]> The Tcpdump Group git mirrors - tcpdump/blobdiff - print-l2tp.c
projects / tcpdump / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #4 from infrastation/master
[tcpdump] / print-l2tp.c
diff --git a/print-l2tp.c b/print-l2tp.c
index 67a3059a289f77489571dd1d6adce3ab96db714f..2f726574e4ee3757b493bbdbd9707de6e5855d07 100644 (file)
--- a/print-l2tp.c
+++ b/print-l2tp.c
@@ -22,19 +22,17 @@
  */
 
 #ifndef lint
-static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-l2tp.c,v 1.11 2002-05-25 09:41:07 guy Exp $";
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/print-l2tp.c,v 1.20 2006-06-23 02:03:09 hannes Exp $";
 #endif
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
+#include <tcpdump-stdinc.h>
+
 #include <stdio.h>
-#include <sys/types.h>
-#include <sys/param.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
 
 #include "l2tp.h"
 #include "interface.h"
@@ -42,14 +40,6 @@ static const char rcsid[] =
 
 static char tstr[] = " [|l2tp]";
 
-#ifndef TRUE
-#define TRUE 1
-#endif
-
-#ifndef FALSE
-#define FALSE 0
-#endif
-
 #define        L2TP_MSGTYPE_SCCRQ      1  /* Start-Control-Connection-Request */
 #define        L2TP_MSGTYPE_SCCRP      2  /* Start-Control-Connection-Reply */
 #define        L2TP_MSGTYPE_SCCCN      3  /* Start-Control-Connection-Connected */
@@ -146,27 +136,27 @@ static struct tok l2tp_avp2str[] = {
        { L2TP_AVP_MAXIMUM_BPS,         "MAXIMUM_BPS" },
        { L2TP_AVP_BEARER_TYPE,         "BEARER_TYPE" },
        { L2TP_AVP_FRAMING_TYPE,        "FRAMING_TYPE" },
-       { L2TP_AVP_PACKET_PROC_DELAY,   "PACKET_PROC_DELAY" },  
+       { L2TP_AVP_PACKET_PROC_DELAY,   "PACKET_PROC_DELAY" },
        { L2TP_AVP_CALLED_NUMBER,       "CALLED_NUMBER" },
        { L2TP_AVP_CALLING_NUMBER,      "CALLING_NUMBER" },
        { L2TP_AVP_SUB_ADDRESS,         "SUB_ADDRESS" },
        { L2TP_AVP_TX_CONN_SPEED,       "TX_CONN_SPEED" },
        { L2TP_AVP_PHY_CHANNEL_ID,      "PHY_CHANNEL_ID" },
        { L2TP_AVP_INI_RECV_LCP,        "INI_RECV_LCP" },
-       { L2TP_AVP_LAST_SENT_LCP,       "LAST_SENT_LCP" },      
-       { L2TP_AVP_LAST_RECV_LCP,       "LAST_RECV_LCP" },      
-       { L2TP_AVP_PROXY_AUTH_TYPE,     "PROXY_AUTH_TYPE" },    
+       { L2TP_AVP_LAST_SENT_LCP,       "LAST_SENT_LCP" },
+       { L2TP_AVP_LAST_RECV_LCP,       "LAST_RECV_LCP" },
+       { L2TP_AVP_PROXY_AUTH_TYPE,     "PROXY_AUTH_TYPE" },
        { L2TP_AVP_PROXY_AUTH_NAME,     "PROXY_AUTH_NAME" },
-       { L2TP_AVP_PROXY_AUTH_CHAL,     "PROXY_AUTH_CHAL" },    
+       { L2TP_AVP_PROXY_AUTH_CHAL,     "PROXY_AUTH_CHAL" },
        { L2TP_AVP_PROXY_AUTH_ID,       "PROXY_AUTH_ID" },
        { L2TP_AVP_PROXY_AUTH_RESP,     "PROXY_AUTH_RESP" },
        { L2TP_AVP_CALL_ERRORS,         "CALL_ERRORS" },
-       { L2TP_AVP_ACCM,                "ACCM" },               
-       { L2TP_AVP_RANDOM_VECTOR,       "RANDOM_VECTOR" },      
+       { L2TP_AVP_ACCM,                "ACCM" },
+       { L2TP_AVP_RANDOM_VECTOR,       "RANDOM_VECTOR" },
        { L2TP_AVP_PRIVATE_GRP_ID,      "PRIVATE_GRP_ID" },
-       { L2TP_AVP_RX_CONN_SPEED,       "RX_CONN_SPEED" },      
-       { L2TP_AVP_SEQ_REQUIRED,        "SEQ_REQUIRED" },       
-       { L2TP_AVP_PPP_DISCON_CC,       "PPP_DISCON_CC" },      
+       { L2TP_AVP_RX_CONN_SPEED,       "RX_CONN_SPEED" },
+       { L2TP_AVP_SEQ_REQUIRED,        "SEQ_REQUIRED" },
+       { L2TP_AVP_PPP_DISCON_CC,       "PPP_DISCON_CC" },
        { 0,                            NULL }
 };
 
