X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/24598ce6b7cfe72ada92aed48691fdf092d94fc7..1a84a1e1142f2c60dc045c2557ed4d484b576d8b:/print-olsr.c diff --git a/print-olsr.c b/print-olsr.c index f1b90032..6d2d65f2 100644 --- a/print-olsr.c +++ b/print-olsr.c @@ -62,8 +62,8 @@ */ struct olsr_common { - u_int8_t packet_len[2]; - u_int8_t packet_seq[2]; + uint8_t packet_len[2]; + uint8_t packet_seq[2]; }; #define OLSR_HELLO_MSG 1 /* rfc3626 */ @@ -88,50 +88,50 @@ static const struct tok olsr_msg_values[] = { }; struct olsr_msg4 { - u_int8_t msg_type; - u_int8_t vtime; - u_int8_t msg_len[2]; - u_int8_t originator[4]; - u_int8_t ttl; - u_int8_t hopcount; - u_int8_t msg_seq[2]; + uint8_t msg_type; + uint8_t vtime; + uint8_t msg_len[2]; + uint8_t originator[4]; + uint8_t ttl; + uint8_t hopcount; + uint8_t msg_seq[2]; }; struct olsr_msg6 { - u_int8_t msg_type; - u_int8_t vtime; - u_int8_t msg_len[2]; - u_int8_t originator[16]; - u_int8_t ttl; - u_int8_t hopcount; - u_int8_t msg_seq[2]; + uint8_t msg_type; + uint8_t vtime; + uint8_t msg_len[2]; + uint8_t originator[16]; + uint8_t ttl; + uint8_t hopcount; + uint8_t msg_seq[2]; }; struct olsr_hello { - u_int8_t res[2]; - u_int8_t htime; - u_int8_t will; + uint8_t res[2]; + uint8_t htime; + uint8_t will; }; struct olsr_hello_link { - u_int8_t link_code; - u_int8_t res; - u_int8_t len[2]; + uint8_t link_code; + uint8_t res; + uint8_t len[2]; }; struct olsr_tc { - u_int8_t ans_seq[2]; - u_int8_t res[2]; + uint8_t ans_seq[2]; + uint8_t res[2]; }; struct olsr_hna4 { - u_int8_t network[4]; - u_int8_t mask[4]; + uint8_t network[4]; + uint8_t mask[4]; }; struct olsr_hna6 { - u_int8_t network[16]; - u_int8_t mask[16]; + uint8_t network[16]; + uint8_t mask[16]; }; @@ -154,17 +154,17 @@ static const struct tok olsr_neighbor_type_values[] = { }; struct olsr_lq_neighbor4 { - u_int8_t neighbor[4]; - u_int8_t link_quality; - u_int8_t neighbor_link_quality; - u_int8_t res[2]; + uint8_t neighbor[4]; + uint8_t link_quality; + uint8_t neighbor_link_quality; + uint8_t res[2]; }; struct olsr_lq_neighbor6 { - u_int8_t neighbor[16]; - u_int8_t link_quality; - u_int8_t neighbor_link_quality; - u_int8_t res[2]; + uint8_t neighbor[16]; + uint8_t link_quality; + uint8_t neighbor_link_quality; + uint8_t res[2]; }; /* @@ -178,7 +178,7 @@ struct olsr_lq_neighbor6 { /* * print a neighbor list with LQ extensions. */ -static void +static int olsr_print_lq_neighbor4(netdissect_options *ndo, const u_char *msg_data, u_int hello_len) { @@ -187,6 +187,8 @@ olsr_print_lq_neighbor4(netdissect_options *ndo, while (hello_len >= sizeof(struct olsr_lq_neighbor4)) { lq_neighbor = (struct olsr_lq_neighbor4 *)msg_data; + if (!ND_TTEST(*lq_neighbor)) + return (-1); ND_PRINT((ndo, "\n\t neighbor %s, link-quality %.2lf%%" ", neighbor-link-quality %.2lf%%", @@ -197,10 +199,11 @@ olsr_print_lq_neighbor4(netdissect_options *ndo, msg_data += sizeof(struct olsr_lq_neighbor4); hello_len -= sizeof(struct olsr_lq_neighbor4); } + return (0); } #if INET6 -static void +static int olsr_print_lq_neighbor6(netdissect_options *ndo, const u_char *msg_data, u_int hello_len) { @@ -209,6 +212,8 @@ olsr_print_lq_neighbor6(netdissect_options *ndo, while (hello_len >= sizeof(struct