/*
* Lower bounds on packet lengths for various types.
* For the error advice packets must first insure that the
- * packet is large enought to contain the returned ip header.
+ * packet is large enough to contain the returned ip header.
* Only then can we do the check to see if 64 bits of packet
* data have been returned, since we need to check the returned
* ip header length.
* The Destination Unreachable, Time Exceeded
* and Parameter Problem messages are slightly changed as per
* the above draft. A new Length field gets added to give
- * the caller an idea about the length of the piggypacked
+ * the caller an idea about the length of the piggybacked
* IP packet before the MPLS extension header starts.
*
* The Length field represents length of the padded "original datagram"
sec = tstamp / 1000;
min = sec / 60; sec -= min * 60;
hrs = min / 60; min -= hrs * 60;
- nd_snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
+ snprintf(buf, sizeof(buf), "%02u:%02u:%02u.%03u",hrs,min,sec,msec);
return buf;
}
const struct udphdr *ouh;
const uint8_t *obj_tptr;
uint32_t raw_label;
- const u_char *snapend_save;
const struct icmp_mpls_ext_object_header_t *icmp_mpls_ext_object_header;
u_int hlen, mtu, obj_tlen, obj_class_num, obj_ctype;
uint16_t dport;
ip = (const struct ip *)bp2;
str = buf;
- ND_TCHECK_1(dp->icmp_code);
icmp_type = GET_U_1(dp->icmp_type);
icmp_code = GET_U_1(dp->icmp_code);
switch (icmp_type) {
case ICMP_ECHO:
case ICMP_ECHOREPLY:
- ND_TCHECK_2(dp->icmp_seq);
- (void)nd_snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
+ (void)snprintf(buf, sizeof(buf), "echo %s, id %u, seq %u",
icmp_type == ICMP_ECHO ?
"request" : "reply",
GET_BE_U_2(dp->icmp_id),
break;
case ICMP_UNREACH:
- ND_TCHECK_4(dp->icmp_ip.ip_dst);
switch (icmp_code) {
case ICMP_UNREACH_NET:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"net %s unreachable",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_HOST:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"host %s unreachable",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_PROTOCOL:
- ND_TCHECK_1(dp->icmp_ip.ip_p);
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s protocol %u unreachable",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst),
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
GET_U_1(dp->icmp_ip.ip_p));
break;
oip = &dp->icmp_ip;
hlen = IP_HL(oip) * 4;
ouh = (const struct udphdr *)(((const u_char *)oip) + hlen);
- ND_TCHECK_2(ouh->uh_dport);
dport = GET_BE_U_2(ouh->uh_dport);
ip_proto = GET_U_1(oip->ip_p);
switch (ip_proto) {
case IPPROTO_TCP:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s tcp port %s unreachable",
- ipaddr_string(ndo, oip->ip_dst),
+ GET_IPADDR_STRING(oip->ip_dst),
tcpport_string(ndo, dport));
break;
case IPPROTO_UDP:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s udp port %s unreachable",
- ipaddr_string(ndo, oip->ip_dst),
+ GET_IPADDR_STRING(oip->ip_dst),
udpport_string(ndo, dport));
break;
default:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s protocol %u port %u unreachable",
- ipaddr_string(ndo, oip->ip_dst),
+ GET_IPADDR_STRING(oip->ip_dst),
ip_proto, dport);
break;
}
mp = (const struct mtu_discovery *)(const u_char *)&dp->icmp_void;
mtu = GET_BE_U_2(mp->nexthopmtu);
if (mtu) {
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s unreachable - need to frag (mtu %u)",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst), mtu);
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst), mtu);
} else {
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s unreachable - need to frag",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
}
}
break;