@@ -243,19 +233,19 @@ static char *l2tp_error_code_general[] = {
 /******************************/
 /* generic print out routines */
 /******************************/
-static void 
+static void
 print_string(const u_char *dat, u_int length)
 {
-       int i;
+       u_int i;
        for (i=0; i<length; i++) {
                printf("%c", *dat++);
        }
 }
 
-static void 
+static void
 print_octets(const u_char *dat, u_int length)
 {
-       int i;
+       u_int i;
        for (i=0; i<length; i++) {
                printf("%02x", *dat++);
        }
@@ -289,7 +279,7 @@ static void
 l2tp_result_code_print(const u_char *dat, u_int length)
 {
        u_int16_t *ptr = (u_int16_t *)dat;
-       
+
        printf("%u", EXTRACT_16BITS(ptr)); ptr++;       /* Result Code */
        if (length > 2) {                               /* Error Code (opt) */
                printf("/%u", EXTRACT_16BITS(ptr)); ptr++;
@@ -341,7 +331,7 @@ l2tp_q931_cc_print(const u_char *dat, u_int length)
        if (length > 3) {
                printf(" ");
                print_string(dat+3, length-3);
-       } 
+       }
 }
 
 static void
@@ -381,7 +371,7 @@ l2tp_proxy_auth_type_print(const u_char *dat)
 {
        u_int16_t *ptr = (u_int16_t *)dat;
 
-       printf("%s", tok2str(l2tp_authentype2str, 
+       printf("%s", tok2str(l2tp_authentype2str,
                             "AuthType-#%u", EXTRACT_16BITS(ptr)));
 }
 
@@ -398,7 +388,7 @@ l2tp_call_errors_print(const u_char *dat)
 {
        u_int16_t *ptr = (u_int16_t *)dat;
        u_int16_t val_h, val_l;
-       
+
        ptr++;          /* skip "Reserved" */
 
        val_h = EXTRACT_16BITS(ptr); ptr++;
@@ -437,7 +427,7 @@ l2tp_accm_print(const u_char *dat)
        val_h = EXTRACT_16BITS(ptr); ptr++;
        val_l = EXTRACT_16BITS(ptr); ptr++;
        printf("send=%08x ", (val_h<<16) + val_l);
-       
+
        val_h = EXTRACT_16BITS(ptr); ptr++;
        val_l = EXTRACT_16BITS(ptr); ptr++;
        printf("recv=%08x ", (val_h<<16) + val_l);
@@ -447,10 +437,10 @@ static void
 l2tp_ppp_discon_cc_print(const u_char *dat, u_int length)
 {
        u_int16_t *ptr = (u_int16_t *)dat;
-       
+
        printf("%04x, ", EXTRACT_16BITS(ptr)); ptr++;   /* Disconnect Code */
        printf("%04x ",  EXTRACT_16BITS(ptr)); ptr++;   /* Control Protocol Number */
-       printf("%s", tok2str(l2tp_cc_direction2str, 
+       printf("%s", tok2str(l2tp_cc_direction2str,
                             "Direction-#%u", *((u_char *)ptr++)));
 
        if (length > 5) {
@@ -476,8 +466,17 @@ l2tp_avp_print(const u_char *dat, int length)
        TCHECK(*ptr);   /* Flags & Length */
        len = EXTRACT_16BITS(ptr) & L2TP_AVP_HDR_LEN_MASK;
 
-       /* If it is not long enough to decode the entire AVP, we'll 
-          abandon. */
+       /* If it is not long enough to contain the header, we'll give up. */
+       if (len < 6)
+               goto trunc;
+
+       /* If it goes past the end of the remaining length of the packet,
+          we'll give up. */
+       if (len > (u_int)length)
+               goto trunc;
+
+       /* If it goes past the end of the remaining length of the captured
+          data, we'll give up. */
        TCHECK2(*ptr, len);
        /* After this point, no need to worry about truncation */
 
@@ -498,7 +497,7 @@ l2tp_avp_print(const u_char *dat, int length)
                print_octets((u_char *)ptr, len-6);
                printf(")");
        } else {
-               /* IETF-defined Attributes */ 
+               /* IETF-defined Attributes */
                ptr++;
                attr_type = EXTRACT_16BITS(ptr); ptr++;
                printf("%s", tok2str(l2tp_avp2str, "AVP-#%u", attr_type));
@@ -537,7 +536,7 @@ l2tp_avp_print(const u_char *dat, int length)
                        case L2TP_AVP_CALLED_NUMBER:
                        case L2TP_AVP_SUB_ADDRESS:
                        case L2TP_AVP_PROXY_AUTH_NAME:
-                       case L2TP_AVP_PRIVATE_GRP_ID:   
+                       case L2TP_AVP_PRIVATE_GRP_ID:
                                print_string((u_char *)ptr, len-6);
                                break;
                        case L2TP_AVP_CHALLENGE:
@@ -607,15 +606,15 @@ l2tp_avp_print(const u_char *dat, int length)
 void
 l2tp_print(const u_char *dat, u_int length)
 {
-       const u_int16_t *ptr = (u_int16_t *)dat;
+       const u_char *ptr = dat;
        u_int cnt = 0;                  /* total octets consumed */
        u_int16_t pad;
-       int flag_t, flag_l, flag_s, flag_o, flag_p;
+       int flag_t, flag_l, flag_s, flag_o;
        u_int16_t l2tp_len;
 
