X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/2f6c71013128c8fd03faf71f5d3b8727cd984352..c2d6a5db5b15f08b9e858e3fcf1e6847aaebe26b:/print-isoclns.c diff --git a/print-isoclns.c b/print-isoclns.c index ca330ced..176279c1 100644 --- a/print-isoclns.c +++ b/print-isoclns.c @@ -114,7 +114,6 @@ static const struct tok isis_pdu_values[] = { #define ISIS_TLV_CHECKSUM_MINLEN 2 #define ISIS_TLV_POI 13 /* rfc6232 */ #define ISIS_TLV_LSP_BUFFERSIZE 14 /* iso10589 rev2 */ -#define ISIS_TLV_LSP_BUFFERSIZE_MINLEN 2 #define ISIS_TLV_EXT_IS_REACH 22 /* rfc5305 */ #define ISIS_TLV_IS_ALIAS_ID 24 /* rfc5311 */ #define ISIS_TLV_DECNET_PHASE4 42 @@ -123,7 +122,6 @@ static const struct tok isis_pdu_values[] = { #define ISIS_TLV_PROTOCOLS 129 /* rfc1195 */ #define ISIS_TLV_EXT_IP_REACH 130 /* rfc1195, rfc2966 */ #define ISIS_TLV_IDRP_INFO 131 /* rfc1195 */ -#define ISIS_TLV_IDRP_INFO_MINLEN 1 #define ISIS_TLV_IPADDR 132 /* rfc1195 */ #define ISIS_TLV_IPAUTH 133 /* rfc1195 */ #define ISIS_TLV_TE_ROUTER_ID 134 /* rfc5305 */ @@ -139,14 +137,12 @@ static const struct tok isis_pdu_values[] = { #define ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN 2 #define ISIS_TLV_MT_IS_REACH 222 /* draft-ietf-isis-wg-multi-topology-05 */ #define ISIS_TLV_MT_SUPPORTED 229 /* draft-ietf-isis-wg-multi-topology-05 */ -#define ISIS_TLV_MT_SUPPORTED_MINLEN 2 #define ISIS_TLV_IP6ADDR 232 /* draft-ietf-isis-ipv6-02 */ #define ISIS_TLV_MT_IP_REACH 235 /* draft-ietf-isis-wg-multi-topology-05 */ #define ISIS_TLV_IP6_REACH 236 /* draft-ietf-isis-ipv6-02 */ #define ISIS_TLV_MT_IP6_REACH 237 /* draft-ietf-isis-wg-multi-topology-05 */ #define ISIS_TLV_PTP_ADJ 240 /* rfc3373 */ #define ISIS_TLV_IIH_SEQNR 241 /* draft-shen-isis-iih-sequence-00 */ -#define ISIS_TLV_IIH_SEQNR_MINLEN 4 #define ISIS_TLV_VENDOR_PRIVATE 250 /* draft-ietf-isis-experimental-tlv-01 */ #define ISIS_TLV_VENDOR_PRIVATE_MINLEN 3 @@ -487,14 +483,14 @@ static const struct tok clnp_flag_values[] = { { 0, NULL} }; -#define ISIS_MASK_LSP_OL_BIT(x) (EXTRACT_U_1(x)&0x4) -#define ISIS_MASK_LSP_ISTYPE_BITS(x) (EXTRACT_U_1(x)&0x3) -#define ISIS_MASK_LSP_PARTITION_BIT(x) (EXTRACT_U_1(x)&0x80) -#define ISIS_MASK_LSP_ATT_BITS(x) (EXTRACT_U_1(x)&0x78) -#define ISIS_MASK_LSP_ATT_ERROR_BIT(x) (EXTRACT_U_1(x)&0x40) -#define ISIS_MASK_LSP_ATT_EXPENSE_BIT(x) (EXTRACT_U_1(x)&0x20) -#define ISIS_MASK_LSP_ATT_DELAY_BIT(x) (EXTRACT_U_1(x)&0x10) -#define ISIS_MASK_LSP_ATT_DEFAULT_BIT(x) (EXTRACT_U_1(x)&0x8) +#define ISIS_MASK_LSP_OL_BIT(x) (GET_U_1(x)&0x4) +#define ISIS_MASK_LSP_ISTYPE_BITS(x) (GET_U_1(x)&0x3) +#define ISIS_MASK_LSP_PARTITION_BIT(x) (GET_U_1(x)&0x80) +#define ISIS_MASK_LSP_ATT_BITS(x) (GET_U_1(x)&0x78) +#define ISIS_MASK_LSP_ATT_ERROR_BIT(x) (GET_U_1(x)&0x40) +#define ISIS_MASK_LSP_ATT_EXPENSE_BIT(x) (GET_U_1(x)&0x20) +#define ISIS_MASK_LSP_ATT_DELAY_BIT(x) (GET_U_1(x)&0x10) +#define ISIS_MASK_LSP_ATT_DEFAULT_BIT(x) (GET_U_1(x)&0x8) #define ISIS_MASK_MTID(x) ((x)&0x0fff) #define ISIS_MASK_MTFLAGS(x) ((x)&0xf000) @@ -511,10 +507,10 @@ static const struct tok isis_mt_flag_values[] = { #define ISIS_MASK_TLV_EXTD_IP6_IE(x) ((x)&0x40) #define ISIS_MASK_TLV_EXTD_IP6_SUBTLV(x) ((x)&0x20) -#define ISIS_LSP_TLV_METRIC_SUPPORTED(x) (EXTRACT_U_1(x)&0x80) -#define ISIS_LSP_TLV_METRIC_IE(x) (EXTRACT_U_1(x)&0x40) -#define ISIS_LSP_TLV_METRIC_UPDOWN(x) (EXTRACT_U_1(x)&0x80) -#define ISIS_LSP_TLV_METRIC_VALUE(x) (EXTRACT_U_1(x)&0x3f) +#define ISIS_LSP_TLV_METRIC_SUPPORTED(x) (GET_U_1(x)&0x80) +#define ISIS_LSP_TLV_METRIC_IE(x) (GET_U_1(x)&0x40) +#define ISIS_LSP_TLV_METRIC_UPDOWN(x) (GET_U_1(x)&0x80) +#define ISIS_LSP_TLV_METRIC_VALUE(x) (GET_U_1(x)&0x3f) #define ISIS_MASK_TLV_SHARED_RISK_GROUP(x) ((x)&0x1) @@ -682,9 +678,11 @@ isoclns_print(netdissect_options *ndo, const u_char *p, u_int length) ND_TCHECK_1(p); /* enough bytes on the wire ? */ if (ndo->ndo_eflag) - ND_PRINT("OSI NLPID %s (0x%02x): ", tok2str(nlpid_values, "Unknown", EXTRACT_U_1(p)), EXTRACT_U_1(p)); + ND_PRINT("OSI NLPID %s (0x%02x): ", + tok2str(nlpid_values, "Unknown", GET_U_1(p)), + GET_U_1(p)); - switch (EXTRACT_U_1(p)) { + switch (GET_U_1(p)) { case NLPID_CLNP: if (!clnp_print(ndo, p, length)) @@ -722,7 +720,7 @@ isoclns_print(netdissect_options *ndo, const u_char *p, u_int length) default: if (!ndo->ndo_eflag) - ND_PRINT("OSI NLPID 0x%02x unknown", EXTRACT_U_1(p)); + ND_PRINT("OSI NLPID 0x%02x unknown", GET_U_1(p)); ND_PRINT("%slength: %u", ndo->ndo_eflag ? "" : ", ", length); if (length > 1) print_unknown_data(ndo, p, "\n\t", length); @@ -783,19 +781,20 @@ clnp_print(netdissect_options *ndo, clnp_header = (const struct clnp_header_t *) pptr; ND_TCHECK_SIZE(clnp_header); - li = EXTRACT_U_1(clnp_header->length_indicator); + li = GET_U_1(clnp_header->length_indicator); li_remaining = li; optr = pptr; if (!ndo->ndo_eflag) - ND_PRINT("CLNP"); + nd_print_protocol_caps(ndo); /* * Sanity checking of the header. */ - if (EXTRACT_U_1(clnp_header->version) != CLNP_VERSION) { - ND_PRINT("version %u packet not supported", EXTRACT_U_1(clnp_header->version)); + if (GET_U_1(clnp_header->version) != CLNP_VERSION) { + ND_PRINT("version %u packet not supported", + GET_U_1(clnp_header->version)); return (0); } @@ -807,7 +806,7 @@ clnp_print(netdissect_options *ndo, if (li < sizeof(struct clnp_header_t)) { ND_PRINT(" length indicator %u < min PDU size:", li); while (pptr < ndo->ndo_snapend) { - ND_PRINT("%02X", EXTRACT_U_1(pptr)); + ND_PRINT("%02X", GET_U_1(pptr)); pptr++; } return (0); @@ -815,8 +814,8 @@ clnp_print(netdissect_options *ndo, /* FIXME further header sanity checking */ - clnp_pdu_type = EXTRACT_U_1(clnp_header->type) & CLNP_PDU_TYPE_MASK; - clnp_flags = EXTRACT_U_1(clnp_header->type) & CLNP_FLAG_MASK; + clnp_pdu_type = GET_U_1(clnp_header->type) & CLNP_PDU_TYPE_MASK; + clnp_flags = GET_U_1(clnp_header->type) & CLNP_FLAG_MASK; pptr += sizeof(struct clnp_header_t); li_remaining -= sizeof(struct clnp_header_t); @@ -826,7 +825,7 @@ clnp_print(netdissect_options *ndo, return (0); } ND_TCHECK_1(pptr); - dest_address_length = EXTRACT_U_1(pptr); + dest_address_length = GET_U_1(pptr); pptr += 1; li_remaining -= 1; if (li_remaining < dest_address_length) { @@ -843,7 +842,7 @@ clnp_print(netdissect_options *ndo, return (0); } ND_TCHECK_1(pptr); - source_address_length = EXTRACT_U_1(pptr); + source_address_length = GET_U_1(pptr); pptr += 1; li_remaining -= 1; if (li_remaining < source_address_length) { @@ -868,15 +867,15 @@ clnp_print(netdissect_options *ndo, ND_PRINT("\n\t%s PDU, hlen: %u, v: %u, lifetime: %u.%us, Segment PDU length: %u, checksum: 0x%04x", tok2str(clnp_pdu_values, "unknown (%u)",clnp_pdu_type), - EXTRACT_U_1(clnp_header->length_indicator), - EXTRACT_U_1(clnp_header->version), - EXTRACT_U_1(clnp_header->lifetime)/2, - (EXTRACT_U_1(clnp_header->lifetime)%2)*5, - EXTRACT_BE_U_2(clnp_header->segment_length), - EXTRACT_BE_U_2(clnp_header->cksum)); + GET_U_1(clnp_header->length_indicator), + GET_U_1(clnp_header->version), + GET_U_1(clnp_header->lifetime)/2, + (GET_U_1(clnp_header->lifetime)%2)*5, + GET_BE_U_2(clnp_header->segment_length), + GET_BE_U_2(clnp_header->cksum)); - osi_print_cksum(ndo, optr, EXTRACT_BE_U_2(clnp_header->cksum), 7, - EXTRACT_U_1(clnp_header->length_indicator)); + osi_print_cksum(ndo, optr, GET_BE_U_2(clnp_header->cksum), 7, + GET_U_1(clnp_header->length_indicator)); ND_PRINT("\n\tFlags [%s]", bittok2str(clnp_flag_values, "none", clnp_flags)); @@ -895,9 +894,9 @@ clnp_print(netdissect_options *ndo, clnp_segment_header = (const struct clnp_segment_header_t *) pptr; ND_TCHECK_SIZE(clnp_segment_header); ND_PRINT("\n\tData Unit ID: 0x%04x, Segment Offset: %u, Total PDU Length: %u", - EXTRACT_BE_U_2(clnp_segment_header->data_unit_id), - EXTRACT_BE_U_2(clnp_segment_header->segment_offset), - EXTRACT_BE_U_2(clnp_segment_header->total_length)); + GET_BE_U_2(clnp_segment_header->data_unit_id), + GET_BE_U_2(clnp_segment_header->segment_offset), + GET_BE_U_2(clnp_segment_header->total_length)); pptr+=sizeof(struct