olsr_lq_neighbor6)) { lq_neighbor = (struct olsr_lq_neighbor6 *)msg_data; + if (!ND_TTEST(*lq_neighbor)) + return (-1); ND_PRINT((ndo, "\n\t neighbor %s, link-quality %.2lf%%" ", neighbor-link-quality %.2lf%%", @@ -219,13 +224,14 @@ olsr_print_lq_neighbor6(netdissect_options *ndo, msg_data += sizeof(struct olsr_lq_neighbor6); hello_len -= sizeof(struct olsr_lq_neighbor6); } + return (0); } #endif /* INET6 */ /* * print a neighbor list. */ -static void +static int olsr_print_neighbor(netdissect_options *ndo, const u_char *msg_data, u_int hello_len) { @@ -236,6 +242,8 @@ olsr_print_neighbor(netdissect_options *ndo, while (hello_len >= sizeof(struct in_addr)) { + if (!ND_TTEST2(*msg_data, sizeof(struct in_addr))) + return (-1); /* print 4 neighbors per line */ ND_PRINT((ndo, "%s%s", ipaddr_string(ndo, msg_data), @@ -244,6 +252,7 @@ olsr_print_neighbor(netdissect_options *ndo, msg_data += sizeof(struct in_addr); hello_len -= sizeof(struct in_addr); } + return (0); } @@ -262,9 +271,9 @@ olsr_print(netdissect_options *ndo, } ptr; u_int msg_type, msg_len, msg_tlen, hello_len; - u_int16_t name_entry_type, name_entry_len; + uint16_t name_entry_type, name_entry_len; u_int name_entry_padding; - u_int8_t link_type, neighbor_type; + uint8_t link_type, neighbor_type; const u_char *tptr, *msg_data; tptr = pptr; @@ -273,9 +282,7 @@ olsr_print(netdissect_options *ndo, goto trunc; } - if (!ND_TTEST2(*tptr, sizeof(struct olsr_common))) { - goto trunc; - } + ND_TCHECK2(*tptr, sizeof(struct olsr_common)); ptr.common = (struct olsr_common *)tptr; length = min(length, EXTRACT_16BITS(ptr.common->packet_len)); @@ -302,8 +309,7 @@ olsr_print(netdissect_options *ndo, } msgptr; int msg_len_valid = 0; - if (!ND_TTEST2(*tptr, sizeof(struct olsr_msg4))) - goto trunc; + ND_TCHECK2(*tptr, sizeof(struct olsr_msg4)); #if INET6 if (is_ipv6) @@ -329,6 +335,9 @@ olsr_print(netdissect_options *ndo, ME_TO_DOUBLE(msgptr.v6->vtime), EXTRACT_16BITS(msgptr.v6->msg_seq), msg_len, (msg_len_valid == 0) ? " (invalid)" : "")); + if (!msg_len_valid) { + return; + } msg_tlen = msg_len - sizeof(struct olsr_msg6); msg_data = tptr + sizeof(struct olsr_msg6); @@ -357,6 +366,9 @@ olsr_print(netdissect_options *ndo, ME_TO_DOUBLE(msgptr.v4->vtime), EXTRACT_16BITS(msgptr.v4->msg_seq), msg_len, (msg_len_valid == 0) ? " (invalid)" : "")); + if (!msg_len_valid) { + return; + } msg_tlen = msg_len - sizeof(struct olsr_msg4); msg_data = tptr + sizeof(struct olsr_msg4); @@ -365,8 +377,9 @@ olsr_print(netdissect_options *ndo, switch (msg_type) { case OLSR_HELLO_MSG: case OLSR_HELLO_LQ_MSG: - if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hello))) + if (msg_tlen < sizeof(struct olsr_hello)) goto trunc; + ND_TCHECK2(*msg_data, sizeof(struct olsr_hello)); ptr.hello = (struct olsr_hello *)msg_data; ND_PRINT((ndo, "\n\t hello-time %.3lfs, MPR willingness %u", @@ -380,8 +393,7 @@ olsr_print(netdissect_options *ndo, /* * link-type. */ - if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hello_link))) - goto trunc; + ND_TCHECK2(*msg_data, sizeof(struct olsr_hello_link)); ptr.hello_link = (struct olsr_hello_link *)msg_data; @@ -406,15 +418,21 @@ olsr_print(netdissect_options *ndo, msg_tlen -= sizeof(struct