X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/1a84a1e1142f2c60dc045c2557ed4d484b576d8b..32d1d15c5412b3a708ae2b45ed2016bdab9bb58b:/print-bootp.c diff --git a/print-bootp.c b/print-bootp.c index 35a33558..e5e6bcaf 100644 --- a/print-bootp.c +++ b/print-bootp.c @@ -17,20 +17,19 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. - * - * Format and print bootp packets. */ -#define NETDISSECT_REWORKED +/* \summary: BOOTP and IPv4 DHCP printer */ + #ifdef HAVE_CONFIG_H #include "config.h" #endif -#include +#include #include -#include "interface.h" +#include "netdissect.h" #include "addrtoname.h" #include "extract.h" @@ -56,28 +55,27 @@ static const char tstr[] = " [|bootp]"; * without express or implied warranty. */ - struct bootp { - uint8_t bp_op; /* packet opcode type */ - uint8_t bp_htype; /* hardware addr type */ - uint8_t bp_hlen; /* hardware addr length */ - uint8_t bp_hops; /* gateway hops */ - uint32_t bp_xid; /* transaction ID */ - uint16_t bp_secs; /* seconds since boot began */ - uint16_t bp_flags; /* flags - see bootp_flag_values[] + nd_uint8_t bp_op; /* packet opcode type */ + nd_uint8_t bp_htype; /* hardware addr type */ + nd_uint8_t bp_hlen; /* hardware addr length */ + nd_uint8_t bp_hops; /* gateway hops */ + nd_uint32_t bp_xid; /* transaction ID */ + nd_uint16_t bp_secs; /* seconds since boot began */ + nd_uint16_t bp_flags; /* flags - see bootp_flag_values[] in print-bootp.c */ struct in_addr bp_ciaddr; /* client IP address */ struct in_addr bp_yiaddr; /* 'your' IP address */ struct in_addr bp_siaddr; /* server IP address */ struct in_addr bp_giaddr; /* gateway IP address */ - uint8_t bp_chaddr[16]; /* client hardware address */ - uint8_t bp_sname[64]; /* server host name */ - uint8_t bp_file[128]; /* boot file name */ - uint8_t bp_vend[64]; /* vendor-specific area */ + nd_byte bp_chaddr[16]; /* client hardware address */ + nd_byte bp_sname[64]; /* server host name */ + nd_byte bp_file[128]; /* boot file name */ + nd_byte bp_vend[64]; /* vendor-specific area */ } UNALIGNED; -#define BOOTPREPLY 2 -#define BOOTPREQUEST 1 +#define BOOTPREPLY 2 +#define BOOTPREQUEST 1 /* * Vendor magic cookie (v_magic) for CMU @@ -189,13 +187,16 @@ struct bootp { #define TAG_SLP_SCOPE ((uint8_t) 79) /* RFC 2937 */ #define TAG_NS_SEARCH ((uint8_t) 117) +/* RFC 3004 - The User Class Option for DHCP */ +#define TAG_USER_CLASS ((uint8_t) 77) /* RFC 3011 */ #define TAG_IP4_SUBNET_SELECT ((uint8_t) 118) /* RFC 3442 */ #define TAG_CLASSLESS_STATIC_RT ((uint8_t) 121) #define TAG_CLASSLESS_STA_RT_MS ((uint8_t) 249) +/* RFC 5859 - TFTP Server Address Option for DHCPv4 */ +#define TAG_TFTP_SERVER_ADDRESS ((uint8_t) 150) /* ftp://ftp.isi.edu/.../assignments/bootp-dhcp-extensions */ -#define TAG_USER_CLASS ((uint8_t) 77) #define TAG_SLP_NAMING_AUTH ((uint8_t) 80) #define TAG_CLIENT_FQDN ((uint8_t) 81) #define TAG_AGENT_CIRCUIT ((uint8_t) 82) @@ -211,8 +212,9 @@ struct bootp { #define TAG_CLIENT_GUID ((uint8_t) 97) #define TAG_LDAP_URL ((uint8_t) 95) #define TAG_6OVER4 ((uint8_t) 96) -#define TAG_PRINTER_NAME ((uint8_t) 100) -#define TAG_MDHCP_SERVER ((uint8_t) 101) +/* RFC 4833, TZ codes */ +#define TAG_TZ_PCODE ((uint8_t) 100) +#define TAG_TZ_TCODE ((uint8_t) 101) #define TAG_IPX_COMPAT ((uint8_t) 110) #define TAG_NETINFO_PARENT ((uint8_t) 112) #define TAG_NETINFO_PARENT_TAG ((uint8_t) 113) @@ -220,32 +222,31 @@ struct bootp { #define TAG_FAILOVER ((uint8_t) 115) #define TAG_EXTENDED_REQUEST ((uint8_t) 126) #define TAG_EXTENDED_OPTION ((uint8_t) 127) - +#define TAG_MUDURL ((uint8_t) 161) /* DHCP Message types (values for TAG_DHCP_MESSAGE option) */ -#define DHCPDISCOVER 1 -#define DHCPOFFER 2 -#define DHCPREQUEST 3 -#define DHCPDECLINE 4 -#define DHCPACK 5 -#define DHCPNAK 6 -#define DHCPRELEASE 7 -#define DHCPINFORM 8 - +#define DHCPDISCOVER 1 +#define DHCPOFFER 2 +#define DHCPREQUEST 3 +#define DHCPDECLINE 4 +#define DHCPACK 5 +#define DHCPNAK 6 +#define DHCPRELEASE 7 +#define DHCPINFORM 8 /* * "vendor" data permitted for CMU bootp clients. */ struct cmu_vend { - uint8_t v_magic[4]; /* magic number */ - uint32_t v_flags; /* flags/opcodes, etc. */ + nd_byte v_magic[4]; /* magic number */ + nd_uint32_t v_flags; /* flags/opcodes, etc. */ struct in_addr v_smask; /* Subnet mask */ struct in_addr v_dgate; /* Default gateway */ struct in_addr v_dns1, v_dns2; /* Domain name servers */ struct in_addr v_ins1, v_ins2; /* IEN-116 name servers */ struct in_addr v_ts1, v_ts2; /* Time servers */ - uint8_t v_unused[24]; /* currently unused */ + nd_byte v_unused[24]; /* currently unused */ } UNALIGNED; @@ -265,14 +266,14 @@ static void cmu_print(netdissect_options *, const u_char *); static char *client_fqdn_flags(u_int flags); static const struct tok bootp_flag_values[] = { - { 0x8000, "Broadcast" }, - { 0, NULL} + { 0x8000, "Broadcast" }, + { 0, NULL} }; static const struct tok bootp_op_values[] = { - { BOOTPREQUEST, "Request" }, - { BOOTPREPLY, "Reply" }, - { 0, NULL} + { BOOTPREQUEST, "Request" }, + { BOOTPREPLY, "Reply" }, + { 0, NULL} }; /* @@ -280,21 +281,25 @@ static const struct tok bootp_op_values[] = { */ void bootp_print(netdissect_options *ndo, - register const u_char *cp, u_int length) + const u_char *cp, u_int length) { - register const struct bootp *bp; + const struct bootp *bp; static const u_char vm_cmu[4] = VM_CMU; static const u_char vm_rfc1048[4] = VM_RFC1048; + uint8_t bp_op, bp_htype, bp_hlen; bp = (const struct bootp *)cp; ND_TCHECK(bp->bp_op); - + bp_op = EXTRACT_U_1(bp->bp_op); ND_PRINT((ndo, "BOOTP/DHCP, %s", - tok2str(bootp_op_values, "unknown (0x%02x)", bp->bp_op))); - - if (bp->bp_htype == 1 && bp->bp_hlen == 6 && bp->bp_op == BOOTPREQUEST) { - ND_TCHECK2(bp->bp_chaddr[0], 6); - ND_PRINT((ndo, " from %s", etheraddr_string(ndo, bp->bp_chaddr))); + tok2str(bootp_op_values, "unknown (0x%02x)", bp_op))); + + ND_TCHECK(bp->bp_hlen); + bp_htype = EXTRACT_U_1(bp->bp_htype); + bp_hlen = EXTRACT_U_1(bp->bp_hlen); + if (bp_htype == 1 && bp_hlen == 6 && bp_op == BOOTPREQUEST) { + ND_TCHECK_LEN(bp->bp_chaddr, 6); + ND_PRINT((ndo, " from %s", etheraddr_string(ndo, bp->bp_chaddr)); } ND_PRINT((ndo, ", length %u", length)); @@ -305,66 +310,69 @@ bootp_print(netdissect_options *ndo, ND_TCHECK(bp->bp_secs); /* The usual hardware address type is 1 (10Mb Ethernet) */ - if (bp->bp_htype != 1) - ND_PRINT((ndo, ", htype %d", bp->bp_htype)); + if (bp_htype != 1) + ND_PRINT((ndo, ", htype %d", bp_htype)); /* The usual length for 10Mb Ethernet address is 6 bytes */ - if (bp->bp_htype != 1 || bp->bp_hlen != 6) - ND_PRINT((ndo, ", hlen %d", bp->bp_hlen)); + if (bp_htype != 1 || bp_hlen != 6) + ND_PRINT((ndo, ", hlen %d", bp_hlen)); /* Only print interesting fields */ - if (bp->bp_hops) - ND_PRINT((ndo, ", hops %d", bp->bp_hops)); - if (EXTRACT_32BITS(&bp->bp_xid)) - ND_PRINT((ndo, ", xid 0x%x", EXTRACT_32BITS(&bp->bp_xid))); - if (EXTRACT_16BITS(&bp->bp_secs)) - ND_PRINT((ndo, ", secs %d", EXTRACT_16BITS(&bp->bp_secs))); - + if (EXTRACT_U_1(bp->bp_hops)) + ND_PRINT((ndo, ", hops %d", EXTRACT_U_1(bp->bp_hops)))); + if (EXTRACT_BE_U_4(bp->bp_xid)) + ND_PRINT((ndo, ", xid 0x%x", EXTRACT_BE_U_4(bp->bp_xid))); + if (EXTRACT_BE_U_2(bp->bp_secs)) + ND_PRINT((ndo, ", secs %d", EXTRACT_BE_U_2(bp->bp_secs))); + + ND_TCHECK(bp->bp_flags); ND_PRINT((ndo, ", Flags [%s]", - bittok2str(bootp_flag_values, "none", EXTRACT_16BITS(&bp->bp_flags)))); + bittok2str(bootp_flag_values, "none", EXTRACT_BE_U_2(bp->bp_flags)))); if (ndo->ndo_vflag > 1) - ND_PRINT((ndo, " (0x%04x)", EXTRACT_16BITS(&bp->bp_flags))); + ND_PRINT((ndo, " (0x%04x)", EXTRACT_BE_U_2(bp->bp_flags))); /* Client's ip address */ ND_TCHECK(bp->bp_ciaddr); - if (EXTRACT_32BITS(&bp->bp_ciaddr.s_addr)) + if (EXTRACT_IPV4_TO_HOST_ORDER(&bp->bp_ciaddr.s_addr)) ND_PRINT((ndo, "\n\t Client-IP %s", ipaddr_string(ndo, &bp->bp_ciaddr))); /* 'your' ip address (bootp client) */ ND_TCHECK(bp->bp_yiaddr); - if (EXTRACT_32BITS(&bp->bp_yiaddr.s_addr)) + if (EXTRACT_IPV4_TO_HOST_ORDER(&bp->bp_yiaddr.s_addr)) ND_PRINT((ndo, "\n\t Your-IP %s", ipaddr_string(ndo, &bp->bp_yiaddr))); /* Server's ip address */ ND_TCHECK(bp->bp_siaddr); - if (EXTRACT_32BITS(&bp->bp_siaddr.s_addr)) + if (EXTRACT_IPV4_TO_HOST_ORDER(&bp->bp_siaddr.s_addr)) ND_PRINT((ndo, "\n\t Server-IP %s", ipaddr_string(ndo, &bp->bp_siaddr))); /* Gateway's ip address */ ND_TCHECK(bp->bp_giaddr); - if (EXTRACT_32BITS(&bp->bp_giaddr.s_addr)) + if (EXTRACT_IPV4_TO_HOST_ORDER(&bp->bp_giaddr.s_addr)) ND_PRINT((ndo, "\n\t Gateway-IP %s", ipaddr_string(ndo, &bp->bp_giaddr))); /* Client's Ethernet address */ - if (bp->bp_htype == 1 && bp->bp_hlen == 6) { - ND_TCHECK2(bp->bp_chaddr[0], 6); + if (bp_htype == 1 && bp_hlen == 6) { + ND_TCHECK_LEN(bp->bp_chaddr, 6); ND_PRINT((ndo, "\n\t Client-Ethernet-Address %s", etheraddr_string(ndo, bp->bp_chaddr))); } - ND_TCHECK2(bp->bp_sname[0], 1); /* check first char only */ - if (*bp->bp_sname) { + ND_TCHECK_1(bp->bp_sname); /* check first char only */ + if (EXTRACT_U_1(bp->bp_sname)) { ND_PRINT((ndo, "\n\t sname \"")); - if (fn_print(ndo, bp->bp_sname, ndo->ndo_snapend)) { + if (fn_printztn(ndo, bp->bp_sname, (u_int)sizeof bp->bp_sname, + ndo->ndo_snapend)) { ND_PRINT((ndo, "\"")); ND_PRINT((ndo, "%s", tstr + 1)); return; } ND_PRINT((ndo, "\"")); } - ND_TCHECK2(bp->bp_file[0], 1); /* check first char only */ - if (*bp->bp_file) { + ND_TCHECK_1(bp->bp_file); /* check first char only */ + if (EXTRACT_U_1(bp->bp_file)) { ND_PRINT((ndo, "\n\t file \"")); - if (fn_print(ndo, bp->bp_file, ndo->ndo_snapend)) { + if (fn_printztn(ndo, bp->bp_file, (u_int)sizeof bp->bp_file, + ndo->ndo_snapend)) { ND_PRINT((ndo, "\"")); ND_PRINT((ndo, "%s", tstr + 1)); return; @@ -373,17 +381,17 @@ bootp_print(netdissect_options *ndo, } /* Decode the vendor buffer */ - ND_TCHECK(bp->bp_vend[0]); + ND_TCHECK_LEN(bp->bp_vend, 4); if (memcmp((const char *)bp->bp_vend, vm_rfc1048, - sizeof(uint32_t)) == 0) + sizeof(uint32_t)) == 0) rfc1048_print(ndo, bp->bp_vend); else if (memcmp((const char *)bp->bp_vend, vm_cmu, - sizeof(uint32_t)) == 0) + sizeof(uint32_t)) == 0) cmu_print(ndo, bp->bp_vend); else { uint32_t ul; - ul = EXTRACT_32BITS(&bp->bp_vend); + ul = EXTRACT_BE_U_4(bp->bp_vend); if (ul != 0) ND_PRINT((ndo, "\n\t Vendor-#0x%x", ul)); } @@ -402,7 +410,7 @@ trunc: * s - short (16 bits) * b - period-seperated decimal bytes (variable length) * x - colon-seperated hex bytes (variable length) - * a - ascii string (variable length) + * a - ASCII string (variable length) * B - on/off (8 bits) * $ - special (explicit code to handle) */ @@ -420,7 +428,7 @@ static const struct tok tag2str[] = { { TAG_LPR_SERVER, "iLPR-Server" }, /* lpr server (RFC1179) */ { TAG_IMPRESS_SERVER, "iIM" }, /* impress servers (Imagen) */ { TAG_RLP_SERVER, "iRL" }, /* resource location (RFC887) */ - { TAG_HOSTNAME, "aHostname" }, /* ascii hostname */ + { TAG_HOSTNAME, "aHostname" }, /* ASCII hostname */ { TAG_BOOTSIZE, "sBS" }, /* 512 byte blocks */ { TAG_END, " END" }, /* RFC1497 tags */ @@ -495,13 +503,16 @@ static const struct tok tag2str[] = { { TAG_SLP_SCOPE, "bSLP-SCOPE" }, /*"b" is a little wrong */ /* RFC 2937 */ { TAG_NS_SEARCH, "sNSSEARCH" }, /* XXX 's' */ +/* RFC 3004 - The User Class Option for DHCP */ + { TAG_USER_CLASS, "$User-Class" }, /* RFC 3011 */ { TAG_IP4_SUBNET_SELECT, "iSUBNET" }, /* RFC 3442 */ { TAG_CLASSLESS_STATIC_RT, "$Classless-Static-Route" }, { TAG_CLASSLESS_STA_RT_MS, "$Classless-Static-Route-Microsoft" }, +/* RFC 5859 - TFTP Server Address Option for DHCPv4 */ + { TAG_TFTP_SERVER_ADDRESS, "iTFTP-Server-Address" }, /* http://www.iana.org/assignments/bootp-dhcp-extensions/index.htm */ - { TAG_USER_CLASS, "aCLASS" }, { TAG_SLP_NAMING_AUTH, "aSLP-NA" }, { TAG_CLIENT_FQDN, "$FQDN" }, { TAG_AGENT_CIRCUIT, "$Agent-Information" }, @@ -517,79 +528,80 @@ static const struct tok tag2str[] = { { TAG_CLIENT_GUID, "bGUID" }, /* XXX 'b' */ { TAG_LDAP_URL, "aLDAP" }, { TAG_6OVER4, "i6o4" }, - { TAG_PRINTER_NAME, "aPRTR" }, - { TAG_MDHCP_SERVER, "bMDHCP" }, /* XXX 'b' */ + { TAG_TZ_PCODE, "aPOSIX-TZ" }, + { TAG_TZ_TCODE, "aTZ-Name" }, { TAG_IPX_COMPAT, "bIPX" }, /* XXX 'b' */ { TAG_NETINFO_PARENT, "iNI" }, { TAG_NETINFO_PARENT_TAG, "aNITAG" }, { TAG_URL, "aURL" }, { TAG_FAILOVER, "bFAIL" }, /* XXX 'b' */ - { 0, NULL } + { TAG_MUDURL, "aMUD-URL" }, + { 0, NULL } }; /* 2-byte extended tags */ static const struct tok xtag2str[] = { - { 0, NULL } + { 0, NULL } }; /* DHCP "options overload" types */ static const struct tok oo2str[] = { - { 1, "file" }, - { 2, "sname" }, - { 3, "file+sname" }, - { 0, NULL } + { 1, "file" }, + { 