-       flag_t = flag_l = flag_s = flag_o = flag_p = FALSE;
+       flag_t = flag_l = flag_s = flag_o = FALSE;
 
-       TCHECK(*ptr);   /* Flags & Version */
+       TCHECK2(*ptr, 2);       /* Flags & Version */
        if ((EXTRACT_16BITS(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2TP) {
                printf(" l2tp:");
        } else if ((EXTRACT_16BITS(ptr) & L2TP_VERSION_MASK) == L2TP_VERSION_L2F) {
@@ -643,55 +642,73 @@ l2tp_print(const u_char *dat, u_int length)
                flag_o = TRUE;
                printf("O");
        }
-       if (EXTRACT_16BITS(ptr) & L2TP_FLAG_PRIORITY) {
-               flag_p = TRUE;
+       if (EXTRACT_16BITS(ptr) & L2TP_FLAG_PRIORITY)
                printf("P");
-       }
        printf("]");
 
-       ptr++;
+       ptr += 2;
        cnt += 2;
-       
+
        if (flag_l) {
-               TCHECK(*ptr);   /* Length */
-               l2tp_len = EXTRACT_16BITS(ptr); ptr++;
+               TCHECK2(*ptr, 2);       /* Length */
+               l2tp_len = EXTRACT_16BITS(ptr);
+               ptr += 2;
                cnt += 2;
        } else {
                l2tp_len = 0;
        }
 
-       TCHECK(*ptr);           /* Tunnel ID */
-       printf("(%u/", EXTRACT_16BITS(ptr)); ptr++;
+       TCHECK2(*ptr, 2);               /* Tunnel ID */
+       printf("(%u/", EXTRACT_16BITS(ptr));
+       ptr += 2;
        cnt += 2;
-       TCHECK(*ptr);           /* Session ID */
-       printf("%u)",  EXTRACT_16BITS(ptr)); ptr++;
+       TCHECK2(*ptr, 2);               /* Session ID */
+       printf("%u)",  EXTRACT_16BITS(ptr));
+       ptr += 2;
        cnt += 2;
 
        if (flag_s) {
-               TCHECK(*ptr);   /* Ns */
-               printf("Ns=%u,", EXTRACT_16BITS(ptr)); ptr++;
+               TCHECK2(*ptr, 2);       /* Ns */
+               printf("Ns=%u,", EXTRACT_16BITS(ptr));
+               ptr += 2;
                cnt += 2;
-               TCHECK(*ptr);   /* Nr */
-               printf("Nr=%u",  EXTRACT_16BITS(ptr)); ptr++;
+               TCHECK2(*ptr, 2);       /* Nr */
+               printf("Nr=%u",  EXTRACT_16BITS(ptr));
+               ptr += 2;
                cnt += 2;
        }
 
        if (flag_o) {
-               TCHECK(*ptr);   /* Offset Size */
-               pad =  EXTRACT_16BITS(ptr); ptr++;
-               ptr += pad / sizeof(*ptr);
+               TCHECK2(*ptr, 2);       /* Offset Size */
+               pad =  EXTRACT_16BITS(ptr);
+               ptr += (2 + pad);
                cnt += (2 + pad);
        }
 
+       if (flag_l) {
+               if (length < l2tp_len) {
+                       printf(" Length %u larger than packet", l2tp_len);
+                       return;
+               }
+               length = l2tp_len;
+       }
+       if (length < cnt) {
+               printf(" Length %u smaller than header length", length);
+               return;
+       }
        if (flag_t) {
+               if (!flag_l) {
+                       printf(" No length");
+                       return;
+               }
                if (length - cnt == 0) {
                        printf(" ZLB");
                } else {
-                       l2tp_avp_print((u_char *)ptr, length - cnt);
+                       l2tp_avp_print(ptr, length - cnt);
                }
        } else {
                printf(" {");
-               ppp_print((u_char *)ptr, length - cnt);
+               ppp_print(ptr, length - cnt);
                printf("}");
        }
 
@@ -699,4 +716,4 @@ l2tp_print(const u_char *dat, u_int length)
 
  trunc:
        printf("%s", tstr);
-}      
+}
[mirror] the TCPdump network dissector