]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-ospf.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add tracefiles for infinite loop testing
[tcpdump] / print-ospf.c
diff --git a/print-ospf.c b/print-ospf.c
index a0ed37f77112e1d1ec5d185b4f6ac0f4ecf1fe42..79ed39705f5f977dfbd2e8cb1ac7fc1751b3c95d 100644 (file)
--- a/print-ospf.c
+++ b/print-ospf.c
@@ -22,8 +22,8 @@
  */
 
 #ifndef lint
-static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-ospf.c,v 1.42 2003-10-22 15:47:44 hannes Exp $ (LBL)";
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/print-ospf.c,v 1.45.2.4 2004-03-24 02:44:30 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -145,21 +145,30 @@ static char tstr[] = " [|ospf]";
 #endif /* WIN32 */
 
 static int ospf_print_lshdr(const struct lsa_hdr *);
-static int ospf_print_lsa(const struct lsa *);
+static const u_char *ospf_print_lsa(const struct lsa *);
 static int ospf_decode_v2(const struct ospfhdr *, const u_char *);
 
 static int
-ospf_print_lshdr(register const struct lsa_hdr *lshp) {
-
-       TCHECK(lshp->ls_type);
-       TCHECK(lshp->ls_options);
+ospf_print_lshdr(register const struct lsa_hdr *lshp)
+{
+        u_int ls_length;
+
+        TCHECK(lshp->ls_length);
+        ls_length = EXTRACT_16BITS(&lshp->ls_length);
+        if (ls_length < sizeof(struct lsa_hdr)) {
+                printf("\n\t    Bogus length %u < %lu", ls_length,
+                    (unsigned long)sizeof(struct lsa_hdr));
+                return(-1);
+        }
 
+        TCHECK(lshp->ls_seq);  /* XXX - ls_length check checked this */
        printf("\n\t  Advertising Router: %s, seq 0x%08x, age %us, length: %u",
               ipaddr_string(&lshp->ls_router),
               EXTRACT_32BITS(&lshp->ls_seq),
               EXTRACT_16BITS(&lshp->ls_age),
-               EXTRACT_16BITS(&lshp->ls_length)-sizeof(struct lsa_hdr));
+               ls_length-(u_int)sizeof(struct lsa_hdr));
 
+       TCHECK(lshp->ls_type);  /* XXX - ls_length check checked this */
         switch (lshp->ls_type) {
        /* the LSA header for opaque LSAs was slightly changed */
         case LS_TYPE_OPAQUE_LL:
@@ -180,34 +189,38 @@ ospf_print_lshdr(register const struct lsa_hdr *lshp) {
 
        /* all other LSA types use regular style LSA headers */
        default:
-            printf("\n\t  %s LSA (%d), LSA-ID: %s",
+            printf("\n\t    %s LSA (%d), LSA-ID: %s",
                    tok2str(lsa_values,"unknown",lshp->ls_type),
                    lshp->ls_type,
                    ipaddr_string(&lshp->un_lsa_id.lsa_id));
             break;
         }
 
-        printf("\n\t    Options: %s", bittok2str(ospf_option_values,"none",lshp->ls_options));
+       TCHECK(lshp->ls_options);       /* XXX - ls_length check checked this */
+        printf("\n\t    Options: [%s]", bittok2str(ospf_option_values,"none",lshp->ls_options));
 
-return (0);
+        return (ls_length);
 trunc:
-       return (1);
+       return (-1);
 }
 
