print(ndo, holdtime);
}
bp += 4; len -= 4;
for (i = 0; i < ngroup; i++) {
- if (bp >= ep)
- goto jp_done;
ND_PRINT((ndo, "\n\t group #%u: ", i+1));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_group, 0)) < 0) {
- ND_PRINT((ndo, "...)"));
- goto jp_done;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_group, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
- if (bp + 4 > ep) {
- ND_PRINT((ndo, "...)"));
- goto jp_done;
- }
- njoin = EXTRACT_16BITS(&bp[0]);
- nprune = EXTRACT_16BITS(&bp[2]);
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK2(*bp, 4);
+ njoin = EXTRACT_BE_U_2(bp);
+ nprune = EXTRACT_BE_U_2(bp + 2);
ND_PRINT((ndo, ", joined sources: %u, pruned sources: %u", njoin, nprune));
bp += 4; len -= 4;
for (j = 0; j < njoin; j++) {
ND_PRINT((ndo, "\n\t joined source #%u: ", j+1));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_source, 0)) < 0) {
- ND_PRINT((ndo, "...)"));
- goto jp_done;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_source, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
}
for (j = 0; j < nprune; j++) {
ND_PRINT((ndo, "\n\t pruned source #%u: ", j+1));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_source, 0)) < 0) {
- ND_PRINT((ndo, "...)"));
- goto jp_done;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_source, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
}
}
- jp_done:
break;
}
case PIMV2_TYPE_BOOTSTRAP:
{
int i, j, frpcnt;
- bp += 4;
/* Fragment Tag, Hash Mask len, and BSR-priority */
- if (bp + sizeof(uint16_t) >= ep) break;
- ND_PRINT((ndo, " tag=%x", EXTRACT_16BITS(bp)));
- bp += sizeof(uint16_t);
- if (bp >= ep) break;
+ if (len < 2)
+ goto trunc;
+ ND_TCHECK_2(bp);
+ ND_PRINT((ndo, " tag=%x", EXTRACT_BE_U_2(bp)));
+ bp += 2;
+ len -= 2;
+ if (len < 1)
+ goto trunc;
+ ND_TCHECK(bp[0]);
ND_PRINT((ndo, " hashmlen=%d", bp[0]));
- if (bp + 1 >= ep) break;
+ if (len < 2)
+ goto trunc;
+ ND_TCHECK(bp[2]);
ND_PRINT((ndo, " BSRprio=%d", bp[1]));
bp += 2;
+ len -= 2;
/* Encoded-Unicast-BSR-Address */
- if (bp >= ep) break;
ND_PRINT((ndo, " BSR="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_unicast, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_unicast, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance;
+ len -= advance;
- for (i = 0; bp < ep; i++) {
+ for (i = 0; len > 0; i++) {
/* Encoded-Group Address */
ND_PRINT((ndo, " (group%d: ", i));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_group, 0))
- < 0) {
- ND_PRINT((ndo, "...)"));
- goto bs_done;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_group, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance;
+ len -= advance;
/* RP-Count, Frag RP-Cnt, and rsvd */
- if (bp >= ep) {
- ND_PRINT((ndo, "...)"));
- goto bs_done;
- }
+ if (len < 1)
+ goto trunc;
+ ND_TCHECK(bp[0]);
ND_PRINT((ndo, " RPcnt=%d", bp[0]));
- if (bp + 1 >= ep) {
- ND_PRINT((ndo, "...)"));
- goto bs_done;
- }
+ if (len < 2)
+ goto trunc;
+ ND_TCHECK(bp[1]);
ND_PRINT((ndo, " FRPcnt=%d", frpcnt = bp[1]));
+ if (len < 4)
+ goto trunc;
bp += 4;
+ len -= 4;
- for (j = 0; j < frpcnt && bp < ep; j++) {
+ for (j = 0; j < frpcnt && len > 0; j++) {
/* each RP info */
ND_PRINT((ndo, " RP%d=", j));
- if ((advance = pimv2_addr_print(ndo, bp,
+ if ((advance = pimv2_addr_print(ndo, bp, len,
pimv2_unicast,
- 0)) < 0) {
- ND_PRINT((ndo, "...)"));
- goto bs_done;
- }
+ pimv2_addr_len,
+ 0)) < 0)
+ goto trunc;
bp += advance;
+ len -= advance;
- if (bp + 1 >= ep) {
- ND_PRINT((ndo, "...)"));
- goto bs_done;
- }