clnp_segment_header_t); li_remaining-=sizeof(struct clnp_segment_header_t); } @@ -912,8 +911,8 @@ clnp_print(netdissect_options *ndo, return (0); } ND_TCHECK_2(pptr); - op = EXTRACT_U_1(pptr); - opli = EXTRACT_U_1(pptr + 1); + op = GET_U_1(pptr); + opli = GET_U_1(pptr + 1); pptr += 2; li_remaining -= 2; if (opli > li_remaining) { @@ -948,9 +947,9 @@ clnp_print(netdissect_options *ndo, return (0); } ND_PRINT("%s %s", - tok2str(clnp_option_sr_rr_values,"Unknown",EXTRACT_U_1(tptr)), + tok2str(clnp_option_sr_rr_values,"Unknown",GET_U_1(tptr)), tok2str(clnp_option_sr_rr_string_values, "Unknown Option %u", op)); - nsap_offset=EXTRACT_U_1(tptr + 1); + nsap_offset=GET_U_1(tptr + 1); if (nsap_offset == 0) { ND_PRINT(" Bad NSAP offset (0)"); break; @@ -963,7 +962,7 @@ clnp_print(netdissect_options *ndo, tptr+=nsap_offset; tlen-=nsap_offset; while (tlen > 0) { - source_address_length=EXTRACT_U_1(tptr); + source_address_length=GET_U_1(tptr); if (tlen < source_address_length+1) { ND_PRINT("\n\t NSAP address goes past end of option"); break; @@ -985,7 +984,7 @@ clnp_print(netdissect_options *ndo, ND_PRINT(", bad opt len"); return (0); } - ND_PRINT("0x%1x", EXTRACT_U_1(tptr)&0x0f); + ND_PRINT("0x%1x", GET_U_1(tptr)&0x0f); break; case CLNP_OPTION_QOS_MAINTENANCE: @@ -994,13 +993,13 @@ clnp_print(netdissect_options *ndo, return (0); } ND_PRINT("\n\t Format Code: %s", - tok2str(clnp_option_scope_values, "Reserved", EXTRACT_U_1(tptr) & CLNP_OPTION_SCOPE_MASK)); + tok2str(clnp_option_scope_values, "Reserved", GET_U_1(tptr) & CLNP_OPTION_SCOPE_MASK)); - if ((EXTRACT_U_1(tptr)&CLNP_OPTION_SCOPE_MASK) == CLNP_OPTION_SCOPE_GLOBAL) + if ((GET_U_1(tptr)&CLNP_OPTION_SCOPE_MASK) == CLNP_OPTION_SCOPE_GLOBAL) ND_PRINT("\n\t QoS Flags [%s]", bittok2str(clnp_option_qos_global_values, "none", - EXTRACT_U_1(tptr)&CLNP_OPTION_OPTION_QOS_MASK)); + GET_U_1(tptr)&CLNP_OPTION_OPTION_QOS_MASK)); break; case CLNP_OPTION_SECURITY: @@ -1009,8 +1008,8 @@ clnp_print(netdissect_options *ndo, return (0); } ND_PRINT("\n\t Format Code: %s, Security-Level %u", - tok2str(clnp_option_scope_values,"Reserved",EXTRACT_U_1(tptr)&CLNP_OPTION_SCOPE_MASK), - EXTRACT_U_1(tptr + 1)); + tok2str(clnp_option_scope_values,"Reserved",GET_U_1(tptr)&CLNP_OPTION_SCOPE_MASK), + GET_U_1(tptr + 1)); break; case CLNP_OPTION_DISCARD_REASON: @@ -1018,7 +1017,7 @@ clnp_print(netdissect_options *ndo, ND_PRINT(", bad opt len"); return (0); } - rfd_error = EXTRACT_U_1(tptr); + rfd_error = GET_U_1(tptr); rfd_error_major = (rfd_error&0xf0) >> 4; rfd_error_minor = rfd_error&0x0f; ND_PRINT("\n\t Class: %s Error (0x%01x), %s (0x%01x)", @@ -1051,7 +1050,7 @@ clnp_print(netdissect_options *ndo, case CLNP_PDU_ER: /* fall through */ case CLNP_PDU_ERP: ND_TCHECK_1(pptr); - if (EXTRACT_U_1(pptr) == NLPID_CLNP) { + if (GET_U_1(pptr) == NLPID_CLNP) { ND_PRINT("\n\t-----original packet-----\n\t"); /* FIXME recursion protection */ clnp_print(ndo, pptr, length - li); @@ -1131,19 +1130,20 @@ esis_print(netdissect_options *ndo, esis_header = (const struct esis_header_t *) pptr; ND_TCHECK_SIZE(esis_header); - li = EXTRACT_U_1(esis_header->length_indicator); + li = GET_U_1(esis_header->length_indicator); optr = pptr; /* * Sanity checking of the header. */ - if (EXTRACT_U_1(esis_header->nlpid) != NLPID_ESIS) { - ND_PRINT(" nlpid 0x%02x packet not supported", EXTRACT_U_1(esis_header->nlpid)); + if (GET_U_1(esis_header->nlpid) != NLPID_ESIS) { + ND_PRINT(" nlpid 0x%02x packet not supported", + GET_U_1(esis_header->nlpid)); return; } - version = EXTRACT_U_1(esis_header->version); + version = GET_U_1(esis_header->version); if (version != ESIS_VERSION) { ND_PRINT(" version %u packet not supported", version); return; @@ -1157,13 +1157,13 @@ esis_print(netdissect_options *ndo, if (li < sizeof(struct esis_header_t) + 2) { ND_PRINT(" length indicator %u < min PDU size:", li); while (pptr < ndo->ndo_snapend) { - ND_PRINT("%02X", EXTRACT_U_1(pptr)); + ND_PRINT("%02X", GET_U_1(pptr)); pptr++; } return; } - esis_pdu_type = EXTRACT_U_1(esis_header->type) & ESIS_PDU_TYPE_MASK; + esis_pdu_type = GET_U_1(esis_header->type) & ESIS_PDU_TYPE_MASK; if (ndo->ndo_vflag < 1) { ND_PRINT("%s%s, length %u", @@ -1179,13 +1179,13 @@ esis_print(netdissect_options *ndo, esis_pdu_type); ND_PRINT(", v: %u%s", version, version == ESIS_VERSION ? "" : "unsupported" ); - ND_PRINT(", checksum: 0x%04x", EXTRACT_BE_U_2(esis_header->cksum)); + ND_PRINT(", checksum: 0x%04x", GET_BE_U_2(esis_header->cksum)); - osi_print_cksum(ndo, pptr, EXTRACT_BE_U_2(esis_header->cksum), 7, + osi_print_cksum(ndo, pptr, GET_BE_U_2(esis_header->cksum), 7, li); ND_PRINT(", holding time: %us, length indicator: %u", - EXTRACT_BE_U_2(esis_header->holdtime), li); + GET_BE_U_2(esis_header->holdtime), li); if (ndo->ndo_vflag > 1) print_unknown_data(ndo, optr, "\n\t", sizeof(struct esis_header_t)); @@ -1203,7 +1203,7 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad redirect/li"); return; } - dstl = EXTRACT_U_1(pptr); + dstl = GET_U_1(pptr); pptr++; li--; ND_TCHECK_LEN(pptr, dstl); @@ -1221,7 +1221,7 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad redirect/li"); return; } - snpal = EXTRACT_U_1(pptr); + snpal = GET_U_1(pptr); pptr++; li--; ND_TCHECK_LEN(pptr, snpal); @@ -1237,7 +1237,7 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad redirect/li"); return; } - netal = EXTRACT_U_1(pptr); + netal = GET_U_1(pptr); pptr++; ND_TCHECK_LEN(pptr, netal); if (li < netal) { @@ -1269,7 +1269,7 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad esh/li"); return; } - source_address_number = EXTRACT_U_1(pptr); + source_address_number = GET_U_1(pptr); pptr++; li--; @@ -1281,7 +1281,7 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad esh/li"); return; } - source_address_length = EXTRACT_U_1(pptr); + source_address_length = GET_U_1(pptr); pptr++; li--; @@ -1306,7 +1306,7 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad ish/li"); return; } - source_address_length = EXTRACT_U_1(pptr); + source_address_length = GET_U_1(pptr); pptr++; li--; ND_TCHECK_LEN(pptr, source_address_length); @@ -1338,8 +1338,8 @@ esis_print(netdissect_options *ndo, return; } ND_TCHECK_2(pptr); - op = EXTRACT_U_1(pptr); - opli = EXTRACT_U_1(pptr + 1); + op = GET_U_1(pptr); + opli = GET_U_1(pptr + 1); pptr += 2; li -= 2; if (opli > li) { @@ -1359,7 +1359,7 @@ esis_print(netdissect_options *ndo, case ESIS_OPTION_ES_CONF_TIME: if (opli == 2) { ND_TCHECK_2(pptr); - ND_PRINT("%us", EXTRACT_BE_U_2(tptr)); + ND_PRINT("%us", GET_BE_U_2(tptr)); } else ND_PRINT("(bad length)"); break; @@ -1370,8 +1370,8 @@ esis_print(netdissect_options *ndo, ND_PRINT("%s (0x%02x)", tok2str(nlpid_values, "unknown", - EXTRACT_U_1(tptr)), - EXTRACT_U_1(tptr)); + GET_U_1(tptr)), + GET_U_1(tptr)); if (opli>1) /* further NPLIDs ? - put comma */ ND_PRINT(", "); tptr++; @@ -1411,12 +1411,12 @@ isis_print_mcid(netdissect_options *ndo, int i; ND_TCHECK_SIZE(mcid); - ND_PRINT("ID: %u, Name: ", EXTRACT_U_1(mcid->format_id)); + ND_PRINT("ID: %u, Name: ", GET_U_1(mcid->format_id)); if (nd_printzp(ndo, mcid->name, 32, ndo->ndo_snapend)) goto trunc; - ND_PRINT("\n\t Lvl: %u", EXTRACT_BE_U_2(mcid->revision_lvl)); + ND_PRINT("\n\t Lvl: %u", GET_BE_U_2(mcid->revision_lvl)); ND_PRINT(", Digest: "); @@ -1439,8 +1439,8 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, while (len > 2) { ND_TCHECK_2(tptr); - stlv_type = EXTRACT_U_1(tptr); - stlv_len = EXTRACT_U_1(tptr + 1); + stlv_type = GET_U_1(tptr); + stlv_len = GET_U_1(tptr + 1); /* first lets see if we know the subTLVs name*/ ND_PRINT("\n\t %s subTLV #%u, length: %u", @@ -1448,13 +1448,13 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, stlv_type, stlv_len); - tptr = tptr + 2; + tptr += 2; /*len -= TLV_TYPE_LEN_OFFSET;*/ - len = len - 2; + len -= 2; /* Make sure the subTLV fits within the space left */ if (len < stlv_len) - goto trunc; + goto subtlv_too_long; /* Make sure the entire subTLV is in the captured data */ ND_TCHECK_LEN(tptr, stlv_len); @@ -1463,7 +1463,7 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, case ISIS_SUBTLV_SPB_MCID: { if (stlv_len < ISIS_SUBTLV_SPB_MCID_MIN_LEN) - goto trunc; + goto subtlv_too_short; subtlv_spb_mcid = (const struct isis_subtlv_spb_mcid *)tptr; @@ -1478,9 +1478,9 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, /*tptr += SPB_MCID_MIN_LEN; len -= SPB_MCID_MIN_LEN; */ - tptr = tptr + ISIS_SUBTLV_SPB_MCID_MIN_LEN; - len = len - ISIS_SUBTLV_SPB_MCID_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_MCID_MIN_LEN; + tptr += ISIS_SUBTLV_SPB_MCID_MIN_LEN; + len -= ISIS_SUBTLV_SPB_MCID_MIN_LEN; + stlv_len -= ISIS_SUBTLV_SPB_MCID_MIN_LEN; break; } @@ -1488,13 +1488,13 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, case ISIS_SUBTLV_SPB_DIGEST: { if (stlv_len < ISIS_SUBTLV_SPB_DIGEST_MIN_LEN) - goto trunc; + goto subtlv_too_short; ND_PRINT("\n\t RES: %u V: %u A: %u D: %u", - (EXTRACT_U_1(tptr) >> 5), - ((EXTRACT_U_1(tptr) >> 4) & 0x01), - ((EXTRACT_U_1(tptr) >> 2) & 0x03), - (EXTRACT_U_1(tptr) & 0x03)); + (GET_U_1(tptr) >> 5), + ((GET_U_1(tptr) >> 4) & 0x01), + ((GET_U_1(tptr) >> 2) & 0x03), + (GET_U_1(tptr) & 0x03)); tptr++; @@ -1502,35 +1502,41 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, for(i=1;i<=8; i++) { - ND_PRINT("%08x ", EXTRACT_BE_U_4(tptr)); + ND_PRINT("%08x ", GET_BE_U_4(tptr)); if (i%4 == 0 && i != 8) ND_PRINT("\n\t "); - tptr = tptr + 4; + tptr += 4; } - len = len - ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; + len -= ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; + stlv_len -= ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; break; } case ISIS_SUBTLV_SPB_BVID: { - while (stlv_len >= ISIS_SUBTLV_SPB_BVID_MIN_LEN) + while (stlv_len != 0) { + if (stlv_len < 4) + goto subtlv_too_short; ND_PRINT("\n\t ECT: %08x", - EXTRACT_BE_U_4(tptr)); + GET_BE_U_4(tptr)); - tptr = tptr+4; + tptr += 4; + len -= 4; + stlv_len -= 4; + if (stlv_len < 2) + goto subtlv_too_short; ND_PRINT(" BVID: %u, U:%01x M:%01x ", - (EXTRACT_BE_U_2(tptr) >> 4) , - (EXTRACT_BE_U_2(tptr) >> 3) & 0x01, - (EXTRACT_BE_U_2(tptr) >> 2) & 0x01); + (GET_BE_U_2(tptr) >> 4) , + (GET_BE_U_2(tptr) >> 3) & 0x01, + (GET_BE_U_2(tptr) >> 2) & 0x01); - tptr = tptr + 2; - len = len - ISIS_SUBTLV_SPB_BVID_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_BVID_MIN_LEN; + tptr += 2; + len -= 2; + stlv_len -= 2; } break; @@ -1542,12 +1548,19 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, tptr += stlv_len; len -= stlv_len; } + return (0); - return 0; +trunc: + nd_print_trunc(ndo); + return (1); - trunc: - nd_print_trunc(ndo); - return(1); +subtlv_too_long: + ND_PRINT(" (> containing TLV length)"); + return (1); + +subtlv_too_short: + ND_PRINT(" (too short)"); + return (1); } static int @@ -1559,10 +1572,10 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, while (len > 2) { ND_TCHECK_2(tptr); - stlv_type = EXTRACT_U_1(tptr); - stlv_len = EXTRACT_U_1(tptr + 1); - tptr = tptr + 2; - len = len - 2; + stlv_type = GET_U_1(tptr); + stlv_len = GET_U_1(tptr + 1); + tptr += 2; + len -= 2; /* first lets see if we know the subTLVs name*/ ND_PRINT("\n\t %s subTLV #%u, length: %u", @@ -1572,7 +1585,7 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, /* Make sure the subTLV fits within the space left */ if (len < stlv_len) - goto trunc; + goto subtlv_too_long; /* Make sure the entire subTLV is in the captured data */ ND_TCHECK_LEN(tptr, stlv_len); @@ -1580,30 +1593,30 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, { case ISIS_SUBTLV_SPB_INSTANCE: if (stlv_len < ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN) - goto trunc; - - ND_PRINT("\n\t CIST Root-ID: %08x", EXTRACT_BE_U_4(tptr)); - tptr = tptr+4; - ND_PRINT(" %08x", EXTRACT_BE_U_4(tptr)); - tptr = tptr+4; - ND_PRINT(", Path Cost: %08x", EXTRACT_BE_U_4(tptr)); - tptr = tptr+4; - ND_PRINT(", Prio: %u", EXTRACT_BE_U_2(tptr)); - tptr = tptr + 2; + goto subtlv_too_short; + + ND_PRINT("\n\t CIST Root-ID: %08x", GET_BE_U_4(tptr)); + tptr += 4; + ND_PRINT(" %08x", GET_BE_U_4(tptr)); + tptr += 4; + ND_PRINT(", Path Cost: %08x", GET_BE_U_4(tptr)); + tptr += 4; + ND_PRINT(", Prio: %u", GET_BE_U_2(tptr)); + tptr += 2; ND_PRINT("\n\t RES: %u", - EXTRACT_BE_U_2(tptr) >> 5); + GET_BE_U_2(tptr) >> 5); ND_PRINT(", V: %u", - (EXTRACT_BE_U_2(tptr) >> 4) & 0x0001); + (GET_BE_U_2(tptr) >> 4) & 0x0001); ND_PRINT(", SPSource-ID: %u", - (EXTRACT_BE_U_4(tptr) & 0x000fffff)); - tptr = tptr+4; - ND_PRINT(", No of Trees: %x", EXTRACT_U_1(tptr)); + (GET_BE_U_4(tptr) & 0x000fffff)); + tptr += 4; + ND_PRINT(", No of Trees: %x", GET_U_1(tptr)); - treecount = EXTRACT_U_1(tptr); + treecount = GET_U_1(tptr); tptr++; - len = len - ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; + len -= ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; + stlv_len -= ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; while (treecount) { @@ -1611,24 +1624,24 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, goto trunc; ND_PRINT("\n\t U:%u, M:%u, A:%u, RES:%u", - EXTRACT_U_1(tptr) >> 7, - (EXTRACT_U_1(tptr) >> 6) & 0x01, - (EXTRACT_U_1(tptr) >> 5) & 0x01, - (EXTRACT_U_1(tptr) & 0x1f)); + GET_U_1(tptr) >> 7, + (GET_U_1(tptr) >> 6) & 0x01, + (GET_U_1(tptr) >> 5) & 0x01, + (GET_U_1(tptr) & 0x1f)); tptr++; - ND_PRINT(", ECT: %08x", EXTRACT_BE_U_4(tptr)); + ND_PRINT(", ECT: %08x", GET_BE_U_4(tptr)); - tptr = tptr + 4; + tptr += 4; ND_PRINT(", BVID: %u, SPVID: %u", - (EXTRACT_BE_U_3(tptr) >> 12) & 0x000fff, - EXTRACT_BE_U_3(tptr) & 0x000fff); + (GET_BE_U_3(tptr) >> 12) & 0x000fff, + GET_BE_U_3(tptr) & 0x000fff); - tptr = tptr + 3; - len = len - ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; + tptr += 3; + len -= ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; + stlv_len -= ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; treecount--; } @@ -1638,29 +1651,29 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, if (stlv_len < 8) goto trunc; - ND_PRINT("\n\t BMAC: %08x", EXTRACT_BE_U_4(tptr)); - tptr = tptr+4; - ND_PRINT("%04x", EXTRACT_BE_U_2(tptr)); - tptr = tptr+2; + ND_PRINT("\n\t BMAC: %08x", GET_BE_U_4(tptr)); + tptr += 4; + ND_PRINT("%04x", GET_BE_U_2(tptr)); + tptr += 2; - ND_PRINT(", RES: %u, VID: %u", EXTRACT_BE_U_2(tptr) >> 12, - (EXTRACT_BE_U_2(tptr)) & 0x0fff); + ND_PRINT(", RES: %u, VID: %u", GET_BE_U_2(tptr) >> 12, + (GET_BE_U_2(tptr)) & 0x0fff); - tptr = tptr+2; - len = len - 8; - stlv_len = stlv_len - 8; + tptr += 2; + len -= 8; + stlv_len -= 8; while (stlv_len >= 4) { ND_TCHECK_4(tptr); ND_PRINT("\n\t T: %u, R: %u, RES: %u, ISID: %u", - (EXTRACT_BE_U_4(tptr) >> 31), - (EXTRACT_BE_U_4(tptr) >> 30) & 0x01, - (EXTRACT_BE_U_4(tptr) >> 24) & 0x03f, - (EXTRACT_BE_U_4(tptr)) & 0x0ffffff); - - tptr = tptr + 4; - len = len - 4; - stlv_len = stlv_len - 4; + (GET_BE_U_4(tptr) >> 31), + (GET_BE_U_4(tptr) >> 30) & 0x01, + (GET_BE_U_4(tptr) >> 24) & 0x03f, + (GET_BE_U_4(tptr)) & 0x0ffffff); + + tptr += 4; + len -= 4; + stlv_len -= 4; } break; @@ -1671,16 +1684,24 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, tptr += stlv_len; len -= stlv_len; } - return 0; + return (0); - trunc: - nd_print_trunc(ndo); - return(1); +trunc: + nd_print_trunc(ndo); + return (1); + +subtlv_too_long: + ND_PRINT(" (> containing TLV length)"); + return (1); + +subtlv_too_short: + ND_PRINT(" (too short)"); + return (1); } /* shared routine for printing system, node and lsp-ids */ static char * -isis_print_id(const uint8_t *cp, u_int id_len) +isis_print_id(netdissect_options *ndo, const uint8_t *cp, u_int id_len) { u_int i; static char id[sizeof("xxxx.xxxx.xxxx.yy-zz")]; @@ -1691,19 +1712,19 @@ isis_print_id(const uint8_t *cp, u_int id_len) if (sysid_len > id_len) sysid_len = id_len; for (i = 1; i <= sysid_len; i++) { - nd_snprintf(pos, sizeof(id) - (pos - id), "%02x", EXTRACT_U_1(cp)); + snprintf(pos, sizeof(id) - (pos - id), "%02x", GET_U_1(cp)); cp++; pos += strlen(pos); if (i == 2 || i == 4) *pos++ = '.'; } if (id_len >= NODE_ID_LEN) { - nd_snprintf(pos, sizeof(id) - (pos - id), ".