Add CAP_FCNTL and use cap_fcntls_limit().

[tcpdump] / print-atm.c

diff --git a/print-atm.c b/print-atm.c
index 285c6a40412c346f3dddda4e602e5146b2a0034c..9361065937b2951190dd13bc6219db84d24ee2e6 100644 (file)
--- a/print-atm.c
+++ b/print-atm.c
@@ -165,7 +165,7 @@ atm_if_print(netdissect_options *ndo,
        uint32_t llchdr;
        u_int hdrlen = 0;
 
-       if (caplen < 8) {
+       if (caplen < 1 || length < 1) {
                ND_PRINT((ndo, "%s", tstr));
                return (caplen);
        }
@@ -178,6 +178,15 @@ atm_if_print(netdissect_options *ndo,
             return hdrlen;
         }
 
+       /*
+        * Must have at least a DSAP, an SSAP, and the first byte of the
+        * control field.
+        */
+       if (caplen < 3 || length < 3) {
+               ND_PRINT((ndo, "%s", tstr));
+               return (caplen);
+       }
+
        /*
         * Extract the presumed LLC header into a variable, for quick
         * testing.
@@ -205,6 +214,10 @@ atm_if_print(netdissect_options *ndo,
                 * packets?  If so, could it be changed to use a
                 * new DLT_IEEE802_6 value if we added it?
                 */
+               if (caplen < 20 || length < 20) {
+                       ND_PRINT((ndo, "%s", tstr));
+                       return (caplen);
+               }
                if (ndo->ndo_eflag)
                        ND_PRINT((ndo, "%08x%08x %08x%08x ",
                               EXTRACT_32BITS(p),
@@ -246,7 +259,7 @@ static void
 sig_print(netdissect_options *ndo,
           const u_char *p, int caplen)
 {
-       bpf_u_int32 call_ref;
+       uint32_t call_ref;
 
        if (caplen < PROTO_POS) {
                ND_PRINT((ndo, "%s", tstr));