case ICMP_UNREACH_SRCFAIL:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s unreachable - source route failed",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_NET_UNKNOWN:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"net %s unreachable - unknown",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_HOST_UNKNOWN:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"host %s unreachable - unknown",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_ISOLATED:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s unreachable - source host isolated",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_NET_PROHIB:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"net %s unreachable - admin prohibited",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_HOST_PROHIB:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"host %s unreachable - admin prohibited",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_TOSNET:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"net %s unreachable - tos prohibited",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_TOSHOST:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"host %s unreachable - tos prohibited",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_FILTER_PROHIB:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"host %s unreachable - admin prohibited filter",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_HOST_PRECEDENCE:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"host %s unreachable - host precedence violation",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
case ICMP_UNREACH_PRECEDENCE_CUTOFF:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"host %s unreachable - precedence cutoff",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst));
break;
default:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"%s unreachable - #%u",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst),
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
icmp_code);
break;
}
break;
case ICMP_REDIRECT:
- ND_TCHECK_4(dp->icmp_ip.ip_dst);
switch (icmp_code) {
case ICMP_REDIRECT_NET:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"redirect %s to net %s",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst),
- ipaddr_string(ndo, dp->icmp_gwaddr));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
+ GET_IPADDR_STRING(dp->icmp_gwaddr));
break;
case ICMP_REDIRECT_HOST:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"redirect %s to host %s",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst),
- ipaddr_string(ndo, dp->icmp_gwaddr));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
+ GET_IPADDR_STRING(dp->icmp_gwaddr));
break;
case ICMP_REDIRECT_TOSNET:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"redirect-tos %s to net %s",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst),
- ipaddr_string(ndo, dp->icmp_gwaddr));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
+ GET_IPADDR_STRING(dp->icmp_gwaddr));
break;
case ICMP_REDIRECT_TOSHOST:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"redirect-tos %s to host %s",
- ipaddr_string(ndo, dp->icmp_ip.ip_dst),
- ipaddr_string(ndo, dp->icmp_gwaddr));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
+ GET_IPADDR_STRING(dp->icmp_gwaddr));
break;
default:
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"redirect-#%u %s to %s", icmp_code,
- ipaddr_string(ndo, dp->icmp_ip.ip_dst),
- ipaddr_string(ndo, dp->icmp_gwaddr));
+ GET_IPADDR_STRING(dp->icmp_ip.ip_dst),
+ GET_IPADDR_STRING(dp->icmp_gwaddr));
break;
}
break;
const struct id_rdiscovery *idp;
u_int lifetime, num, size;
- (void)nd_snprintf(buf, sizeof(buf), "router advertisement");
+ (void)snprintf(buf, sizeof(buf), "router advertisement");
cp = buf + strlen(buf);
ihp = (const struct ih_rdiscovery *)&dp->icmp_void;
cp = buf + strlen(buf);
lifetime = GET_BE_U_2(ihp->ird_lifetime);
if (lifetime < 60) {
- (void)nd_snprintf(cp, sizeof(buf) - (cp - buf), "%u",
+ (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u",
lifetime);
} else if (lifetime < 60 * 60) {
- (void)nd_snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