%02x", EXTRACT_U_1(cp)); + snprintf(pos, sizeof(id) - (pos - id), ".%02x", GET_U_1(cp)); cp++; pos += strlen(pos); } if (id_len == LSP_ID_LEN) - nd_snprintf(pos, sizeof(id) - (pos - id), "-%02x", EXTRACT_U_1(cp)); + snprintf(pos, sizeof(id) - (pos - id), "-%02x", GET_U_1(cp)); return (id); } @@ -1742,15 +1763,15 @@ isis_print_tlv_ip_reach(netdissect_options *ndo, while (length > 0) { if ((size_t)length < sizeof(*tlv_ip_reach)) { - ND_PRINT("short IPv4 Reachability (%u vs %lu)", + ND_PRINT("short IPv4 Reachability (%u vs %zu)", length, - (unsigned long)sizeof(*tlv_ip_reach)); + sizeof(*tlv_ip_reach)); return (0); } ND_TCHECK_SIZE(tlv_ip_reach); - prefix_len = mask2plen(EXTRACT_IPV4_TO_HOST_ORDER(tlv_ip_reach->mask)); + prefix_len = mask2plen(GET_IPV4_TO_HOST_ORDER(tlv_ip_reach->mask)); if (prefix_len == -1) ND_PRINT("%sIPv4 prefix: %s mask %s", @@ -1816,8 +1837,8 @@ isis_print_ip_reach_subtlv(netdissect_options *ndo, case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32: while (subl >= 4) { ND_PRINT(", 0x%08x (=%u)", - EXTRACT_BE_U_4(tptr), - EXTRACT_BE_U_4(tptr)); + GET_BE_U_4(tptr), + GET_BE_U_4(tptr)); tptr+=4; subl-=4; } @@ -1825,8 +1846,8 @@ isis_print_ip_reach_subtlv(netdissect_options *ndo, case ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64: while (subl >= 8) { ND_PRINT(", 0x%08x%08x", - EXTRACT_BE_U_4(tptr), - EXTRACT_BE_U_4(tptr + 4)); + GET_BE_U_4(tptr), + GET_BE_U_4(tptr + 4)); tptr+=8; subl-=8; } @@ -1866,31 +1887,33 @@ isis_print_ext_is_reach(netdissect_options *ndo, if (tlv_remaining < NODE_ID_LEN) return(0); - ND_PRINT("%sIS Neighbor: %s", ident, isis_print_id(tptr, NODE_ID_LEN)); + ND_PRINT("%sIS Neighbor: %s", ident, isis_print_id(ndo, tptr, NODE_ID_LEN)); tptr+=NODE_ID_LEN; tlv_remaining-=NODE_ID_LEN; + proc_bytes+=NODE_ID_LEN; if (tlv_type != ISIS_TLV_IS_ALIAS_ID) { /* the Alias TLV Metric field is implicit 0 */ ND_TCHECK_3(tptr); if (tlv_remaining < 3) return(0); - ND_PRINT(", Metric: %u", EXTRACT_BE_U_3(tptr)); + ND_PRINT(", Metric: %u", GET_BE_U_3(tptr)); tptr+=3; tlv_remaining-=3; + proc_bytes+=3; } ND_TCHECK_1(tptr); if (tlv_remaining < 1) return(0); - subtlv_sum_len=EXTRACT_U_1(tptr); /* read out subTLV length */ + subtlv_sum_len=GET_U_1(tptr); /* read out subTLV length */ tptr++; tlv_remaining--; - proc_bytes=NODE_ID_LEN+3+1; + proc_bytes++; ND_PRINT(", %ssub-TLVs present",subtlv_sum_len ? "" : "no "); if (subtlv_sum_len) { ND_PRINT(" (%u)", subtlv_sum_len); /* prepend the indent string */ - nd_snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); + snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); ident = ident_buffer; while (subtlv_sum_len != 0) { ND_TCHECK_2(tptr); @@ -1904,8 +1927,8 @@ isis_print_ext_is_reach(netdissect_options *ndo, proc_bytes += subtlv_sum_len; break; } - subtlv_type=EXTRACT_U_1(tptr); - subtlv_len=EXTRACT_U_1(tptr + 1); + subtlv_type=GET_U_1(tptr); + subtlv_len=GET_U_1(tptr + 1); tptr += 2; tlv_remaining -= 2; subtlv_sum_len -= 2; @@ -1933,9 +1956,9 @@ isis_print_ext_is_reach(netdissect_options *ndo, case ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID: case ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID: if (subtlv_len >= 4) { - ND_PRINT(", 0x%08x", EXTRACT_BE_U_4(tptr)); + ND_PRINT(", 0x%08x", GET_BE_U_4(tptr)); if (subtlv_len == 8) /* rfc4205 */ - ND_PRINT(", 0x%08x", EXTRACT_BE_U_4(tptr + 4)); + ND_PRINT(", 0x%08x", GET_BE_U_4(tptr + 4)); } break; case ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR: @@ -1946,14 +1969,14 @@ isis_print_ext_is_reach(netdissect_options *ndo, case ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW : case ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW: if (subtlv_len >= 4) { - bw.i = EXTRACT_BE_U_4(tptr); + bw.i = GET_BE_U_4(tptr); ND_PRINT(", %.3f Mbps", bw.f * 8 / 1000000); } break; case ISIS_SUBTLV_EXT_IS_REACH_UNRESERVED_BW : if (subtlv_len >= 32) { for (te_class = 0; te_class < 8; te_class++) { - bw.i = EXTRACT_BE_U_4(tptr); + bw.i = GET_BE_U_4(tptr); ND_PRINT("%s TE-Class %u: %.3f Mbps", ident, te_class, @@ -1971,8 +1994,8 @@ isis_print_ext_is_reach(netdissect_options *ndo, break; ND_PRINT("%sBandwidth Constraints Model ID: %s (%u)", ident, - tok2str(diffserv_te_bc_values, "unknown", EXTRACT_U_1(tptr)), - EXTRACT_U_1(tptr)); + tok2str(diffserv_te_bc_values, "unknown", GET_U_1(tptr)), + GET_U_1(tptr)); tptr++; subtlv_len--; subtlv_sum_len--; @@ -1981,7 +2004,7 @@ isis_print_ext_is_reach(netdissect_options *ndo, for (te_class = 0; subtlv_len != 0; te_class++) { if (subtlv_len < 4) break; - bw.i = EXTRACT_BE_U_4(tptr); + bw.i = GET_BE_U_4(tptr); ND_PRINT("%s Bandwidth constraint CT%u: %.3f Mbps", ident, te_class, @@ -1994,54 +2017,54 @@ isis_print_ext_is_reach(netdissect_options *ndo, break; case ISIS_SUBTLV_EXT_IS_REACH_TE_METRIC: if (subtlv_len >= 3) - ND_PRINT(", %u", EXTRACT_BE_U_3(tptr)); + ND_PRINT(", %u", GET_BE_U_3(tptr)); break; case ISIS_SUBTLV_EXT_IS_REACH_LINK_ATTRIBUTE: if (subtlv_len == 2) { ND_PRINT(", [ %s ] (0x%04x)", bittok2str(isis_subtlv_link_attribute_values, "Unknown", - EXTRACT_BE_U_2(tptr)), - EXTRACT_BE_U_2(tptr)); + GET_BE_U_2(tptr)), + GET_BE_U_2(tptr)); } break; case ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE: if (subtlv_len >= 2) { ND_PRINT(", %s, Priority %u", - bittok2str(gmpls_link_prot_values, "none", EXTRACT_U_1(tptr)), - EXTRACT_U_1(tptr + 1)); + bittok2str(gmpls_link_prot_values, "none", GET_U_1(tptr)), + GET_U_1(tptr + 1)); } break; case ISIS_SUBTLV_SPB_METRIC: if (subtlv_len >= 6) { - ND_PRINT(", LM: %u", EXTRACT_BE_U_3(tptr)); + ND_PRINT(", LM: %u", GET_BE_U_3(tptr)); tptr += 3; subtlv_len -= 3; subtlv_sum_len -= 3; proc_bytes += 3; - ND_PRINT(", P: %u", EXTRACT_U_1(tptr)); + ND_PRINT(", P: %u", GET_U_1(tptr)); tptr++; subtlv_len--; subtlv_sum_len--; proc_bytes++; - ND_PRINT(", P-ID: %u", EXTRACT_BE_U_2(tptr)); + ND_PRINT(", P-ID: %u", GET_BE_U_2(tptr)); } break; case ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR: if (subtlv_len >= 36) { - gmpls_switch_cap = EXTRACT_U_1(tptr); + gmpls_switch_cap = GET_U_1(tptr); ND_PRINT("%s Interface Switching Capability:%s", ident, tok2str(gmpls_switch_cap_values, "Unknown", gmpls_switch_cap)); ND_PRINT(", LSP Encoding: %s", - tok2str(gmpls_encoding_values, "Unknown", EXTRACT_U_1((tptr + 1)))); + tok2str(gmpls_encoding_values, "Unknown", GET_U_1((tptr + 1)))); tptr += 4; subtlv_len -= 4; subtlv_sum_len -= 4; proc_bytes += 4; ND_PRINT("%s Max LSP Bandwidth:", ident); for (priority_level = 0; priority_level < 8; priority_level++) { - bw.i = EXTRACT_BE_U_4(tptr); + bw.i = GET_BE_U_4(tptr); ND_PRINT("%s priority level %u: %.3f Mbps", ident, priority_level, @@ -2058,17 +2081,18 @@ isis_print_ext_is_reach(netdissect_options *ndo, case GMPLS_PSC4: if (subtlv_len < 6) break; - bw.i = EXTRACT_BE_U_4(tptr); + bw.i = GET_BE_U_4(tptr); ND_PRINT("%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000); - ND_PRINT("%s Interface MTU: %u", ident, EXTRACT_BE_U_2(tptr + 4)); + ND_PRINT("%s Interface MTU: %u", ident, + GET_BE_U_2(tptr + 4)); break; case GMPLS_TSC: if (subtlv_len < 8) break; - bw.i = EXTRACT_BE_U_4(tptr); + bw.i = GET_BE_U_4(tptr); ND_PRINT("%s Min LSP Bandwidth: %.3f Mbps", ident, bw.f * 8 / 1000000); ND_PRINT("%s Indication %s", ident, - tok2str(gmpls_switch_cap_tsc_indication_values, "Unknown (%u)", EXTRACT_U_1((tptr + 4)))); + tok2str(gmpls_switch_cap_tsc_indication_values, "Unknown (%u)", GET_U_1((tptr + 4)))); break; default: /* there is some