X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/3cd5403c8fdb23fdeb7d551a9925a38a3ab3cf40..61c422a88caefe986c2bc0a7f2f3028f696fa5cd:/print-radius.c diff --git a/print-radius.c b/print-radius.c index 1b88bb8d..5ce68d16 100644 --- a/print-radius.c +++ b/print-radius.c @@ -569,7 +569,7 @@ static struct attrtype { { "Digest-Stale", NULL, 0, 0, print_attr_string }, { "Digest-HA1", NULL, 0, 0, print_attr_string }, { "SIP-AOR", NULL, 0, 0, print_attr_string }, - { "Delegated-IPv6-Prefix", NULL, 0, 0, print_attr_netmask6 } + { "Delegated-IPv6-Prefix", NULL, 0, 0, print_attr_netmask6 }, }; @@ -594,12 +594,12 @@ print_attr_string(netdissect_options *ndo, if (length < 3) goto trunc; if (*data && (*data <=0x1F) ) - ND_PRINT((ndo, "Tag[%u] ", *data)); + ND_PRINT((ndo, "Tag[%u] ", EXTRACT_U_1(data))); else ND_PRINT((ndo, "Tag[Unused] ")); data++; length--; - ND_PRINT((ndo, "Salt %u ", EXTRACT_16BITS(data))); + ND_PRINT((ndo, "Salt %u ", EXTRACT_BE_U_2(data))); data+=2; length-=2; break; @@ -614,7 +614,7 @@ print_attr_string(netdissect_options *ndo, if (length < 1) goto trunc; if (*data) - ND_PRINT((ndo, "Tag[%u] ", *data)); + ND_PRINT((ndo, "Tag[%u] ", EXTRACT_U_1(data))); else ND_PRINT((ndo, "Tag[Unused] ")); data++; @@ -625,15 +625,15 @@ print_attr_string(netdissect_options *ndo, if (length < 1) goto trunc; ND_PRINT((ndo, "%s (0x%02x) ", - tok2str(rfc4675_tagged,"Unknown tag",*data), - *data)); + tok2str(rfc4675_tagged,"Unknown tag",EXTRACT_U_1(data)), + EXTRACT_U_1(data))); data++; length--; break; } - for (i=0; i < length && *data; i++, data++) - ND_PRINT((ndo, "%c", (*data < 32 || *data > 126) ? '.' : *data)); + for (i=0; i < length && EXTRACT_U_1(data); i++, data++) + ND_PRINT((ndo, "%c", ND_ISPRINT(EXTRACT_U_1(data)) ? EXTRACT_U_1(data) : '.')); return; @@ -655,8 +655,8 @@ print_vendor_attr(netdissect_options *ndo, if (length < 4) goto trunc; - ND_TCHECK2(*data, 4); - vendor_id = EXTRACT_32BITS(data); + ND_TCHECK_4(data); + vendor_id = EXTRACT_BE_U_4(data); data+=4; length-=4; @@ -665,10 +665,10 @@ print_vendor_attr(netdissect_options *ndo, vendor_id)); while (length >= 2) { - ND_TCHECK2(*data, 2); + ND_TCHECK_2(data); vendor_type = *(data); - vendor_length = *(data+1); + vendor_length = EXTRACT_U_1(data + 1); if (vendor_length < 2) { @@ -693,7 +693,7 @@ print_vendor_attr(netdissect_options *ndo, vendor_type, vendor_length)); for (idx = 0; idx < vendor_length ; idx++, data++) - ND_PRINT((ndo, "%c", (*data < 32 || *data > 126) ? '.' : *data)); + ND_PRINT((ndo, "%c", ND_ISPRINT(EXTRACT_U_1(data)) ? EXTRACT_U_1(data) : '.')); length-=vendor_length; } return; @@ -721,7 +721,7 @@ print_attr_num(netdissect_options *ndo, return; } - ND_TCHECK2(data[0],4); + ND_TCHECK_4(data); /* This attribute has standard values */ if (attr_type[attr_code].siz_subtypes) { @@ -734,13 +734,13 @@ print_attr_num(netdissect_options *ndo, if (!