+ (void)snprintf(cp, sizeof(buf) - (cp - buf), "%u:%02u",
lifetime / 60, lifetime % 60);
} else {
- (void)nd_snprintf(cp, sizeof(buf) - (cp - buf),
+ (void)snprintf(cp, sizeof(buf) - (cp - buf),
"%u:%02u:%02u",
lifetime / 3600,
(lifetime % 3600) / 60,
cp = buf + strlen(buf);
num = GET_U_1(ihp->ird_addrnum);
- (void)nd_snprintf(cp, sizeof(buf) - (cp - buf), " %u:", num);
+ (void)snprintf(cp, sizeof(buf) - (cp - buf), " %u:", num);
cp = buf + strlen(buf);
size = GET_U_1(ihp->ird_addrsiz);
if (size != 2) {
- (void)nd_snprintf(cp, sizeof(buf) - (cp - buf),
+ (void)snprintf(cp, sizeof(buf) - (cp - buf),
" [size %u]", size);
break;
}
idp = (const struct id_rdiscovery *)&dp->icmp_data;
while (num > 0) {
ND_TCHECK_SIZE(idp);
- (void)nd_snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
- ipaddr_string(ndo, idp->ird_addr),
+ (void)snprintf(cp, sizeof(buf) - (cp - buf), " {%s %u}",
+ GET_IPADDR_STRING(idp->ird_addr),
GET_BE_U_4(idp->ird_pref));
cp = buf + strlen(buf);
++idp;
break;
default:
- (void)nd_snprintf(buf, sizeof(buf), "time exceeded-#%u",
+ (void)snprintf(buf, sizeof(buf), "time exceeded-#%u",
icmp_code);
break;
}
case ICMP_PARAMPROB:
if (icmp_code)
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"parameter problem - code %u", icmp_code);
else {
- ND_TCHECK_1(dp->icmp_pptr);
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"parameter problem - octet %u",
GET_U_1(dp->icmp_pptr));
}
break;
case ICMP_MASKREPLY:
- ND_TCHECK_4(dp->icmp_mask);
- (void)nd_snprintf(buf, sizeof(buf), "address mask is 0x%08x",
+ (void)snprintf(buf, sizeof(buf), "address mask is 0x%08x",
GET_BE_U_4(dp->icmp_mask));
break;
case ICMP_TSTAMP:
- ND_TCHECK_2(dp->icmp_seq);
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"time stamp query id %u seq %u",
GET_BE_U_2(dp->icmp_id),
GET_BE_U_2(dp->icmp_seq));
case ICMP_TSTAMPREPLY:
ND_TCHECK_4(dp->icmp_ttime);
- (void)nd_snprintf(buf, sizeof(buf),
+ (void)snprintf(buf, sizeof(buf),
"time stamp reply id %u seq %u: org %s",
GET_BE_U_2(dp->icmp_id),
GET_BE_U_2(dp->icmp_seq),
icmp_tstamp_print(GET_BE_U_4(dp->icmp_otime)));
- (void)nd_snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
+ (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", recv %s",
icmp_tstamp_print(GET_BE_U_4(dp->icmp_rtime)));
- (void)nd_snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
+ (void)snprintf(buf+strlen(buf),sizeof(buf)-strlen(buf),", xmit %s",
icmp_tstamp_print(GET_BE_U_4(dp->icmp_ttime)));
break;
/*
* print the remnants of the IP packet.
- * save the snaplength as this may get overidden in the IP printer.
+ * save the snaplength as this may get overridden in the IP printer.
*/
if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
+ const u_char *snapend_save;
+
bp += 8;
ND_PRINT("\n\t");
ip = (const struct ip *)bp;
- snapend_save = ndo->ndo_snapend;
- ND_TCHECK_2(ip->ip_len);
+ snapend_save = ndo->ndo_snapend;
+ /*
+ * Update the snapend because extensions (MPLS, ...) may be
+ * present after the IP packet. In this case the current
+ * (outer) packet's snapend is not what ip_print() needs to
+ * decode an IP packet nested in the middle of an ICMP payload.
+ *
+ * This prevents that, in ip_print(), for the nested IP packet,
+ * the remaining length < remaining caplen.
+ */
+ ndo->ndo_snapend = ND_MIN(bp + GET_BE_U_2(ip->ip_len),
+ ndo->ndo_snapend);
ip_print(ndo, bp, GET_BE_U_2(ip->ip_len));
- ndo->ndo_snapend = snapend_save;
+ ndo->ndo_snapend = snapend_save;
}
/* ndo_protocol reassignment after ip_print() call */
case 1:
switch(obj_ctype) {
case 1:
- ND_TCHECK_4(obj_tptr);
raw_label = GET_BE_U_4(obj_tptr);
- ND_PRINT("\n\t label %u, exp %u", MPLS_LABEL(raw_label), MPLS_EXP(raw_label));
+ ND_PRINT("\n\t label %u, tc %u", MPLS_LABEL(raw_label), MPLS_TC(raw_label));
if (MPLS_STACK(raw_label))
ND_PRINT(", [S]");
ND_PRINT(", ttl %u", MPLS_TTL(raw_label));
projects / tcpdump / blobdiff