optional stuff left to decode but this is as of yet @@ -2103,21 +2127,23 @@ trunc: * it is called from various MT-TLVs (222,229,235,237) */ -static u_int +static uint8_t isis_print_mtid(netdissect_options *ndo, - const uint8_t *tptr, const char *ident) + const uint8_t *tptr, const char *ident, u_int tlv_remaining) { + if (tlv_remaining < 2) + goto trunc; ND_TCHECK_2(tptr); ND_PRINT("%s%s", ident, tok2str(isis_mt_values, "Reserved for IETF Consensus", - ISIS_MASK_MTID(EXTRACT_BE_U_2(tptr)))); + ISIS_MASK_MTID(GET_BE_U_2(tptr)))); ND_PRINT(" Topology (0x%03x), Flags: [%s]", - ISIS_MASK_MTID(EXTRACT_BE_U_2(tptr)), - bittok2str(isis_mt_flag_values, "none",ISIS_MASK_MTFLAGS(EXTRACT_BE_U_2(tptr)))); + ISIS_MASK_MTID(GET_BE_U_2(tptr)), + bittok2str(isis_mt_flag_values, "none",ISIS_MASK_MTFLAGS(GET_BE_U_2(tptr)))); return(2); trunc: @@ -2140,13 +2166,13 @@ isis_print_extd_ip_reach(netdissect_options *ndo, u_int metric, status_byte, bit_length, byte_length, sublen, processed, subtlvtype, subtlvlen; ND_TCHECK_4(tptr); - metric = EXTRACT_BE_U_4(tptr); + metric = GET_BE_U_4(tptr); processed=4; tptr+=4; if (afi == AF_INET) { ND_TCHECK_1(tptr); - status_byte=EXTRACT_U_1(tptr); + status_byte=GET_U_1(tptr); tptr++; bit_length = status_byte&0x3f; if (bit_length > 32) { @@ -2158,8 +2184,8 @@ isis_print_extd_ip_reach(netdissect_options *ndo, processed++; } else if (afi == AF_INET6) { ND_TCHECK_2(tptr); - status_byte=EXTRACT_U_1(tptr); - bit_length=EXTRACT_U_1(tptr + 1); + status_byte=GET_U_1(tptr); + bit_length=GET_U_1(tptr + 1); if (bit_length > 128) { ND_PRINT("%sIPv6 prefix: bad bit length %u", ident, @@ -2209,18 +2235,18 @@ isis_print_extd_ip_reach(netdissect_options *ndo, the aggregate bytecount of the subTLVs for this prefix */ ND_TCHECK_1(tptr); - sublen=EXTRACT_U_1(tptr); + sublen=GET_U_1(tptr); tptr++; processed+=sublen+1; ND_PRINT(" (%u)", sublen); /* print out subTLV length */ while (sublen>0) { ND_TCHECK_2(tptr); - subtlvtype=EXTRACT_U_1(tptr); - subtlvlen=EXTRACT_U_1(tptr + 1); + subtlvtype=GET_U_1(tptr); + subtlvlen=GET_U_1(tptr + 1); tptr+=2; /* prepend the indent string */ - nd_snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); + snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); if (!isis_print_ip_reach_subtlv(ndo, tptr, subtlvtype, subtlvlen, ident_buffer)) return(0); tptr+=subtlvlen; @@ -2270,12 +2296,15 @@ isis_print(netdissect_options *ndo, uint8_t version, pdu_version, fixed_len; uint8_t pdu_type, pdu_max_area, max_area, pdu_id_length, id_length, tlv_type, tlv_len, tlen, alen, lan_alen, prefix_len; - u_int ext_is_len, ext_ip_len, mt_len; + u_int ext_is_len, ext_ip_len; + uint8_t mt_len; uint8_t isis_subtlv_idrp; const uint8_t *optr, *pptr, *tptr; u_int packet_len; u_short pdu_len, key_id; u_int i,vendor_id; + uint8_t auth_type; + uint8_t num_system_ids; int sigcheck; ndo->ndo_protocol = "isis"; @@ -2301,26 +2330,26 @@ isis_print(netdissect_options *ndo, * Sanity checking of the header. */ - version = EXTRACT_U_1(isis_header->version); + version = GET_U_1(isis_header->version); if (version != ISIS_VERSION) { ND_PRINT("version %u packet not supported", version); return (0); } - pdu_id_length = EXTRACT_U_1(isis_header->id_length); + pdu_id_length = GET_U_1(isis_header->id_length); if ((pdu_id_length != SYSTEM_ID_LEN) && (pdu_id_length != 0)) { ND_PRINT("system ID length of %u is not supported", pdu_id_length); return (0); } - pdu_version = EXTRACT_U_1(isis_header->pdu_version); + pdu_version = GET_U_1(isis_header->pdu_version); if (pdu_version != ISIS_VERSION) { ND_PRINT("version %u packet not supported", pdu_version); return (0); } - fixed_len = EXTRACT_U_1(isis_header->fixed_len); + fixed_len = GET_U_1(isis_header->fixed_len); if (length < fixed_len) { ND_PRINT("fixed header length %u > packet length %u", fixed_len, length); return (0); @@ -2331,7 +2360,7 @@ isis_print(netdissect_options *ndo, return (0); } - pdu_max_area = EXTRACT_U_1(isis_header->max_area); + pdu_max_area = GET_U_1(isis_header->max_area); switch(pdu_max_area) { case 0: max_area = 3; /* silly shit */ @@ -2372,7 +2401,7 @@ isis_print(netdissect_options *ndo, return (0); } - pdu_type = EXTRACT_U_1(isis_header->pdu_type); + pdu_type = GET_U_1(isis_header->pdu_type); /* in non-verbose mode print the basic PDU Type plus PDU specific brief information*/ if (ndo->ndo_vflag == 0) { @@ -2406,8 +2435,8 @@ isis_print(netdissect_options *ndo, case ISIS_PDU_L1_LAN_IIH: case ISIS_PDU_L2_LAN_IIH: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_iih_lan); @@ -2415,29 +2444,29 @@ isis_print(netdissect_options *ndo, goto trunc; if (ndo->ndo_vflag == 0) { ND_PRINT(", src-id %s", - isis_print_id(header_iih_lan->source_id, SYSTEM_ID_LEN)); + isis_print_id(ndo, header_iih_lan->source_id, SYSTEM_ID_LEN)); ND_PRINT(", lan-id %s, prio %u", - isis_print_id(header_iih_lan->lan_id,NODE_ID_LEN), - EXTRACT_U_1(header_iih_lan->priority)); + isis_print_id(ndo, header_iih_lan->lan_id,NODE_ID_LEN), + GET_U_1(header_iih_lan->priority)); ND_PRINT(", length %u", length); return (1); } - pdu_len=EXTRACT_BE_U_2(header_iih_lan->pdu_len); + pdu_len=GET_BE_U_2(header_iih_lan->pdu_len); if (packet_len>pdu_len) { packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ length=pdu_len; } ND_PRINT("\n\t source-id: %s, holding time: %us, Flags: [%s]", - isis_print_id(header_iih_lan->source_id,SYSTEM_ID_LEN), - EXTRACT_BE_U_2(header_iih_lan->holding_time), + isis_print_id(ndo, header_iih_lan->source_id,SYSTEM_ID_LEN), + GET_BE_U_2(header_iih_lan->holding_time), tok2str(isis_iih_circuit_type_values, "unknown circuit type 0x%02x", - EXTRACT_U_1(header_iih_lan->circuit_type))); + GET_U_1(header_iih_lan->circuit_type))); ND_PRINT("\n\t lan-id: %s, Priority: %u, PDU length: %u", - isis_print_id(header_iih_lan->lan_id, NODE_ID_LEN), - EXTRACT_U_1(header_iih_lan->priority) & ISIS_LAN_PRIORITY_MASK, + isis_print_id(ndo, header_iih_lan->lan_id, NODE_ID_LEN), + GET_U_1(header_iih_lan->priority) & ISIS_LAN_PRIORITY_MASK, pdu_len); if (ndo->ndo_vflag > 1) { @@ -2451,33 +2480,33 @@ isis_print(netdissect_options *ndo, case ISIS_PDU_PTP_IIH: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_iih_ptp); if (length < ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE) goto trunc; if (ndo->ndo_vflag == 0) { - ND_PRINT(", src-id %s", isis_print_id(header_iih_ptp->source_id, SYSTEM_ID_LEN)); + ND_PRINT(", src-id %s", isis_print_id(ndo, header_iih_ptp->source_id, SYSTEM_ID_LEN)); ND_PRINT(", length %u", length); return (1); } - pdu_len=EXTRACT_BE_U_2(header_iih_ptp->pdu_len); + pdu_len=GET_BE_U_2(header_iih_ptp->pdu_len); if (packet_len>pdu_len) { packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ length=pdu_len; } ND_PRINT("\n\t source-id: %s, holding time: %us, Flags: [%s]", - isis_print_id(header_iih_ptp->source_id,SYSTEM_ID_LEN), - EXTRACT_BE_U_2(header_iih_ptp->holding_time), + isis_print_id(ndo, header_iih_ptp->source_id,SYSTEM_ID_LEN), + GET_BE_U_2(header_iih_ptp->holding_time), tok2str(isis_iih_circuit_type_values, "unknown circuit type 0x%02x", - EXTRACT_U_1(header_iih_ptp->circuit_type))); + GET_U_1(header_iih_ptp->circuit_type))); ND_PRINT("\n\t circuit-id: 0x%02x, PDU length: %u", - EXTRACT_U_1(header_iih_ptp->circuit_id), + GET_U_1(header_iih_ptp->circuit_id), pdu_len); if (ndo->ndo_vflag > 1) { @@ -2492,8 +2521,8 @@ isis_print(netdissect_options *ndo, case ISIS_PDU_L1_LSP: case ISIS_PDU_L2_LSP: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)ISIS_LSP_HEADER_SIZE); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_LSP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_lsp); @@ -2501,26 +2530,26 @@ isis_print(netdissect_options *ndo, goto trunc; if (ndo->ndo_vflag == 0) { ND_PRINT(", lsp-id %s, seq 0x%08x, lifetime %5us", - isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), - EXTRACT_BE_U_4(header_lsp->sequence_number), - EXTRACT_BE_U_2(header_lsp->remaining_lifetime)); + isis_print_id(ndo, header_lsp->lsp_id, LSP_ID_LEN), + GET_BE_U_4(header_lsp->sequence_number), + GET_BE_U_2(header_lsp->remaining_lifetime)); ND_PRINT(", length %u", length); return (1); } - pdu_len=EXTRACT_BE_U_2(header_lsp->pdu_len); + pdu_len=GET_BE_U_2(header_lsp->pdu_len); if (packet_len>pdu_len) { packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ length=pdu_len; } ND_PRINT("\n\t lsp-id: %s, seq: 0x%08x, lifetime: %5us\n\t chksum: 0x%04x", - isis_print_id(header_lsp->lsp_id, LSP_ID_LEN), - EXTRACT_BE_U_4(header_lsp->sequence_number), - EXTRACT_BE_U_2(header_lsp->remaining_lifetime), - EXTRACT_BE_U_2(header_lsp->checksum)); + isis_print_id(ndo, header_lsp->lsp_id, LSP_ID_LEN), + GET_BE_U_4(header_lsp->sequence_number), + GET_BE_U_2(header_lsp->remaining_lifetime), + GET_BE_U_2(header_lsp->checksum)); osi_print_cksum(ndo, (const uint8_t *)header_lsp->lsp_id, - EXTRACT_BE_U_2(header_lsp->checksum), + GET_BE_U_2(header_lsp->checksum), 12, length-12); ND_PRINT(", PDU length: %u, Flags: [ %s", @@ -2550,31 +2579,31 @@ isis_print(netdissect_options *ndo, case ISIS_PDU_L1_CSNP: case ISIS_PDU_L2_CSNP: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_csnp); if (length < ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE) goto trunc; if (ndo->ndo_vflag == 0) { - ND_PRINT(", src-id %s", isis_print_id(header_csnp->source_id, NODE_ID_LEN)); + ND_PRINT(", src-id %s", isis_print_id(ndo, header_csnp->source_id, NODE_ID_LEN)); ND_PRINT(", length %u", length); return (1); } - pdu_len=EXTRACT_BE_U_2(header_csnp->pdu_len); + pdu_len=GET_BE_U_2(header_csnp->pdu_len); if (packet_len>pdu_len) { packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ length=pdu_len; } ND_PRINT("\n\t source-id: %s, PDU length: %u", - isis_print_id(header_csnp->source_id, NODE_ID_LEN), + isis_print_id(ndo, header_csnp->source_id, NODE_ID_LEN), pdu_len); ND_PRINT("\n\t start lsp-id: %s", - isis_print_id(header_csnp->start_lsp_id, LSP_ID_LEN)); + isis_print_id(ndo, header_csnp->start_lsp_id, LSP_ID_LEN)); ND_PRINT("\n\t end lsp-id: %s", - isis_print_id(header_csnp->end_lsp_id, LSP_ID_LEN)); + isis_print_id(ndo, header_csnp->end_lsp_id, LSP_ID_LEN)); if (ndo->ndo_vflag > 1) { if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_CSNP_HEADER_SIZE)) @@ -2588,26 +2617,26 @@ isis_print(netdissect_options *ndo, case ISIS_PDU_L1_PSNP: case ISIS_PDU_L2_PSNP: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)) { - ND_PRINT("- bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)); + ND_PRINT("- bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_psnp); if (length < ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE) goto trunc; if (ndo->ndo_vflag == 0) { - ND_PRINT(", src-id %s", isis_print_id(header_psnp->source_id, NODE_ID_LEN)); + ND_PRINT(", src-id %s", isis_print_id(ndo, header_psnp->source_id, NODE_ID_LEN)); ND_PRINT(", length %u", length); return (1); } - pdu_len=EXTRACT_BE_U_2(header_psnp->pdu_len); + pdu_len=GET_BE_U_2(header_psnp->pdu_len); if (packet_len>pdu_len) { packet_len=pdu_len; /* do TLV decoding as long as it makes sense */ length=pdu_len; } ND_PRINT("\n\t source-id: %s, PDU length: %u", - isis_print_id(header_psnp->source_id, NODE_ID_LEN), + isis_print_id(ndo, header_psnp->source_id, NODE_ID_LEN), pdu_len); if (ndo->ndo_vflag > 1) { @@ -2636,8 +2665,8 @@ isis_print(netdissect_options *ndo, ND_TCHECK_2(pptr); if (packet_len < 2) goto trunc; - tlv_type = EXTRACT_U_1(pptr); - tlv_len = EXTRACT_U_1(pptr + 1); + tlv_type = GET_U_1(pptr); + tlv_len = GET_U_1(pptr + 1); pptr += 2; packet_len -= 2; tlen = tlv_len; /* copy temporary len & pointer to packet data */ @@ -2651,56 +2680,56 @@ isis_print(netdissect_options *ndo, tlv_type, tlv_len); - if (tlv_len == 0) /* something is invalid */ - continue; - if (packet_len < tlv_len) goto trunc; /* now check if we have a decoder otherwise do a hexdump at the end*/ switch (tlv_type) { case ISIS_TLV_AREA_ADDR: - ND_TCHECK_1(tptr); - alen = EXTRACT_U_1(tptr); - tptr++; - while (tlen && alen < tlen) { + while (tlen != 0) { + ND_TCHECK_1(tptr); + alen = GET_U_1(tptr); + tptr++; + tlen--; + if (tlen < alen) + goto tlv_trunc; ND_TCHECK_LEN(tptr, alen); ND_PRINT("\n\t Area address (length: %u): %s", alen, isonsap_string(ndo, tptr, alen)); tptr += alen; - tlen -= alen + 1; - if (tlen==0) /* if this is the last area address do not attempt a boundary check */ - break; - ND_TCHECK_1(tptr); - alen = EXTRACT_U_1(tptr); - tptr++; + tlen -= alen; } break; case ISIS_TLV_ISNEIGH: - while (tlen >= MAC_ADDR_LEN) { + while (tlen != 0) { + if (tlen < MAC_ADDR_LEN) + goto tlv_trunc; ND_TCHECK_LEN(tptr, MAC_ADDR_LEN); - ND_PRINT("\n\t SNPA: %s", isis_print_id(tptr, MAC_ADDR_LEN)); + ND_PRINT("\n\t SNPA: %s", isis_print_id(ndo, tptr, MAC_ADDR_LEN)); tlen -= MAC_ADDR_LEN; tptr += MAC_ADDR_LEN; } break; case ISIS_TLV_ISNEIGH_VARLEN: - if (!ND_TTEST_1(tptr) || tlen < 3) /* min. TLV length */ - goto trunc; - lan_alen = EXTRACT_U_1(tptr); /* LAN address length */ + if (tlen < 1) + goto tlv_trunc; + ND_TCHECK_1(tptr); + lan_alen = GET_U_1(tptr); /* LAN address length */ tptr++; + tlen--; if (lan_alen == 0) { ND_PRINT("\n\t LAN address length 0 bytes"); nd_print_invalid(ndo); break; } - tlen --; ND_PRINT("\n\t LAN address length %u bytes ", lan_alen); - while (tlen >= lan_alen) { + while (tlen != 0) { + if (tlen < lan_alen) + goto tlv_trunc; ND_TCHECK_LEN(tptr, lan_alen); - ND_PRINT("\n\t\tIS Neighbor: %s", isis_print_id(tptr, lan_alen)); + ND_PRINT("\n\t\tIS Neighbor: %s", isis_print_id(ndo, tptr, lan_alen)); tlen -= lan_alen; tptr +=lan_alen; } @@ -2710,52 +2739,71 @@ isis_print(netdissect_options *ndo, break; case ISIS_TLV_MT_IS_REACH: - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) /* did something go wrong ? */ goto trunc; tptr+=mt_len; tlen-=mt_len; - while (tlen >= 2+NODE_ID_LEN+3+1) { + while (tlen != 0) { ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); if (ext_is_len == 0) /* did something go wrong ? */ goto trunc; - - tlen-=ext_is_len; - tptr+=ext_is_len; + if (tlen < ext_is_len) { + ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_is_len); + nd_print_invalid(ndo); + break; + } + tlen-=(uint8_t)ext_is_len; + tptr+=(uint8_t)ext_is_len; } break; case ISIS_TLV_IS_ALIAS_ID: - while (tlen >= NODE_ID_LEN+1) { /* is it worth attempting a decode ? */ + while (tlen != 0) { ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); if (ext_is_len == 0) /* did something go wrong ? */ goto trunc; - tlen-=ext_is_len; - tptr+=ext_is_len; + if (tlen < ext_is_len) { + ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_is_len); + nd_print_invalid(ndo); + break; + } + tlen-=(uint8_t)ext_is_len; + tptr+=(uint8_t)ext_is_len; } break; case ISIS_TLV_EXT_IS_REACH: - while (tlen >= NODE_ID_LEN+3+1) { /* is it worth attempting a decode ? */ + while (tlen != 0) { ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); if (ext_is_len == 0) /* did something go wrong ? */ goto trunc; - tlen-=ext_is_len; - tptr+=ext_is_len; + if (tlen < ext_is_len) { + ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_is_len); + nd_print_invalid(ndo); + break; + } + tlen-=(uint8_t)ext_is_len; + tptr+=(uint8_t)ext_is_len; } break; case ISIS_TLV_IS_REACH: + if (tlen < 1) + goto tlv_trunc; ND_TCHECK_1(tptr); /* check if there is one byte left to read out the virtual flag */ ND_PRINT("\n\t %s", tok2str(isis_is_reach_virtual_values, "bogus virtual flag 0x%02x", - EXTRACT_U_1(tptr))); + GET_U_1(tptr))); tptr++; + tlen--; tlv_is_reach = (const struct isis_tlv_is_reach *)tptr; - while (tlen >= sizeof(struct isis_tlv_is_reach)) { + while (tlen != 0) { + if (tlen < sizeof(struct isis_tlv_is_reach)) + goto tlv_trunc; ND_TCHECK_SIZE(tlv_is_reach); ND_PRINT("\n\t IS Neighbor: %s", - isis_print_id(tlv_is_reach->neighbor_nodeid, NODE_ID_LEN)); + isis_print_id(ndo, tlv_is_reach->neighbor_nodeid, NODE_ID_LEN)); isis_print_metric_block(ndo, &tlv_is_reach->isis_metric_block); tlen -= sizeof(struct isis_tlv_is_reach); tlv_is_reach++; @@ -2764,10 +2812,12 @@ isis_print(netdissect_options *ndo, case ISIS_TLV_ESNEIGH: tlv_es_reach = (const struct isis_tlv_es_reach *)tptr; - while (tlen >= sizeof(struct isis_tlv_es_reach)) { + while (tlen != 0) { + if (tlen < sizeof(struct isis_tlv_es_reach)) + goto tlv_trunc; ND_TCHECK_SIZE(tlv_es_reach); ND_PRINT("\n\t ES Neighbor: %s", - isis_print_id(tlv_es_reach->neighbor_sysid, SYSTEM_ID_LEN)); + isis_print_id(ndo, tlv_es_reach->neighbor_sysid, SYSTEM_ID_LEN)); isis_print_metric_block(ndo, &tlv_es_reach->isis_metric_block); tlen -= sizeof(struct isis_tlv_es_reach); tlv_es_reach++; @@ -2782,61 +2832,83 @@ isis_print(netdissect_options *ndo, break; case ISIS_TLV_EXTD_IP_REACH: - while (tlen>0) { + while (tlen != 0) { ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); if (ext_ip_len == 0) /* did something go wrong ? */ goto trunc; - tptr+=ext_ip_len; - tlen-=ext_ip_len; - } - break; + if (tlen < ext_ip_len) { + ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); + nd_print_invalid(ndo); + break; + } + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; + } + break; case ISIS_TLV_MT_IP_REACH: - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) { /* did something go wrong ? */ goto trunc; } tptr+=mt_len; tlen-=mt_len; - while (tlen>0) { + while (tlen != 0) { ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); if (ext_ip_len == 0) /* did something go wrong ? */ goto trunc; - tptr+=ext_ip_len; - tlen-=ext_ip_len; - } - break; + if (tlen < ext_ip_len) { + ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); + nd_print_invalid(ndo); + break; + } + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; + } + break; case ISIS_TLV_IP6_REACH: - while (tlen>0) { + while (tlen != 0) { ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); if (ext_ip_len == 0) /* did something go wrong ? */ goto trunc; - tptr+=ext_ip_len; - tlen-=ext_ip_len; - } - break; + if (tlen < ext_ip_len) { + ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); + nd_print_invalid(ndo); + break; + } + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; + } + break; case ISIS_TLV_MT_IP6_REACH: - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) { /* did something go wrong ? */ goto trunc; } tptr+=mt_len; tlen-=mt_len; - while (tlen>0) { + while (tlen != 0) { ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET6); if (ext_ip_len == 0) /* did something go wrong ? */ goto trunc; - tptr+=ext_ip_len; - tlen-=ext_ip_len; - } - break; + if (tlen < ext_ip_len) { + ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_ip_len); + nd_print_invalid(ndo); + break; + } + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; + } + break; case ISIS_TLV_IP6ADDR: - while (tlen>=sizeof(nd_ipv6)) { + while (tlen != 0) { + if (tlen < sizeof(nd_ipv6)) + goto tlv_trunc; ND_TCHECK_LEN(tptr, sizeof(nd_ipv6)); ND_PRINT("\n\t IPv6 interface address: %s", @@ -2847,44 +2919,53 @@ isis_print(netdissect_options *ndo, } break; case ISIS_TLV_AUTH: + if (tlen < 1) + goto tlv_trunc; ND_TCHECK_1(tptr); + auth_type = GET_U_1(tptr); + tptr++; + tlen--; ND_PRINT("\n\t %s: ", tok2str(isis_subtlv_auth_values, "unknown Authentication type 0x%02x", - EXTRACT_U_1(tptr))); + auth_type)); - switch (EXTRACT_U_1(tptr)) { + switch (auth_type) { case ISIS_SUBTLV_AUTH_SIMPLE: - if (nd_printzp(ndo, tptr + 1, tlv_len - 1, ndo->ndo_snapend)) + if (nd_printzp(ndo, tptr, tlen, ndo->ndo_snapend)) goto trunc; break; case ISIS_SUBTLV_AUTH_MD5: - for(i=1;i=1) { ND_TCHECK_1(tptr); ND_PRINT("\n\t Adjacency State: %s (%u)", - tok2str(isis_ptp_adjancey_values, "unknown", EXTRACT_U_1(tptr)), - EXTRACT_U_1(tptr)); + tok2str(isis_ptp_adjancey_values, "unknown", GET_U_1(tptr)), + GET_U_1(tptr)); tlen--; } if(tlen>sizeof(tlv_ptp_adj->extd_local_circuit_id)) { ND_TCHECK_4(tlv_ptp_adj->extd_local_circuit_id); ND_PRINT("\n\t Extended Local circuit-ID: 0x%08x", - EXTRACT_BE_U_4(tlv_ptp_adj->extd_local_circuit_id)); + GET_BE_U_4(tlv_ptp_adj->extd_local_circuit_id)); tlen-=sizeof(tlv_ptp_adj->extd_local_circuit_id); } if(tlen>=SYSTEM_ID_LEN) { ND_TCHECK_LEN(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN); ND_PRINT("\n\t Neighbor System-ID: %s", - isis_print_id(tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN)); + isis_print_id(ndo, tlv_ptp_adj->neighbor_sysid, SYSTEM_ID_LEN)); tlen-=SYSTEM_ID_LEN; } if(tlen>=sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id)) { ND_TCHECK_4(tlv_ptp_adj->neighbor_extd_local_circuit_id); ND_PRINT("\n\t Neighbor Extended Local circuit-ID: 0x%08x", - EXTRACT_BE_U_4(tlv_ptp_adj->neighbor_extd_local_circuit_id)); + GET_BE_U_4(tlv_ptp_adj->neighbor_extd_local_circuit_id)); } break; case ISIS_TLV_PROTOCOLS: ND_PRINT("\n\t NLPID(s): "); - while (tlen>0) { + while (tlen != 0) { ND_TCHECK_1(tptr); ND_PRINT("%s (0x%02x)", tok2str(nlpid_values, "unknown", - EXTRACT_U_1(tptr)), - EXTRACT_U_1(tptr)); + GET_U_1(tptr)), + GET_U_1(tptr)); if (tlen>1) /* further NPLIDs ? - put comma */ ND_PRINT(", "); tptr++; @@ -2934,47 +3015,54 @@ isis_print(netdissect_options *ndo, } break; - case ISIS_TLV_MT_PORT_CAP: - { - ND_TCHECK_2(tptr); - - ND_PRINT("\n\t RES: %u, MTID(s): %u", - (EXTRACT_BE_U_2(tptr) >> 12), - (EXTRACT_BE_U_2(tptr) & 0x0fff)); + case ISIS_TLV_MT_PORT_CAP: + { + if (tlen < 2) + goto tlv_trunc; + ND_TCHECK_2(tptr); - tlen = tlen-2; - tptr = tptr+2; + ND_PRINT("\n\t RES: %u, MTID(s): %u", + (GET_BE_U_2(tptr) >> 12), + (GET_BE_U_2(tptr) & 0x0fff)); - if (tlen) - isis_print_mt_port_cap_subtlv(ndo, tptr, tlen); + tptr += 2; + tlen -= 2; - break; - } + if (tlen) + isis_print_mt_port_cap_subtlv(ndo, tptr, tlen); - case ISIS_TLV_MT_CAPABILITY: + break; + } - ND_TCHECK_2(tptr); + case ISIS_TLV_MT_CAPABILITY: + if (tlen < 2) + goto tlv_trunc; + ND_TCHECK_2(tptr); - ND_PRINT("\n\t O: %u, RES: %u, MTID(s): %u", - (EXTRACT_BE_U_2(tptr) >> 15) & 0x01, - (EXTRACT_BE_U_2(tptr) >> 12) & 0x07, - EXTRACT_BE_U_2(tptr) & 0x0fff); + ND_PRINT("\n\t O: %u, RES: %u, MTID(s): %u", + (GET_BE_U_2(tptr) >> 15) & 0x01, + (GET_BE_U_2(tptr) >> 12) & 0x07, + GET_BE_U_2(tptr) & 0x0fff); - tlen = tlen-2; - tptr = tptr+2; + tptr += 2; + tlen -= 2; - if (tlen) - isis_print_mt_capability_subtlv(ndo, tptr, tlen); + if (tlen) + isis_print_mt_capability_subtlv(ndo, tptr, tlen); - break; + break; case ISIS_TLV_TE_ROUTER_ID: + if (tlen < sizeof(nd_ipv4)) + goto tlv_trunc; ND_TCHECK_LEN(pptr, sizeof(nd_ipv4)); ND_PRINT("\n\t Traffic Engineering Router ID: %s", ipaddr_string(ndo, pptr)); break; case ISIS_TLV_IPADDR: - while (tlen>=sizeof(nd_ipv4)) { + while (tlen != 0) { + if (tlen < sizeof(nd_ipv4)) + goto tlv_trunc; ND_TCHECK_LEN(tptr, sizeof(nd_ipv4)); ND_PRINT("\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr)); tptr += sizeof(nd_ipv4); @@ -2992,14 +3080,15 @@ isis_print(netdissect_options *ndo, if (tlen < NODE_ID_LEN) break; ND_TCHECK_LEN(tptr, NODE_ID_LEN); - ND_PRINT("\n\t IS Neighbor: %s", isis_print_id(tptr, NODE_ID_LEN)); + ND_PRINT("\n\t IS Neighbor: %s", isis_print_id(ndo, tptr, NODE_ID_LEN)); tptr+=NODE_ID_LEN; tlen-=NODE_ID_LEN; if (tlen < 1) break; ND_TCHECK_1(tptr); - ND_PRINT(", Flags: [%s]", ISIS_MASK_TLV_SHARED_RISK_GROUP(EXTRACT_U_1(tptr)) ? "numbered" : "unnumbered"); + ND_PRINT(", Flags: [%s]", + ISIS_MASK_TLV_SHARED_RISK_GROUP(GET_U_1(tptr)) ? "numbered" : "unnumbered"); tptr++; tlen--; @@ -3017,9 +3106,11 @@ isis_print(netdissect_options *ndo, tptr+=sizeof(nd_ipv4); tlen-=sizeof(nd_ipv4); - while (tlen>=4) { + while (tlen != 0) { + if (tlen < 4) + goto tlv_trunc; ND_TCHECK_4(tptr); - ND_PRINT("\n\t Link-ID: 0x%08x", EXTRACT_BE_U_4(tptr)); + ND_PRINT("\n\t Link-ID: 0x%08x", GET_BE_U_4(tptr)); tptr+=4; tlen-=4; } @@ -3027,16 +3118,20 @@ isis_print(netdissect_options *ndo, case ISIS_TLV_LSP: tlv_lsp = (const struct isis_tlv_lsp *)tptr; - while(tlen>=sizeof(struct isis_tlv_lsp)) { + while (tlen != 0) { + if (tlen < sizeof(struct isis_tlv_lsp)) + goto tlv_trunc; ND_TCHECK_1(tlv_lsp->lsp_id + LSP_ID_LEN - 1); ND_PRINT("\n\t lsp-id: %s", - isis_print_id(tlv_lsp->lsp_id, LSP_ID_LEN)); + isis_print_id(ndo, tlv_lsp->lsp_id, LSP_ID_LEN)); ND_TCHECK_4(tlv_lsp->sequence_number); - ND_PRINT(", seq: 0x%08x", EXTRACT_BE_U_4(tlv_lsp->sequence_number)); + ND_PRINT(", seq: 0x%08x", + GET_BE_U_4(tlv_lsp->sequence_number)); ND_TCHECK_2(tlv_lsp->remaining_lifetime); - ND_PRINT(", lifetime: %5ds", EXTRACT_BE_U_2(tlv_lsp->remaining_lifetime)); + ND_PRINT(", lifetime: %5ds", + GET_BE_U_2(tlv_lsp->remaining_lifetime)); ND_TCHECK_2(tlv_lsp->checksum); - ND_PRINT(", chksum: 0x%04x", EXTRACT_BE_U_2(tlv_lsp->checksum)); + ND_PRINT(", chksum: 0x%04x", GET_BE_U_2(tlv_lsp->checksum)); tlen-=sizeof(struct isis_tlv_lsp); tlv_lsp++; } @@ -3046,38 +3141,52 @@ isis_print(netdissect_options *ndo, if (tlen < ISIS_TLV_CHECKSUM_MINLEN) break; ND_TCHECK_LEN(tptr, ISIS_TLV_CHECKSUM_MINLEN); - ND_PRINT("\n\t checksum: 0x%04x ", EXTRACT_BE_U_2(tptr)); + ND_PRINT("\n\t checksum: 0x%04x ", GET_BE_U_2(tptr)); /* do not attempt to verify the checksum if it is zero * most likely a HMAC-MD5 TLV is also present and * to avoid conflicts the checksum TLV is zeroed. * see rfc3358 for details */ - osi_print_cksum(ndo, optr, EXTRACT_BE_U_2(tptr), (int)(tptr-optr), + osi_print_cksum(ndo, optr, GET_BE_U_2(tptr), (int)(tptr-optr), length); break; case ISIS_TLV_POI: - if (tlv_len >= SYSTEM_ID_LEN + 1) { - ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN + 1); + if (tlen < 1) + goto tlv_trunc; + ND_TCHECK_1(tptr); + num_system_ids = GET_U_1(tptr); + tptr++; + tlen--; + if (num_system_ids == 0) { + /* Not valid */ + ND_PRINT(" No system IDs supplied"); + } else { + if (tlen < SYSTEM_ID_LEN) + goto tlv_trunc; + ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); ND_PRINT("\n\t Purge Originator System-ID: %s", - isis_print_id(tptr + 1, SYSTEM_ID_LEN)); - } - - if (tlv_len == 2 * SYSTEM_ID_LEN + 1) { - ND_TCHECK_LEN(tptr, 2 * SYSTEM_ID_LEN + 1); - ND_PRINT("\n\t Received from System-ID: %s", - isis_print_id(tptr + SYSTEM_ID_LEN + 1, SYSTEM_ID_LEN)); + isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); + tptr += SYSTEM_ID_LEN; + tlen -= SYSTEM_ID_LEN; + + if (num_system_ids > 1) { + if (tlen < SYSTEM_ID_LEN) + goto tlv_trunc; + ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); + ND_TCHECK_LEN(tptr, 2 * SYSTEM_ID_LEN + 1); + ND_PRINT("\n\t Received from System-ID: %s", + isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); + } } break; case ISIS_TLV_MT_SUPPORTED: - if (tlen < ISIS_TLV_MT_SUPPORTED_MINLEN) - break; - while (tlen>1) { + while (tlen != 0) { /* length can only be a multiple of 2, otherwise there is something broken -> so decode down until length is 1 */ if (tlen!=1) { - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) /* did something go wrong ? */ goto trunc; tptr+=mt_len; @@ -3095,7 +3204,7 @@ isis_print(netdissect_options *ndo, break; ND_TCHECK_LEN(tptr, ISIS_TLV_RESTART_SIGNALING_FLAGLEN); ND_PRINT("\n\t Flags [%s]", - bittok2str(isis_restart_flag_values, "none", EXTRACT_U_1(tptr))); + bittok2str(isis_restart_flag_values, "none", GET_U_1(tptr))); tptr+=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; tlen-=ISIS_TLV_RESTART_SIGNALING_FLAGLEN; @@ -3107,52 +3216,57 @@ isis_print(netdissect_options *ndo, break; ND_TCHECK_LEN(tptr, ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN); - ND_PRINT(", Remaining holding time %us", EXTRACT_BE_U_2(tptr)); + ND_PRINT(", Remaining holding time %us", GET_BE_U_2(tptr)); tptr+=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; tlen-=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN; /* is there an additional sysid field present ?*/ if (tlen == SYSTEM_ID_LEN) { ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); - ND_PRINT(", for %s", isis_print_id(tptr,SYSTEM_ID_LEN)); + ND_PRINT(", for %s", isis_print_id(ndo, tptr,SYSTEM_ID_LEN)); } break; case ISIS_TLV_IDRP_INFO: - if (tlen < ISIS_TLV_IDRP_INFO_MINLEN) + if (tlen < 1) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_IDRP_INFO_MINLEN); + ND_TCHECK_1(tptr); + isis_subtlv_idrp = GET_U_1(tptr); ND_PRINT("\n\t Inter-Domain Information Type: %s", tok2str(isis_subtlv_idrp_values, "Unknown (0x%02x)", - EXTRACT_U_1(tptr))); - isis_subtlv_idrp = EXTRACT_U_1(tptr); + isis_subtlv_idrp)); tptr++; + tlen--; switch (isis_subtlv_idrp) { case ISIS_SUBTLV_IDRP_ASN: + if (tlen < 2) + goto tlv_trunc; ND_TCHECK_2(tptr); /* fetch AS number */ - ND_PRINT("AS Number: %u", EXTRACT_BE_U_2(tptr)); + ND_PRINT("AS Number: %u", GET_BE_U_2(tptr)); break; case ISIS_SUBTLV_IDRP_LOCAL: case ISIS_SUBTLV_IDRP_RES: default: - if (!print_unknown_data(ndo, tptr, "\n\t ", tlv_len - 1)) + if (!print_unknown_data(ndo, tptr, "\n\t ", tlen)) return(0); break; } break; case ISIS_TLV_LSP_BUFFERSIZE: - if (tlen < ISIS_TLV_LSP_BUFFERSIZE_MINLEN) + if (tlen < 2) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_LSP_BUFFERSIZE_MINLEN); - ND_PRINT("\n\t LSP Buffersize: %u", EXTRACT_BE_U_2(tptr)); + ND_TCHECK_2(tptr); + ND_PRINT("\n\t LSP Buffersize: %u", GET_BE_U_2(tptr)); break; case ISIS_TLV_PART_DIS: - while (tlen >= SYSTEM_ID_LEN) { + while (tlen != 0) { + if (tlen < SYSTEM_ID_LEN) + goto tlv_trunc; ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); - ND_PRINT("\n\t %s", isis_print_id(tptr, SYSTEM_ID_LEN)); + ND_PRINT("\n\t %s", isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); tptr+=SYSTEM_ID_LEN; tlen-=SYSTEM_ID_LEN; } @@ -3167,15 +3281,15 @@ isis_print(netdissect_options *ndo, tptr+=sizeof(struct isis_metric_block); tlen-=sizeof(struct isis_metric_block); - while(tlen>0) { + while (tlen != 0) { ND_TCHECK_1(tptr); - prefix_len=EXTRACT_U_1(tptr); /* read out prefix length in semioctets*/ + prefix_len=GET_U_1(tptr); /* read out prefix length in semioctets*/ tptr++; + tlen--; if (prefix_len < 2) { ND_PRINT("\n\t\tAddress: prefix length %u < 2", prefix_len); break; } - tlen--; if (tlen < prefix_len/2) break; ND_TCHECK_LEN(tptr, prefix_len / 2); @@ -3187,23 +3301,23 @@ isis_print(netdissect_options *ndo, break; case ISIS_TLV_IIH_SEQNR: - if (tlen < ISIS_TLV_IIH_SEQNR_MINLEN) + if (tlen < 4) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_IIH_SEQNR_MINLEN); /* check if four bytes are on the wire */ - ND_PRINT("\n\t Sequence number: %u", EXTRACT_BE_U_4(tptr)); + ND_TCHECK_4(tptr); /* check if four bytes are on the wire */ + ND_PRINT("\n\t Sequence number: %u", GET_BE_U_4(tptr)); break; case ISIS_TLV_VENDOR_PRIVATE: - if (tlen < ISIS_TLV_VENDOR_PRIVATE_MINLEN) + if (tlen < 3) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_VENDOR_PRIVATE_MINLEN); /* check if enough byte for a full oui */ - vendor_id = EXTRACT_BE_U_3(tptr); + ND_TCHECK_3(tptr); /* check if enough byte for a full oui */ + vendor_id = GET_BE_U_3(tptr); ND_PRINT("\n\t Vendor: %s (%u)", tok2str(oui_values, "Unknown", vendor_id), vendor_id); tptr+=3; tlen-=3; - if (tlen > 0) /* hexdump the rest */ + if (tlen != 0) /* hexdump the rest */ if (!print_unknown_data(ndo, tptr, "\n\t\t", tlen)) return(0); break; @@ -3225,6 +3339,7 @@ isis_print(netdissect_options *ndo, } break; } +tlv_trunc: /* do we want to see an additionally hexdump ? */ if (ndo->ndo_vflag> 1) { if (!print_unknown_data(ndo, pptr, "\n\t ", tlv_len)) @@ -3263,7 +3378,7 @@ osi_print_cksum(netdissect_options *ndo, const uint8_t *pptr, ND_PRINT(" (unverified)"); } else { #if 0 - printf("\nosi_print_cksum: %p %d %u\n", pptr, checksum_offset, length); + ND_PRINT("\nosi_print_cksum: %p %d %u\n", pptr, checksum_offset, length); #endif calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); if (checksum == calculated_checksum) {