#include "netdissect-stdinc.h"
+#define ND_LONGJMP_FROM_TCHECK
#include "netdissect.h"
#include "extract.h"
len = GET_BE_U_2(dat) & L2TP_AVP_HDR_LEN_MASK;
/* If it is not long enough to contain the header, we'll give up. */
- if (len < 6)
- goto trunc;
+ ND_LCHECKMSG_U(len, 6, "AVP length");
/* If it goes past the end of the remaining length of the packet,
we'll give up. */
- if (len > (u_int)length)
- goto trunc;
+ if (len > length) {
+ ND_PRINT(" (len > %u)", length);
+ goto invalid;
+ }
/* If it goes past the end of the remaining length of the captured
data, we'll give up. */
return (len);
- trunc:
- nd_print_trunc(ndo);
+invalid:
return (0);
}
if (flag_o) { /* Offset Size */
pad = GET_BE_U_2(ptr);
+ /* Offset padding octets in packet buffer? */
+ ND_TCHECK_LEN(ptr + 2, pad);
ptr += (2 + pad);
cnt += (2 + pad);
}
if (flag_l) {
if (length < l2tp_len) {
ND_PRINT(" Length %u larger than packet", l2tp_len);
- return;
+ goto invalid;
}
length = l2tp_len;
}
if (length < cnt) {
ND_PRINT(" Length %u smaller than header length", length);
- return;
+ goto invalid;
}
if (flag_t) {
if (!flag_l) {
ND_PRINT(" No length");
- return;
+ goto invalid;
}
if (length - cnt == 0) {
ND_PRINT(" ZLB");
avp_length = l2tp_avp_print(ndo, ptr, length - cnt);
if (avp_length == 0) {
- /*
- * Truncated.
- */
- break;
+ goto invalid;
}
cnt += avp_length;
ptr += avp_length;
ppp_print(ndo, ptr, length - cnt);
ND_PRINT("}");
}
+ return;
+invalid:
+ nd_print_invalid(ndo);
}
projects / tcpdump / blobdiff