+ if (len < 2)
+ goto trunc;
+ ND_TCHECK_2(bp);
ND_PRINT((ndo, ",holdtime="));
- relts_print(ndo, EXTRACT_16BITS(bp));
- if (bp + 2 >= ep) {
- ND_PRINT((ndo, "...)"));
- goto bs_done;
- }
+ unsigned_relts_print(ndo,
+ EXTRACT_BE_U_2(bp));
+ if (len < 3)
+ goto trunc;
+ ND_TCHECK(bp[2]);
ND_PRINT((ndo, ",prio=%d", bp[2]));
+ if (len < 4)
+ goto trunc;
bp += 4;
+ len -= 4;
}
ND_PRINT((ndo, ")"));
}
- bs_done:
break;
}
case PIMV2_TYPE_ASSERT:
- bp += 4; len -= 4;
- if (bp >= ep)
- break;
ND_PRINT((ndo, " group="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_group, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_group, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
- if (bp >= ep)
- break;
ND_PRINT((ndo, " src="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_unicast, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_unicast, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance; len -= advance;
- if (bp + 8 > ep)
- break;
+ if (len < 8)
+ goto trunc;
+ ND_TCHECK2(*bp, 8);
if (bp[0] & 0x80)
ND_PRINT((ndo, " RPT"));
- ND_PRINT((ndo, " pref=%u", EXTRACT_32BITS(&bp[0]) & 0x7fffffff));
- ND_PRINT((ndo, " metric=%u", EXTRACT_32BITS(&bp[4])));
+ ND_PRINT((ndo, " pref=%u", EXTRACT_BE_U_4(bp) & 0x7fffffff));
+ ND_PRINT((ndo, " metric=%u", EXTRACT_BE_U_4(bp + 4)));
break;
case PIMV2_TYPE_CANDIDATE_RP:
{
int i, pfxcnt;
- bp += 4;
/* Prefix-Cnt, Priority, and Holdtime */
- if (bp >= ep) break;
+ if (len < 1)
+ goto trunc;
+ ND_TCHECK(bp[0]);
ND_PRINT((ndo, " prefix-cnt=%d", bp[0]));
pfxcnt = bp[0];
- if (bp + 1 >= ep) break;
+ if (len < 2)
+ goto trunc;
+ ND_TCHECK(bp[1]);
ND_PRINT((ndo, " prio=%d", bp[1]));
- if (bp + 3 >= ep) break;
+ if (len < 4)
+ goto trunc;
+ ND_TCHECK_2(&bp[2]);
ND_PRINT((ndo, " holdtime="));
- relts_print(ndo, EXTRACT_16BITS(&bp[2]));
+ unsigned_relts_print(ndo, EXTRACT_BE_U_2(bp + 2));
bp += 4;
+ len -= 4;
/* Encoded-Unicast-RP-Address */
- if (bp >= ep) break;
ND_PRINT((ndo, " RP="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_unicast, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_unicast, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance;
+ len -= advance;
/* Encoded-Group Addresses */
- for (i = 0; i < pfxcnt && bp < ep; i++) {
+ for (i = 0; i < pfxcnt && len > 0; i++) {
ND_PRINT((ndo, " Group%d=", i));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_group, 0))
- < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_group, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance;
+ len -= advance;
}
break;
}
case PIMV2_TYPE_PRUNE_REFRESH:
ND_PRINT((ndo, " src="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_unicast, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_unicast, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance;
+ len -= advance;
ND_PRINT((ndo, " grp="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_group, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_group, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance;
+ len -= advance;
ND_PRINT((ndo, " forwarder="));
- if ((advance = pimv2_addr_print(ndo, bp, pimv2_unicast, 0)) < 0) {
- ND_PRINT((ndo, "..."));
- break;
- }
+ if ((advance = pimv2_addr_print(ndo, bp, len, pimv2_unicast, pimv2_addr_len, 0)) < 0)
+ goto trunc;
bp += advance;
- ND_TCHECK2(bp[0], 2);
+ len -= advance;
+ if (len < 2)
+ goto trunc;
+ ND_TCHECK_2(bp);
ND_PRINT((ndo, " TUNR "));
- relts_print(ndo, EXTRACT_16BITS(bp));
+ unsigned_relts_print(ndo, EXTRACT_BE_U_2(bp));
break;
projects / tcpdump / blobdiff