PIM: Fix some length checks

[tcpdump] / print-pim.c

diff --git a/print-pim.c b/print-pim.c
index 9aa6dea5ca3b85997cbc13b02041f5fba23d14cf..35fb476e23ead56de3612f1b33399fc6e3196f22 100644 (file)
--- a/print-pim.c
+++ b/print-pim.c
@@ -729,8 +729,11 @@ pimv2_print(netdissect_options *ndo,
        u_int pimv2_addr_len;
 
        ndo->ndo_protocol = "pimv2";
-       if (len < 2)
-               goto trunc;
+       if (len < 2) {
+               ND_PRINT("[length %u < 2]", len);
+               nd_print_invalid(ndo);
+               return;
+       }
        ND_TCHECK_1(pim->pim_rsv);
        pim_typever = GET_U_1(pim->pim_typever);
        /* RFC5015 allocates the high 4 bits of pim_rsv for "subtype". */
@@ -738,8 +741,11 @@ pimv2_print(netdissect_options *ndo,
        if (pimv2_addr_len != 0)
                ND_PRINT(", RFC2117-encoding");
 
-       if (len < 4)
-               goto trunc;
+       if (len < 4) {
+               ND_PRINT("[length %u < 4]", len);
+               nd_print_invalid(ndo);
+               return;
+       }
        ND_TCHECK_2(pim->pim_cksum);
        ND_PRINT(", cksum 0x%04x ", GET_BE_U_2(pim->pim_cksum));
        if (GET_BE_U_2(pim->pim_cksum) == 0) {
@@ -807,7 +813,9 @@ pimv2_print(netdissect_options *ndo,
                        switch (otype) {
                        case PIMV2_HELLO_OPTION_HOLDTIME:
                                if (olen != 2) {
-                                       ND_PRINT("ERROR: Option Length != 2 Bytes (%u)", olen);
+                                       ND_PRINT("[option length %u != 2]", olen);
+                                       nd_print_invalid(ndo);
+                                       return;
                                } else {
                                        unsigned_relts_print(ndo,
                                                             GET_BE_U_2(bp));
@@ -816,7 +824,9 @@ pimv2_print(netdissect_options *ndo,
 
                        case PIMV2_HELLO_OPTION_LANPRUNEDELAY:
                                if (olen != 4) {
-                                       ND_PRINT("ERROR: Option Length != 4 Bytes (%u)", olen);
+                                       ND_PRINT("[option length %u != 4]", olen);
+                                       nd_print_invalid(ndo);
+                                       return;
                                } else {
                                        char t_bit;
                                        uint16_t lan_delay, override_interval;
@@ -839,14 +849,18 @@ pimv2_print(netdissect_options *ndo,
                                        ND_PRINT("%u", GET_BE_U_4(bp));
                                        break;
                                default:
-                                       ND_PRINT("ERROR: Option Length != 4 Bytes (%u)", olen);
+                                       ND_PRINT("[option length %u != 4]", olen);
+                                       nd_print_invalid(ndo);
+                                       return;
                                        break;
                                }
                                break;
 
                        case PIMV2_HELLO_OPTION_GENID:
                                if (olen != 4) {
-                                       ND_PRINT("ERROR: Option Length != 4 Bytes (%u)", olen);
+                                       ND_PRINT("[option length %u != 4]", olen);
+                                       nd_print_invalid(ndo);
+                                       return;
                                } else {
                                        ND_PRINT("0x%08x", GET_BE_U_4(bp));
                                }
@@ -854,7 +868,9 @@ pimv2_print(netdissect_options *ndo,
 
                        case PIMV2_HELLO_OPTION_REFRESH_CAP:
                                if (olen != 4) {
-                                       ND_PRINT("ERROR: Option Length != 4 Bytes (%u)", olen);
+                                       ND_PRINT("[option length %u != 4]", olen);
+                                       nd_print_invalid(ndo);
+                                       return;
                                } else {
                                        ND_PRINT("v%u", GET_U_1(bp));
                                        if (GET_U_1(bp + 1) != 0) {