2, "sname" }, + { 3, "file+sname" }, + { 0, NULL } }; /* NETBIOS over TCP/IP node type options */ static const struct tok nbo2str[] = { - { 0x1, "b-node" }, - { 0x2, "p-node" }, - { 0x4, "m-node" }, - { 0x8, "h-node" }, - { 0, NULL } + { 0x1, "b-node" }, + { 0x2, "p-node" }, + { 0x4, "m-node" }, + { 0x8, "h-node" }, + { 0, NULL } }; /* ARP Hardware types, for Client-ID option */ static const struct tok arp2str[] = { - { 0x1, "ether" }, - { 0x6, "ieee802" }, - { 0x7, "arcnet" }, - { 0xf, "frelay" }, - { 0x17, "strip" }, - { 0x18, "ieee1394" }, - { 0, NULL } + { 0x1, "ether" }, + { 0x6, "ieee802" }, + { 0x7, "arcnet" }, + { 0xf, "frelay" }, + { 0x17, "strip" }, + { 0x18, "ieee1394" }, + { 0, NULL } }; static const struct tok dhcp_msg_values[] = { - { DHCPDISCOVER, "Discover" }, - { DHCPOFFER, "Offer" }, - { DHCPREQUEST, "Request" }, - { DHCPDECLINE, "Decline" }, - { DHCPACK, "ACK" }, - { DHCPNAK, "NACK" }, - { DHCPRELEASE, "Release" }, - { DHCPINFORM, "Inform" }, - { 0, NULL } + { DHCPDISCOVER, "Discover" }, + { DHCPOFFER, "Offer" }, + { DHCPREQUEST, "Request" }, + { DHCPDECLINE, "Decline" }, + { DHCPACK, "ACK" }, + { DHCPNAK, "NACK" }, + { DHCPRELEASE, "Release" }, + { DHCPINFORM, "Inform" }, + { 0, NULL } }; -#define AGENT_SUBOPTION_CIRCUIT_ID 1 /* RFC 3046 */ -#define AGENT_SUBOPTION_REMOTE_ID 2 /* RFC 3046 */ -#define AGENT_SUBOPTION_SUBSCRIBER_ID 6 /* RFC 3993 */ +#define AGENT_SUBOPTION_CIRCUIT_ID 1 /* RFC 3046 */ +#define AGENT_SUBOPTION_REMOTE_ID 2 /* RFC 3046 */ +#define AGENT_SUBOPTION_SUBSCRIBER_ID 6 /* RFC 3993 */ static const struct tok agent_suboption_values[] = { - { AGENT_SUBOPTION_CIRCUIT_ID, "Circuit-ID" }, - { AGENT_SUBOPTION_REMOTE_ID, "Remote-ID" }, - { AGENT_SUBOPTION_SUBSCRIBER_ID, "Subscriber-ID" }, - { 0, NULL } + { AGENT_SUBOPTION_CIRCUIT_ID, "Circuit-ID" }, + { AGENT_SUBOPTION_REMOTE_ID, "Remote-ID" }, + { AGENT_SUBOPTION_SUBSCRIBER_ID, "Subscriber-ID" }, + { 0, NULL } }; static void rfc1048_print(netdissect_options *ndo, - register const u_char *bp) + const u_char *bp) { - register uint16_t tag; - register u_int len; - register const char *cp; - register char c; + uint16_t tag; + u_int len; + const char *cp; + char c; int first, idx; uint32_t ul; uint16_t us; @@ -598,19 +610,20 @@ rfc1048_print(netdissect_options *ndo, ND_PRINT((ndo, "\n\t Vendor-rfc1048 Extensions")); /* Step over magic cookie */ - ND_PRINT((ndo, "\n\t Magic Cookie 0x%08x", EXTRACT_32BITS(bp))); + ND_PRINT((ndo, "\n\t Magic Cookie 0x%08x", EXTRACT_BE_U_4(bp))); bp += sizeof(int32_t); /* Loop while we there is a tag left in the buffer */ - while (ND_TTEST2(*bp, 1)) { - tag = *bp++; + while (ND_TTEST_1(bp)) { + tag = EXTRACT_U_1(bp); + bp++; if (tag == TAG_PAD && ndo->ndo_vflag < 3) continue; if (tag == TAG_END && ndo->ndo_vflag < 3) return; if (tag == TAG_EXTENDED_OPTION) { - ND_TCHECK2(*(bp + 1), 2); - tag = EXTRACT_16BITS(bp + 1); + ND_TCHECK_2(bp + 1); + tag = EXTRACT_BE_U_2(bp + 1); /* XXX we don't know yet if the IANA will * preclude overlap of 1-byte and 2-byte spaces. * If not, we need to offset tag after this step. @@ -624,16 +637,18 @@ rfc1048_print(netdissect_options *ndo, len = 0; else { /* Get the length; check for truncation */ - ND_TCHECK2(*bp, 1); - len = *bp++; + ND_TCHECK_1(bp); + len = EXTRACT_U_1(bp); + bp++; } ND_PRINT((ndo, "\n\t %s Option %u, length %u%s", cp, tag, len, - len > 0 ? ": " : "")); + len > 0 ? ": " : "")); if (tag == TAG_PAD && ndo->ndo_vflag > 2) { u_int ntag = 1; - while (ND_TTEST2(*bp, 1) && *bp == TAG_PAD) { + while (ND_TTEST_1(bp) && + EXTRACT_U_1(bp) == TAG_PAD) { bp++; ntag++; } @@ -641,13 +656,14 @@ rfc1048_print(netdissect_options *ndo, ND_PRINT((ndo, ", occurs %u", ntag)); } - if (!ND_TTEST2(*bp, len)) { + if (!ND_TTEST_LEN(bp, len)) { ND_PRINT((ndo, "[|rfc1048 %u]", len)); return; } if (tag == TAG_DHCP_MESSAGE && len == 1) { - uc = *bp++; + uc = EXTRACT_U_1(bp); + bp++; ND_PRINT((ndo, "%s", tok2str(dhcp_msg_values, "Unknown (%u)", uc))); continue; } @@ -655,7 +671,8 @@ rfc1048_print(netdissect_options *ndo, if (tag == TAG_PARM_REQUEST) { idx = 0; while (len-- > 0) { - uc = *bp++; + uc = EXTRACT_U_1(bp); + bp++; cp = tok2str(tag2str, "?Option %u", uc); if (idx % 4 == 0) ND_PRINT((ndo, "\n\t ")); @@ -671,7 +688,7 @@ rfc1048_print(netdissect_options *ndo, first = 1; while (len > 1) { len -= 2; - us = EXTRACT_16BITS(bp); + us = EXTRACT_BE_U_2(bp); bp += 2; cp = tok2str(xtag2str, "?xT%u", us); if (!first) @@ -696,7 +713,7 @@ rfc1048_print(netdissect_options *ndo, switch (c) { case 'a': - /* ascii strings */ + /* ASCII strings */ ND_PRINT((ndo, "\"")); if (fn_printn(ndo, bp, len, ndo->ndo_snapend)) { ND_PRINT((ndo, "\"")); @@ -714,7 +731,7 @@ rfc1048_print(netdissect_options *ndo, while (len >= sizeof(ul)) { if (!first) ND_PRINT((ndo, ",")); - ul = EXTRACT_32BITS(bp); + ul = EXTRACT_BE_U_4(bp); if (c == 'i') { ul = htonl(ul); ND_PRINT((ndo, "%s", ipaddr_string(ndo, &ul))); @@ -749,7 +766,7 @@ rfc1048_print(netdissect_options *ndo, while (len >= sizeof(us)) { if (!first) ND_PRINT((ndo, ",")); - us = EXTRACT_16BITS(bp); + us = EXTRACT_BE_U_2(bp); ND_PRINT((ndo, "%u", us)); bp += sizeof(us); len -= sizeof(us); @@ -760,9 +777,11 @@ rfc1048_print(netdissect_options *ndo, case 'B': /* boolean */ while (len > 0) { + uint8_t bool_value; if (!first) ND_PRINT((ndo, ",")); - switch (*bp) { + bool_value = EXTRACT_U_1(bp); + switch (bool_value) { case 0: ND_PRINT((ndo, "N")); break; @@ -770,7 +789,7 @@ rfc1048_print(netdissect_options *ndo, ND_PRINT((ndo, "Y")); break; default: - ND_PRINT((ndo, "%u?", *bp)); + ND_PRINT((ndo, "%u?", bool_value)); break; } ++bp; @@ -784,12 +803,14 @@ rfc1048_print(netdissect_options *ndo, default: /* Bytes */ while (len > 0) { + uint8_t byte_value; if (!first) ND_PRINT((ndo, c == 'x' ? ":" : ".")); + byte_value = EXTRACT_U_1(bp); if (c == 'x') - ND_PRINT((ndo, "%02x", *bp)); + ND_PRINT((ndo, "%02x", byte_value)); else - ND_PRINT((ndo, "%u", *bp)); + ND_PRINT((ndo, "%u", byte_value)); ++bp; --len; first = 0; @@ -802,42 +823,41 @@ rfc1048_print(netdissect_options *ndo, case TAG_NETBIOS_NODE: /* this option should be at least 1 byte long */ - if (len < 1) { - ND_PRINT((ndo, "ERROR: option %u len %u < 1 bytes", - TAG_NETBIOS_NODE, len)); + if (len < 1) { + ND_PRINT((ndo, "ERROR: length < 1 bytes")); break; } - tag = *bp++; + tag = EXTRACT_U_1(bp); + ++bp; --len; ND_PRINT((ndo, "%s", tok2str(nbo2str, NULL, tag))); break; case TAG_OPT_OVERLOAD: /* this option should be at least 1 byte long */ - if (len < 1) { - ND_PRINT((ndo, "ERROR: option %u len %u < 1 bytes", - TAG_OPT_OVERLOAD, len)); + if (len < 1) { + ND_PRINT((ndo, "ERROR: length < 1 bytes")); break; } - tag = *bp++; + tag = EXTRACT_U_1(bp); + ++bp; --len; ND_PRINT((ndo, "%s", tok2str(oo2str, NULL, tag))); break; case TAG_CLIENT_FQDN: /* this option should be at least 3 bytes long */ - if (len < 3) { - ND_PRINT((ndo, "ERROR: option %u len %u < 3 bytes", - TAG_CLIENT_FQDN, len)); + if (len < 3) { + ND_PRINT((ndo, "ERROR: length < 3 bytes")); bp += len; len = 0; break; } - if (*bp) - ND_PRINT((ndo, "[%s] ", client_fqdn_flags(*bp))); + if (EXTRACT_U_1(bp)) + ND_PRINT((ndo, "[%s] ", client_fqdn_flags(EXTRACT_U_1(bp)))); bp++; - if (*bp || *(bp+1)) - ND_PRINT((ndo, "%u/%u ", *bp, *(bp+1))); + if (EXTRACT_U_1(bp) || EXTRACT_U_1(bp + 1)) + ND_PRINT((ndo, "%u/%u ", EXTRACT_U_1(bp), EXTRACT_U_1(bp + 1))); bp += 2; ND_PRINT((ndo, "\"")); if (fn_printn(ndo, bp, len - 3, ndo->ndo_snapend)) { @@ -850,15 +870,16 @@ rfc1048_print(netdissect_options *ndo, break; case TAG_CLIENT_ID: - { int type; + { + int type; /* this option should be at least 1 byte long */ - if (len < 1) { - ND_PRINT((ndo, "ERROR: option %u len %u < 1 bytes", - TAG_CLIENT_ID, len)); + if (len < 1) { + ND_PRINT((ndo, "ERROR: length < 1 bytes")); break; } - type = *bp++; + type = EXTRACT_U_1(bp); + bp++; len--; if (type == 0) { ND_PRINT((ndo, "\"")); @@ -875,7 +896,7 @@ rfc1048_print(netdissect_options *ndo, while (len > 0) { if (!first) ND_PRINT((ndo, ":")); - ND_PRINT((ndo, "%02x", *bp)); + ND_PRINT((ndo, "%02x", EXTRACT_U_1(bp))); ++bp; --len; first = 0; @@ -886,28 +907,30 @@ rfc1048_print(netdissect_options *ndo, case TAG_AGENT_CIRCUIT: while (len >= 2) { - subopt = *bp++; - suboptlen = *bp++; + subopt = EXTRACT_U_1(bp); + suboptlen = EXTRACT_U_1(bp + 1); + bp += 2; len -= 2; if (suboptlen > len) { ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: length goes past end of option", - tok2str(agent_suboption_values, "Unknown", subopt), - subopt, - suboptlen)); + tok2str(agent_suboption_values, "Unknown", subopt), + subopt, + suboptlen)); bp += len; len = 0; break; } ND_PRINT((ndo, "\n\t %s SubOption %u, length %u: ", - tok2str(agent_suboption_values, "Unknown", subopt), - subopt, - suboptlen)); + tok2str(agent_suboption_values, "Unknown", subopt), + subopt, + suboptlen)); switch (subopt) { case AGENT_SUBOPTION_CIRCUIT_ID: /* fall through */ case AGENT_SUBOPTION_REMOTE_ID: case AGENT_SUBOPTION_SUBSCRIBER_ID: - fn_printn(ndo, bp, suboptlen, NULL); + if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) + goto trunc; break; default: @@ -916,18 +939,17 @@ rfc1048_print(netdissect_options *ndo, len -= suboptlen; bp += suboptlen; - } - break; + } + break; case TAG_CLASSLESS_STATIC_RT: case TAG_CLASSLESS_STA_RT_MS: - { + { u_int mask_width, significant_octets, i; /* this option should be at least 5 bytes long */ - if (len < 5) { - ND_PRINT((ndo, "ERROR: