X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/3824a6c0417a551961d1a1bf4f94f10eff736afc..d511b994b9931460771dc56c70b791204178d157:/print-ip.c

diff --git a/print-ip.c b/print-ip.c
index 45e84f0c..f4267222 100644
--- a/print-ip.c
+++ b/print-ip.c
@@ -19,6 +19,10 @@
  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
+#ifndef lint
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.132 2003-11-19 00:36:07 guy Exp $ (LBL)";
+#endif
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -34,10 +38,6 @@
 #include "interface.h"
 #include "extract.h"			/* must come after interface.h */
 
-#ifndef lint
-static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.129 2003-11-15 00:39:27 guy Exp $ (LBL)";
-#endif
 #include "ip.h"
 #include "ipproto.h"
 
@@ -358,6 +358,7 @@ ip_print(register const u_char *bp, register u_int length)
 {
 	register const struct ip *ip;
 	register u_int hlen, len, len0, off;
+	const u_char *ipend;
 	register const u_char *cp;
 	u_char nh;
 	int advance;
@@ -383,14 +384,26 @@ ip_print(register const u_char *bp, register u_int length)
 	}
 	hlen = IP_HL(ip) * 4;
 	if (hlen < sizeof (struct ip)) {
-		(void)printf("bad-hlen %d", hlen);
+		(void)printf("bad-hlen %u", hlen);
 		return;
 	}
 
 	len = EXTRACT_16BITS(&ip->ip_len);
 	if (length < len)
-		(void)printf("truncated-ip - %d bytes missing! ",
+		(void)printf("truncated-ip - %u bytes missing! ",
 			len - length);
+	if (len < hlen) {
+		(void)printf("bad-len %u", len);
+		return;
+	}
+
+	/*
+	 * Cut off the snapshot length to the end of the IP payload.
+	 */
+	ipend = bp + len;
+	if (ipend < snapend)
+		snapend = ipend;
+
 	len -= hlen;
 	len0 = len;
 
@@ -465,6 +478,8 @@ again:
 		case IPPROTO_AH:
 			nh = *cp;
 			advance = ah_print(cp);
+			if (advance <= 0)
+				break;
 			cp += advance;
 			len -= advance;
 			goto again;
@@ -473,10 +488,10 @@ again:
 		    {
 			int enh, padlen;
 			advance = esp_print(cp, (const u_char *)ip, &enh, &padlen);
+			if (advance <= 0)
+				break;
 			cp += advance;
 			len -= advance + padlen;
-			if (enh < 0)
-				break;
 			nh = enh & 0xff;
 			goto again;
 		    }
@@ -485,10 +500,10 @@ again:
 		    {
 			int enh;
 			advance = ipcomp_print(cp, &enh);
+			if (advance <= 0)
+				break;
 			cp += advance;
 			len -= advance;
-			if (enh < 0)
-				break;
 			nh = enh & 0xff;
 			goto again;
 		    }