 /*
- * Print a single link state advertisement.  If truncated return 1, else 0.
+ * Print a single link state advertisement.  If truncated or if LSA length
+ * field is less than the length of the LSA header, return NULl, else
+ * return pointer to data past end of LSA.
  */
-static int
+static const u_int8_t *
 ospf_print_lsa(register const struct lsa *lsap)
 {
-       register const u_char *ls_end;
+       register const u_int8_t *ls_end;
        register const struct rlalink *rlp;
        register const struct tos_metric *tosp;
        register const struct in_addr *ap;
        register const struct aslametric *almp;
        register const struct mcla *mcp;
        register const u_int32_t *lp;
-       register int j, k,ls_length, tlv_type, tlv_length, subtlv_type, subtlv_length, priority_level;
+       register int j, k, tlv_type, tlv_length, subtlv_type, subtlv_length, priority_level;
+       register int ls_length;
        const u_int8_t *tptr;
        int count_srlg;
         union { /* int to float conversion buffer for several subTLVs */
@@ -216,18 +229,17 @@ ospf_print_lsa(register const struct lsa *lsap)
         } bw;
 
        tptr = (u_int8_t *)lsap->lsa_un.un_unknown; /* squelch compiler warnings */
-        ls_length = EXTRACT_16BITS(&lsap->ls_hdr.ls_length)-sizeof(struct lsa_hdr);
-
-        ospf_print_lshdr(&lsap->ls_hdr);
-
-       TCHECK(lsap->ls_hdr.ls_length);
-       ls_end = (u_char *)lsap + EXTRACT_16BITS(&lsap->ls_hdr.ls_length);
+        ls_length = ospf_print_lshdr(&lsap->ls_hdr);
+        if (ls_length == -1)
+                return(NULL);
+       ls_end = (u_int8_t *)lsap + ls_length;
+       ls_length -= sizeof(struct lsa_hdr);
 
        switch (lsap->ls_hdr.ls_type) {
 
        case LS_TYPE_ROUTER:
                TCHECK(lsap->lsa_un.un_rla.rla_flags);
-                printf("\n\t    Router LSA Options: %s", bittok2str(ospf_rla_flag_values,"unknown (%u)",lsap->lsa_un.un_rla.rla_flags));
+                printf("\n\t    Router LSA Options: [%s]", bittok2str(ospf_rla_flag_values,"none",lsap->lsa_un.un_rla.rla_flags));
 
                TCHECK(lsap->lsa_un.un_rla.rla_count);
                j = EXTRACT_16BITS(&lsap->lsa_un.un_rla.rla_count);
@@ -238,33 +250,33 @@ ospf_print_lsa(register const struct lsa *lsap)
                        switch (rlp->link_type) {
 
                        case RLA_TYPE_VIRTUAL:
-                               printf("\n\t      Virtual Link: Neighbor-Router-ID: %s, Interface-IP: %s",
+                               printf("\n\t      Virtual Link: Neighbor Router-ID: %s, Interface Address: %s",
                                    ipaddr_string(&rlp->link_id),
                                    ipaddr_string(&rlp->link_data)); 
                                 break;
 
                        case RLA_TYPE_ROUTER:
-                               printf("\n\t      Neighbor-Router-ID: %s, Interface-IP: %s",
+                               printf("\n\t      Neighbor Router-ID: %s, Interface Address: %s",
                                    ipaddr_string(&rlp->link_id),
                                    ipaddr_string(&rlp->link_data));
                                break;
 
                        case RLA_TYPE_TRANSIT:
-                               printf("\n\t      Neighbor-Network-ID: %s, Interface-IP: %s",
+                               printf("\n\t      Neighbor Network-ID: %s, Interface Address: %s",
                                    ipaddr_string(&rlp->link_id),
                                    ipaddr_string(&rlp->link_data));
                                break;
 
                        case RLA_TYPE_STUB:
-                               printf("\n\t      Stub-Network: %s, mask: %s",
+                               printf("\n\t      Stub Network: %s, Mask: %s",
                                    ipaddr_string(&rlp->link_id),
                                    ipaddr_string(&rlp->link_data));
                                break;
 