olsr_hello_link); hello_len -= sizeof(struct olsr_hello_link); + ND_TCHECK2(*msg_data, hello_len); if (msg_type == OLSR_HELLO_MSG) { - olsr_print_neighbor(ndo, msg_data, hello_len); + if (olsr_print_neighbor(ndo, msg_data, hello_len) == -1) + goto trunc; } else { #if INET6 - if (is_ipv6) - olsr_print_lq_neighbor6(ndo, msg_data, hello_len); - else + if (is_ipv6) { + if (olsr_print_lq_neighbor6(ndo, msg_data, hello_len) == -1) + goto trunc; + } else #endif - olsr_print_lq_neighbor4(ndo, msg_data, hello_len); + { + if (olsr_print_lq_neighbor4(ndo, msg_data, hello_len) == -1) + goto trunc; + } } msg_data += hello_len; @@ -424,8 +442,9 @@ olsr_print(netdissect_options *ndo, case OLSR_TC_MSG: case OLSR_TC_LQ_MSG: - if (!ND_TTEST2(*msg_data, sizeof(struct olsr_tc))) + if (msg_tlen < sizeof(struct olsr_tc)) goto trunc; + ND_TCHECK2(*msg_data, sizeof(struct olsr_tc)); ptr.tc = (struct olsr_tc *)msg_data; ND_PRINT((ndo, "\n\t advertised neighbor seq 0x%04x", @@ -434,14 +453,19 @@ olsr_print(netdissect_options *ndo, msg_tlen -= sizeof(struct olsr_tc); if (msg_type == OLSR_TC_MSG) { - olsr_print_neighbor(ndo, msg_data, msg_tlen); + if (olsr_print_neighbor(ndo, msg_data, msg_tlen) == -1) + goto trunc; } else { #if INET6 - if (is_ipv6) - olsr_print_lq_neighbor6(ndo, msg_data, msg_tlen); - else + if (is_ipv6) { + if (olsr_print_lq_neighbor6(ndo, msg_data, msg_tlen) == -1) + goto trunc; + } else #endif - olsr_print_lq_neighbor4(ndo, msg_data, msg_tlen); + { + if (olsr_print_lq_neighbor4(ndo, msg_data, msg_tlen) == -1) + goto trunc; + } } break; @@ -455,8 +479,7 @@ olsr_print(netdissect_options *ndo, #endif while (msg_tlen >= addr_size) { - if (!ND_TTEST2(*msg_data, addr_size)) - goto trunc; + ND_TCHECK2(*msg_data, addr_size); #if INET6 ND_PRINT((ndo, "\n\t interface address %s", is_ipv6 ? ip6addr_string(ndo, msg_data) : @@ -482,8 +505,7 @@ olsr_print(netdissect_options *ndo, while (msg_tlen >= sizeof(struct olsr_hna6)) { struct olsr_hna6 *hna6; - if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hna6))) - goto trunc; + ND_TCHECK2(*msg_data, sizeof(struct olsr_hna6)); hna6 = (struct olsr_hna6 *)msg_data; @@ -500,8 +522,7 @@ olsr_print(netdissect_options *ndo, { int col = 0; while (msg_tlen >= sizeof(struct olsr_hna4)) { - if (!ND_TTEST2(*msg_data, sizeof(struct olsr_hna4))) - goto trunc; + ND_TCHECK2(*msg_data, sizeof(struct olsr_hna4)); ptr.hna = (struct olsr_hna4 *)msg_data; @@ -535,8 +556,7 @@ olsr_print(netdissect_options *ndo, if (msg_tlen < 4) goto trunc; - if (!ND_TTEST2(*msg_data, 4)) - goto trunc; + ND_TCHECK2(*msg_data, 4); ND_PRINT((ndo, "\n\t Version %u, Entries %u%s", EXTRACT_16BITS(msg_data), @@ -553,8 +573,7 @@ olsr_print(netdissect_options *ndo, if (msg_tlen < 4) break; - if (!ND_TTEST2(*msg_data, 4)) - goto trunc; + ND_TCHECK2(*msg_data, 4); name_entry_type = EXTRACT_16BITS(msg_data); name_entry_len = EXTRACT_16BITS(msg_data+2); @@ -580,8 +599,7 @@ olsr_print(netdissect_options *ndo, if (msg_tlen < addr_size + name_entry_len + name_entry_padding) goto trunc; - if (!ND_TTEST2(*msg_data, addr_size + name_entry_len + name_entry_padding)) - goto trunc; + ND_TCHECK2(*msg_data, addr_size + name_entry_len + name_entry_padding); #if INET6 if (is_ipv6)