*data) ND_PRINT((ndo, "Tag[Unused] ")); else - ND_PRINT((ndo, "Tag[%d] ", *data)); + ND_PRINT((ndo, "Tag[%d] ", EXTRACT_U_1(data))); data++; - data_value = EXTRACT_24BITS(data); + data_value = EXTRACT_BE_U_3(data); } else { - data_value = EXTRACT_32BITS(data); + data_value = EXTRACT_BE_U_4(data); } if ( data_value <= (uint32_t)(attr_type[attr_code].siz_subtypes - 1 + attr_type[attr_code].first_subtype) && @@ -754,10 +754,10 @@ print_attr_num(netdissect_options *ndo, switch(attr_code) /* Be aware of special cases... */ { case FRM_IPX: - if (EXTRACT_32BITS( data) == 0xFFFFFFFE ) + if (EXTRACT_BE_U_4(data) == 0xFFFFFFFE ) ND_PRINT((ndo, "NAS Select")); else - ND_PRINT((ndo, "%d", EXTRACT_32BITS(data))); + ND_PRINT((ndo, "%d", EXTRACT_BE_U_4(data))); break; case SESSION_TIMEOUT: @@ -765,7 +765,7 @@ print_attr_num(netdissect_options *ndo, case ACCT_DELAY: case ACCT_SESSION_TIME: case ACCT_INT_INTERVAL: - timeout = EXTRACT_32BITS( data); + timeout = EXTRACT_BE_U_4(data); if ( timeout < 60 ) ND_PRINT((ndo, "%02d secs", timeout)); else @@ -781,38 +781,38 @@ print_attr_num(netdissect_options *ndo, break; case FRM_ATALK_LINK: - if (EXTRACT_32BITS(data) ) - ND_PRINT((ndo, "%d", EXTRACT_32BITS(data))); + if (EXTRACT_BE_U_4(data)) + ND_PRINT((ndo, "%d", EXTRACT_BE_U_4(data))); else ND_PRINT((ndo, "Unnumbered")); break; case FRM_ATALK_NETWORK: - if (EXTRACT_32BITS(data) ) - ND_PRINT((ndo, "%d", EXTRACT_32BITS(data))); + if (EXTRACT_BE_U_4(data)) + ND_PRINT((ndo, "%d", EXTRACT_BE_U_4(data))); else ND_PRINT((ndo, "NAS assigned")); break; case TUNNEL_PREFERENCE: if (*data) - ND_PRINT((ndo, "Tag[%d] ", *data)); + ND_PRINT((ndo, "Tag[%d] ", EXTRACT_U_1(data))); else ND_PRINT((ndo, "Tag[Unused] ")); data++; - ND_PRINT((ndo, "%d", EXTRACT_24BITS(data))); + ND_PRINT((ndo, "%d", EXTRACT_BE_U_3(data))); break; case EGRESS_VLAN_ID: ND_PRINT((ndo, "%s (0x%02x) ", - tok2str(rfc4675_tagged,"Unknown tag",*data), - *data)); + tok2str(rfc4675_tagged,"Unknown tag",EXTRACT_U_1(data)), + EXTRACT_U_1(data))); data++; - ND_PRINT((ndo, "%d", EXTRACT_24BITS(data))); + ND_PRINT((ndo, "%d", EXTRACT_BE_U_3(data))); break; default: - ND_PRINT((ndo, "%d", EXTRACT_32BITS(data))); + ND_PRINT((ndo, "%d", EXTRACT_BE_U_4(data))); break; } /* switch */ @@ -842,16 +842,16 @@ print_attr_address(netdissect_options *ndo, return; } - ND_TCHECK2(data[0],4); + ND_TCHECK_4(data); switch(attr_code) { case FRM_IPADDR: case LOG_IPHOST: - if (EXTRACT_32BITS(data) == 0xFFFFFFFF ) + if (EXTRACT_BE_U_4(data) == 0xFFFFFFFF ) ND_PRINT((ndo, "User Selected")); else - if (EXTRACT_32BITS(data) == 0xFFFFFFFE ) + if (EXTRACT_BE_U_4(data) == 0xFFFFFFFE ) ND_PRINT((ndo, "NAS Select")); else ND_PRINT((ndo, "%s",ipaddr_string(ndo, data))); @@ -885,7 +885,7 @@ print_attr_address6(netdissect_options *ndo, return; } - ND_TCHECK2(data[0], 16); + ND_TCHECK_16(data); ND_PRINT((ndo, "%s", ip6addr_string(ndo, data))); @@ -899,25 +899,28 @@ static void print_attr_netmask6(netdissect_options *ndo, register const u_char *data, u_int length, u_short attr_code _U_) { - u_char data2[18]; + u_char data2[16]; if (length < 2 || length > 18) { ND_PRINT((ndo, "ERROR: length %u not in range (2..18)", length)); return; } - else if (data[1] > 128) + ND_TCHECK2(data[0], length); + if (EXTRACT_U_1(data + 1) > 128) { - ND_PRINT((ndo, "ERROR: netmask %u not in range (0..128)", data[1])); + ND_PRINT((ndo, "ERROR: netmask %u not in range (0..128)", EXTRACT_U_1(data + 1))); return; } - ND_TCHECK2(data[0], length); memset(data2, 0, sizeof(data2)); if (length > 2) memcpy(data2, data+2, length-2); - ND_PRINT((ndo, "%s/%u", ip6addr_string(ndo, data2), data[1])); + ND_PRINT((ndo, "%s/%u", ip6addr_string(ndo, data2), EXTRACT_U_1(data + 1))); + + if (EXTRACT_U_1(data + 1) > 8 * (length - 2)) + ND_PRINT((ndo, " (inconsistent prefix length)")); return; @@ -946,9 +949,9 @@ print_attr_time(netdissect_options *ndo, return; } - ND_TCHECK2(data[0],4); + ND_TCHECK_4(data); - attr_time = EXTRACT_32BITS(data); + attr_time = EXTRACT_BE_U_4(data); strlcpy(string, ctime(&attr_time), sizeof(string)); /* Get rid of the newline */ string[24] = '\0'; @@ -982,11 +985,11 @@ print_attr_strange(netdissect_options *ndo, return; } ND_PRINT((ndo, "User_challenge (")); - ND_TCHECK2(data[0],8); + ND_TCHECK_8(data); len_data = 8; PRINT_HEX(len_data, data); ND_PRINT((ndo, ") User_resp(")); - ND_TCHECK2(data[0],8); + ND_TCHECK_8(data); len_data = 8; PRINT_HEX(len_data, data); ND_PRINT((ndo, ")")); @@ -998,25 +1001,25 @@ print_attr_strange(netdissect_options *ndo, ND_PRINT((ndo, "ERROR: length %u != 14", length)); return; } - ND_TCHECK2(data[0],1); + ND_TCHECK_1(data); if (*data) ND_PRINT((ndo, "User can change password")); else ND_PRINT((ndo, "User cannot change password")); data++; - ND_TCHECK2(data[0],1); - ND_PRINT((ndo, ", Min password length: %d", *data)); + ND_TCHECK_1(data); + ND_PRINT((ndo, ", Min password length: %d", EXTRACT_U_1(data))); data++; ND_PRINT((ndo, ", created at: ")); - ND_TCHECK2(data[0],4); + ND_TCHECK_4(data); len_data = 4; PRINT_HEX(len_data, data); ND_PRINT((ndo, ", expires in: ")); - ND_TCHECK2(data[0],4); + ND_TCHECK_4(data); len_data = 4; PRINT_HEX(len_data, data); ND_PRINT((ndo, ", Current Time: ")); - ND_TCHECK2(data[0],4); + ND_TCHECK_4(data); len_data = 4; PRINT_HEX(len_data, data); break; @@ -1027,7 +1030,7 @@ print_attr_strange(netdissect_options *ndo, ND_PRINT((ndo, "ERROR: length %u != 8", length)); return; } - ND_TCHECK2(data[0],8); + ND_TCHECK_8(data); len_data = 8; PRINT_HEX(len_data, data); break; @@ -1038,9 +1041,9 @@ print_attr_strange(netdissect_options *ndo, ND_PRINT((ndo, "Error: length %u != 4", length)); return; } - ND_TCHECK2(data[0],4); + ND_TCHECK_4(data); - error_cause_value = EXTRACT_32BITS(data); + error_cause_value = EXTRACT_BE_U_4(data); ND_PRINT((ndo, "Error cause %u: %s", error_cause_value, tok2str(errorcausetype, "Error-Cause %u not known", error_cause_value))); break; } @@ -1120,7 +1123,7 @@ radius_print(netdissect_options *ndo, ND_TCHECK2(*dat, MIN_RADIUS_LEN); rad = (const struct radius_hdr *)dat; - len = EXTRACT_16BITS(&rad->len); + len = EXTRACT_BE_U_2(&rad->len); if (len < MIN_RADIUS_LEN) {