                        default:
-                               printf("\n\t      unknown Router Links Type (%u)",
+                               printf("\n\t      Unknown Router Link Type (%u)",
                                    rlp->link_type);
-                               return (0);
+                               return (ls_end);
                        }
                        printf(", tos 0, metric: %d", EXTRACT_16BITS(&rlp->link_tos0metric));
                        tosp = (struct tos_metric *)
@@ -282,19 +294,19 @@ ospf_print_lsa(register const struct lsa *lsap)
 
        case LS_TYPE_NETWORK:
                TCHECK(lsap->lsa_un.un_nla.nla_mask);
-               printf("\n\t    mask %s rtrs",
+               printf("\n\t    Mask %s\n\t    Connected Routers:",
                    ipaddr_string(&lsap->lsa_un.un_nla.nla_mask));
                ap = lsap->lsa_un.un_nla.nla_router;
                while ((u_char *)ap < ls_end) {
                        TCHECK(*ap);
-                       printf(" %s", ipaddr_string(ap));
+                       printf("\n\t      %s", ipaddr_string(ap));
                        ++ap;
                }
                break;
 
        case LS_TYPE_SUM_IP:
                TCHECK(lsap->lsa_un.un_nla.nla_mask);
-               printf("\n\t    mask %s",
+               printf("\n\t    Mask %s",
                    ipaddr_string(&lsap->lsa_un.un_sla.sla_mask));
                TCHECK(lsap->lsa_un.un_sla.sla_tosmetric);
                lp = lsap->lsa_un.un_sla.sla_tosmetric;
@@ -337,7 +349,7 @@ ospf_print_lsa(register const struct lsa *lsap)
 
        case LS_TYPE_ASE:
                TCHECK(lsap->lsa_un.un_nla.nla_mask);
-               printf("\n\t    mask %s",
+               printf("\n\t    Mask %s",
                    ipaddr_string(&lsap->lsa_un.un_asla.asla_mask));
 
                TCHECK(lsap->lsa_un.un_sla.sla_tosmetric);
@@ -401,39 +413,50 @@ ospf_print_lsa(register const struct lsa *lsap)
 
            switch (*(&lsap->ls_hdr.un_lsa_id.opaque_field.opaque_type)) {
            case LS_OPAQUE_TYPE_TE:
-               if (!TTEST2(*tptr, 4))
-                   goto trunc;
+               tptr = (u_int8_t *)(&lsap->lsa_un.un_te_lsa_tlv.type);
 
-               tptr = (u_int8_t *)(&lsap->lsa_un.un_te_lsa_tlv.type);                
-
-               while (ls_length > 0) {
+               while (ls_length != 0) {
+                    TCHECK2(*tptr, 4);
+                   if (ls_length < 4) {
+                        printf("\n\t    Remaining LS length %u < 4", ls_length);
+                        return(ls_end);
+                    }
                     tlv_type = EXTRACT_16BITS(tptr);
                     tlv_length = EXTRACT_16BITS(tptr+2);
-                    ls_length-=(tlv_length+4);
                     tptr+=4;
+                    ls_length-=4;
                     
                     printf("\n\t    %s TLV (%u), length: %u",
                            tok2str(lsa_opaque_te_tlv_values,"unknown",tlv_type),
                            tlv_type,
                            tlv_length);
 
+                    if (tlv_length > ls_length) {
+                        printf("\n\t    Bogus length %u > %u", tlv_length,
+                            ls_length);
+                        return(ls_end);
+                    }
+                    ls_length-=tlv_length;
                     switch(tlv_type) {
                     case LS_OPAQUE_TE_TLV_LINK:
-                        while (tlv_length > 0) {
-                            if (!TTEST2(*tptr, 4))
-                                goto trunc;
+                        while (tlv_length != 0) {
+                            if (tlv_length < 4) {
+                                printf("\n\t    Remaining TLV length %u < 4",
+                                    tlv_length);
+                                return(ls_end);
+                            }
+                            TCHECK2(*tptr, 4);
                             subtlv_type = EXTRACT_16BITS(tptr);
                             subtlv_length = EXTRACT_16BITS(tptr+2);
-                            tlv_length-=4;
                             tptr+=4;
+                            tlv_length-=4;
                             