option %u len %u < 5 bytes", - TAG_CLASSLESS_STATIC_RT, len)); + if (len < 5) { + ND_PRINT((ndo, "ERROR: length < 5 bytes")); bp += len; len = 0; break; @@ -935,11 +957,12 @@ rfc1048_print(netdissect_options *ndo, while (len > 0) { if (!first) ND_PRINT((ndo, ",")); - mask_width = *bp++; + mask_width = EXTRACT_U_1(bp); + bp++; len--; /* mask_width <= 32 */ if (mask_width > 32) { - ND_PRINT((ndo, "[ERROR: Mask width (%d) > 32]", mask_width)); + ND_PRINT((ndo, "[ERROR: Mask width (%d) > 32]", mask_width)); bp += len; len = 0; break; @@ -947,7 +970,7 @@ rfc1048_print(netdissect_options *ndo, significant_octets = (mask_width + 7) / 8; /* significant octets + router(4) */ if (len < significant_octets + 4) { - ND_PRINT((ndo, "[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4)); + ND_PRINT((ndo, "[ERROR: Remaining length (%u) < %u bytes]", len, significant_octets + 4)); bp += len; len = 0; break; @@ -959,7 +982,8 @@ rfc1048_print(netdissect_options *ndo, for (i = 0; i < significant_octets ; i++) { if (i > 0) ND_PRINT((ndo, ".")); - ND_PRINT((ndo, "%d", *bp++)); + ND_PRINT((ndo, "%d", EXTRACT_U_1(bp))); + bp++; } for (i = significant_octets ; i < 4 ; i++) ND_PRINT((ndo, ".0")); @@ -971,12 +995,55 @@ rfc1048_print(netdissect_options *ndo, len -= (significant_octets + 4); first = 0; } - } - break; + break; + } + + case TAG_USER_CLASS: + { + u_int suboptnumber = 1; + + first = 1; + if (len < 2) { + ND_PRINT((ndo, "ERROR: length < 2 bytes")); + bp += len; + len = 0; + break; + } + while (len > 0) { + suboptlen = EXTRACT_U_1(bp); + bp++; + len--; + ND_PRINT((ndo, "\n\t ")); + ND_PRINT((ndo, "instance#%u: ", suboptnumber)); + if (suboptlen == 0) { + ND_PRINT((ndo, "ERROR: suboption length must be non-zero")); + bp += len; + len = 0; + break; + } + if (len < suboptlen) { + ND_PRINT((ndo, "ERROR: invalid option")); + bp += len; + len = 0; + break; + } + ND_PRINT((ndo, "\"")); + if (fn_printn(ndo, bp, suboptlen, ndo->ndo_snapend)) { + ND_PRINT((ndo, "\"")); + goto trunc; + } + ND_PRINT((ndo, "\"")); + ND_PRINT((ndo, ", length %d", suboptlen)); + suboptnumber++; + len -= suboptlen; + bp += suboptlen; + } + break; + } default: ND_PRINT((ndo, "[unknown special tag %u, size %u]", - tag, len)); + tag, len)); bp += len; len = 0; break; @@ -996,9 +1063,10 @@ trunc: static void cmu_print(netdissect_options *ndo, - register const u_char *bp) + const u_char *bp) { - register const struct cmu_vend *cmu; + const struct cmu_vend *cmu; + uint8_t v_flags; #define PRINTCMUADDR(m, s) { ND_TCHECK(cmu->m); \ if (cmu->m.s_addr != 0) \ @@ -1009,10 +1077,11 @@ cmu_print(netdissect_options *ndo, /* Only print if there are unknown bits */ ND_TCHECK(cmu->v_flags); - if ((cmu->v_flags & ~(VF_SMASK)) != 0) - ND_PRINT((ndo, " F:0x%x", cmu->v_flags)); + v_flags = EXTRACT_U_1(cmu->v_flags); + if ((v_flags & ~(VF_SMASK)) != 0) + ND_PRINT((ndo, " F:0x%x", v_flags)); PRINTCMUADDR(v_dgate, "DG"); - PRINTCMUADDR(v_smask, cmu->v_flags & VF_SMASK ? "SM" : "SM*"); + PRINTCMUADDR(v_smask, v_flags & VF_SMASK ? "SM" : "SM*"); PRINTCMUADDR(v_dns1, "NS1"); PRINTCMUADDR(v_dns2, "NS2"); PRINTCMUADDR(v_ins1, "IEN1");