                             printf("\n\t      %s subTLV (%u), length: %u",
                                    tok2str(lsa_opaque_te_link_tlv_subtlv_values,"unknown",subtlv_type),
                                    subtlv_type,
                                    subtlv_length);
                             
-                            if (!TTEST2(*tptr, subtlv_length))
-                                goto trunc;
+                            TCHECK2(*tptr, subtlv_length);
                             switch(subtlv_type) {
                             case LS_OPAQUE_TE_LINK_SUBTLV_ADMIN_GROUP:
                                 printf(", 0x%08x", EXTRACT_32BITS(tptr));
@@ -508,7 +531,7 @@ ospf_print_lsa(register const struct lsa *lsap)
                             default:
                                 if (vflag <= 1) {
                                     if(!print_unknown_data(tptr,"\n\t\t",subtlv_length))
-                                        return(0);
+                                        return(ls_end);
                                 }
                                 break;
                             }
@@ -523,13 +546,18 @@ ospf_print_lsa(register const struct lsa *lsap)
                         break;
                         
                     case LS_OPAQUE_TE_TLV_ROUTER:
+                        if (tlv_length < 4) {
+                            printf("\n\t    TLV length %u < 4", tlv_length);
+                            return(ls_end);
+                        }
+                        TCHECK2(*tptr, 4);
                         printf(", %s", ipaddr_string(tptr));
                         break;
                         
                     default:
                         if (vflag <= 1) {
                             if(!print_unknown_data(tptr,"\n\t      ",tlv_length))
-                                return(0);
+                                return(ls_end);
                         }
                         break;
                     }
@@ -541,8 +569,8 @@ ospf_print_lsa(register const struct lsa *lsap)
         default:
             if (vflag <= 1) {
                 if(!print_unknown_data((u_int8_t *)lsap->lsa_un.un_unknown,
-                                       "\n\t    ", EXTRACT_16BITS(&lsap->ls_hdr.ls_length)-sizeof(struct lsa_hdr)))
-                    return(0);
+                                       "\n\t    ", ls_length))
+                    return(ls_end);
             } 
             break;
         }
@@ -550,13 +578,13 @@ ospf_print_lsa(register const struct lsa *lsap)
         /* do we want to see an additionally hexdump ? */
         if (vflag> 1)
             if(!print_unknown_data((u_int8_t *)lsap->lsa_un.un_unknown,
-                                   "\n\t    ", EXTRACT_16BITS(&lsap->ls_hdr.ls_length)-sizeof(struct lsa_hdr))) {
-                return(0);
+                                   "\n\t    ", ls_length)) {
+                return(ls_end);
             }
         
-       return (0);
+       return (ls_end);
 trunc:
-       return (1);
+       return (NULL);
 }
 
 static int
@@ -579,16 +607,16 @@ ospf_decode_v2(register const struct ospfhdr *op,
                break;
 
        case OSPF_TYPE_HELLO:
+                printf("\n\tOptions: [%s]",
+                       bittok2str(ospf_option_values,"none",op->ospf_hello.hello_options));
+
                 TCHECK(op->ospf_hello.hello_deadint);
-                printf("\n\t  Hello Timer: %us, Dead Timer %us, mask: %s, Priority: %u",
+                printf("\n\t  Hello Timer: %us, Dead Timer %us, Mask: %s, Priority: %u",
                        EXTRACT_16BITS(&op->ospf_hello.hello_helloint),
                        EXTRACT_32BITS(&op->ospf_hello.hello_deadint),
                        ipaddr_string(&op->ospf_hello.hello_mask),
                        op->ospf_hello.hello_priority);
 
-                printf("\n\t  Options: %s",
-                       bittok2str(ospf_option_values,"none",op->ospf_hello.hello_options));
-
                TCHECK(op->ospf_hello.hello_dr);
                if (op->ospf_hello.hello_dr.s_addr != 0)
                        printf("\n\t  Designated Router %s",
@@ -611,16 +639,16 @@ ospf_decode_v2(register const struct ospfhdr *op,
 
        case OSPF_TYPE_DD:
                TCHECK(op->ospf_db.db_options);
-                printf("\n\t  Options: %s",
+                printf("\n\tOptions: [%s]",
                        bittok2str(ospf_option_values,"none",op->ospf_db.db_options));
                TCHECK(op->ospf_db.db_flags);
-                printf("\n\t  DD Flags: %s",
+                printf(", DD Flags: [%s]",
                        bittok2str(ospf_dd_flag_values,"none",op->ospf_db.db_flags));
 
                if (vflag) {
                        /* Print all the LS adv's */
                        lshp = op->ospf_db.db_lshdr;
-                       while (!ospf_print_lshdr(lshp)) {
+                       while (ospf_print_lshdr(lshp) != -1) {
                                ++lshp;
                        }
                }
@@ -629,14 +657,30 @@ ospf_decode_v2(register const struct ospfhdr *op,
        case OSPF_TYPE_LS_REQ:
                 lsrp = op->ospf_lsr;
                 while ((u_char *)lsrp < dataend) {
-                        TCHECK(*lsrp);
-
-                        printf("\n\t  %s LSA (%d), LSA-ID: %s, Advertising Router: %s",
-                               tok2str(lsa_values,"unknown",lsrp->ls_type),
-                               lsrp->ls_type,
-                               ipaddr_string(&lsrp->ls_stateid),
-                               ipaddr_string(&lsrp->ls_router));
-                        ++lsrp;
+                    TCHECK(*lsrp);
+
+                    printf("\n\t  Advertising Router: %s, %s LSA (%u)",
+                           ipaddr_string(&lsrp->ls_router),
+                           tok2str(lsa_values,"unknown",EXTRACT_32BITS(lsrp->ls_type)),
+                           EXTRACT_32BITS(&lsrp->ls_type));
+
+                    switch (EXTRACT_32BITS(lsrp->ls_type)) {
+                        /* the LSA header for opaque LSAs was slightly changed */
+                    case LS_TYPE_OPAQUE_LL:
+                    case LS_TYPE_OPAQUE_AL:
+                    case LS_TYPE_OPAQUE_DW:
+                        printf(", Opaque-Type: %s LSA (%u), Opaque-ID: %u",
+                               tok2str(lsa_opaque_values, "unknown",lsrp->un_ls_stateid.opaque_field.opaque_type),
+                               lsrp->un_ls_stateid.opaque_field.opaque_type,
+                               EXTRACT_24BITS(&lsrp->un_ls_stateid.opaque_field.opaque_id));
+                        break;
+                    default:
+                        printf(", LSA-ID: %s",
+                               ipaddr_string(&lsrp->un_ls_stateid.ls_stateid));
+                        break;
+                    }
+                    
+                    ++lsrp;
                 }
                break;
 
@@ -647,16 +691,15 @@ ospf_decode_v2(register const struct ospfhdr *op,
                 printf(", %d LSA%s",lsa_count_max, lsa_count_max > 1 ? "s" : "");
                 for (lsa_count=1;lsa_count <= lsa_count_max;lsa_count++) {
                     printf("\n\t  LSA #%u",lsa_count);
-                        if (ospf_print_lsa(lsap))
+                        lsap = (const struct lsa *)ospf_print_lsa(lsap);
+                        if (lsap == NULL)
                                 goto trunc;
-                        lsap = (struct lsa *)((u_char *)lsap +
-                                              EXTRACT_16BITS(&lsap->ls_hdr.ls_length));
                 }
                break;
 
        case OSPF_TYPE_LS_ACK:
                 lshp = op->ospf_lsa.lsa_lshdr;
-                while (!ospf_print_lshdr(lshp)) {
+                while (ospf_print_lshdr(lshp) != -1) {
                     ++lshp;
                 }
                 break;
[mirror] the TCPdump network dissector