X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/49b23c5a9b0198bb382dcf43c458d46fcf2fa809..1a04b92e365f5ed01ca38619b41bcc4fc9cbd63c:/print-hncp.c diff --git a/print-hncp.c b/print-hncp.c index 87ee8bbb..00ab04d1 100644 --- a/print-hncp.c +++ b/print-hncp.c @@ -68,8 +68,8 @@ hncp_print(netdissect_options *ndo, #define HNCP_EXTERNAL_CONNECTION 33 #define HNCP_DELEGATED_PREFIX 34 #define HNCP_PREFIX_POLICY 43 -#define HNCP_DHCPV4_DATA 37 -#define HNCP_DHCPV6_DATA 38 +#define HNCP_DHCPV4_DATA 37 /* This is correct, see RFC 7788 Errata ID 5113. */ +#define HNCP_DHCPV6_DATA 38 /* idem */ #define HNCP_ASSIGNED_PREFIX 35 #define HNCP_NODE_ADDRESS 36 #define HNCP_DNS_DELEGATED_ZONE 39 @@ -158,25 +158,26 @@ is_ipv4_mapped_address(const u_char *addr) static const char * format_nid(const u_char *data) { - static char buf[4][11+5]; + static char buf[4][sizeof("01:01:01:01")]; static int i = 0; i = (i + 1) % 4; - snprintf(buf[i], 16, "%02x:%02x:%02x:%02x", - data[0], data[1], data[2], data[3]); + snprintf(buf[i], sizeof(buf[i]), "%02x:%02x:%02x:%02x", + EXTRACT_U_1(data), EXTRACT_U_1(data + 1), EXTRACT_U_1(data + 2), + EXTRACT_U_1(data + 3)); return buf[i]; } static const char * format_256(const u_char *data) { - static char buf[4][64+5]; + static char buf[4][sizeof("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")]; static int i = 0; i = (i + 1) % 4; - snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64, - EXTRACT_64BITS(data), - EXTRACT_64BITS(data + 8), - EXTRACT_64BITS(data + 16), - EXTRACT_64BITS(data + 24) + snprintf(buf[i], sizeof(buf[i]), "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64, + EXTRACT_BE_U_8(data), + EXTRACT_BE_U_8(data + 8), + EXTRACT_BE_U_8(data + 16), + EXTRACT_BE_U_8(data + 24) ); return buf[i]; } @@ -206,12 +207,12 @@ print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length) int plenbytes; char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx::/128")]; - if (prefix[0] >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 && - is_ipv4_mapped_address(&prefix[1])) { + if (EXTRACT_U_1(prefix) >= 96 && max_length >= IPV4_MAPPED_HEADING_LEN + 1 && + is_ipv4_mapped_address(prefix + 1)) { struct in_addr addr; u_int plen; - plen = prefix[0]-96; + plen = EXTRACT_U_1(prefix) - 96; if (32 < plen) return -1; max_length -= 1; @@ -220,7 +221,7 @@ print_prefix(netdissect_options *ndo, const u_char *prefix, u_int max_length) plenbytes = (plen + 7) / 8; if (max_length < (u_int)plenbytes + IPV4_MAPPED_HEADING_LEN) return -3; - memcpy(&addr, &prefix[1 + IPV4_MAPPED_HEADING_LEN], plenbytes); + memcpy(&addr, prefix + IPV4_MAPPED_HEADING_LEN + 1, plenbytes); if (plen % 8) { ((u_char *)&addr)[plenbytes - 1] &= ((0xff00 >> (plen % 8)) & 0xff); @@ -241,7 +242,8 @@ print_dns_label(netdissect_options *ndo, { u_int length = 0; while (length < max_length) { - u_int lab_length = cp[length++]; + u_int lab_length = EXTRACT_U_1(cp + length); + length++; if (lab_length == 0) return (int)length; if (length > 1 && print) @@ -265,14 +267,16 @@ dhcpv4_print(netdissect_options *ndo, const u_char *cp, u_int length, int indent) { u_int i, t; - const u_char *tlv, *value; + const uint8_t *tlv, *value; uint8_t type, optlen; i = 0; while (i < length) { + if (i + 2 > length) + return -1; tlv = cp + i; - type = (uint8_t)tlv[0]; - optlen = (uint8_t)tlv[1]; + type = EXTRACT_U_1(tlv); + optlen = EXTRACT_U_1(tlv + 1); value = tlv + 2; ND_PRINT((ndo, "\n")); @@ -281,6 +285,8 @@ dhcpv4_print(netdissect_options *ndo, ND_PRINT((ndo, "%s", tok2str(dh4opt_str, "Unknown", type))); ND_PRINT((ndo," (%u)", optlen + 2 )); + if (i + 2 + optlen > length) + return -1; switch (type) { case DH4OPT_DNS_SERVERS: @@ -318,9 +324,11 @@ dhcpv6_print(netdissect_options *ndo, i = 0; while (i < length) { + if (i + 4 > length) + return -1; tlv = cp + i; - type = EXTRACT_16BITS(tlv); - optlen = EXTRACT_16BITS(tlv + 2); + type = EXTRACT_BE_U_2(tlv); + optlen = EXTRACT_BE_U_2(tlv + 2); value = tlv + 4; ND_PRINT((ndo, "\n")); @@ -329,6 +337,8 @@ dhcpv6_print(netdissect_options *ndo, ND_PRINT((ndo, "%s", tok2str(dh6opt_str, "Unknown", type))); ND_PRINT((ndo," (%u)", optlen + 4 )); + if (i + 4 + optlen > length) + return -1; switch (type) { case DH6OPT_DNS_SERVERS: @@ -388,7 +398,7 @@ print_type_in_line(netdissect_options *ndo, } } -void +static void hncp_print_rec(netdissect_options *ndo, const u_char *cp, u_int length, int indent) { @@ -400,7 +410,7 @@ hncp_print_rec(netdissect_options *ndo, uint32_t last_type_mask = 0xffffffffU; int last_type_count = -1; - const u_char *tlv, *value; + const uint8_t *tlv, *value; uint16_t type, bodylen; uint32_t type_mask; @@ -414,14 +424,14 @@ hncp_print_rec(netdissect_options *ndo, ND_PRINT((ndo, "\t")); } - ND_TCHECK2(*tlv, 4); + ND_TCHECK_4(tlv); if (i + 4 > length) goto invalid; - type = EXTRACT_16BITS(tlv); - bodylen = EXTRACT_16BITS(tlv + 2); + type = EXTRACT_BE_U_2(tlv); + bodylen = EXTRACT_BE_U_2(tlv + 2); value = tlv + 4; - ND_TCHECK2(*value, bodylen); + ND_TCHECK_LEN(value, bodylen); if (i + bodylen + 4 > length) goto invalid; @@ -491,7 +501,7 @@ hncp_print_rec(netdissect_options *ndo, break; } node_identifier = format_nid(value); - endpoint_identifier = EXTRACT_32BITS(value + 4); + endpoint_identifier = EXTRACT_BE_U_4(value + 4); ND_PRINT((ndo, " NID: %s EPID: %08x", node_identifier, endpoint_identifier @@ -505,7 +515,7 @@ hncp_print_rec(netdissect_options *ndo, ND_PRINT((ndo, " %s", istr)); break; } - hash = EXTRACT_64BITS(value); + hash = EXTRACT_BE_U_8(value); ND_PRINT((ndo, " hash: %016" PRIx64, hash)); } break; @@ -519,9 +529,9 @@ hncp_print_rec(netdissect_options *ndo, break; } node_identifier = format_nid(value); - sequence_number = EXTRACT_32BITS(value + 4); - interval = format_interval(EXTRACT_32BITS(value + 8)); - hash = EXTRACT_64BITS(value + 12); + sequence_number = EXTRACT_BE_U_4(value + 4); + interval = format_interval(EXTRACT_BE_U_4(value + 8)); + hash = EXTRACT_BE_U_8(value + 12); ND_PRINT((ndo, " NID: %s seqno: %u %s hash: %016" PRIx64, node_identifier, sequence_number, @@ -540,8 +550,8 @@ hncp_print_rec(netdissect_options *ndo, break; } peer_node_identifier = format_nid(value); - peer_endpoint_identifier = EXTRACT_32BITS(value + 4); - endpoint_identifier = EXTRACT_32BITS(value + 8); + peer_endpoint_identifier = EXTRACT_BE_U_4(value + 4); + endpoint_identifier = EXTRACT_BE_U_4(value + 8); ND_PRINT((ndo, " Peer-NID: %s Peer-EPID: %08x Local-EPID: %08x", peer_node_identifier, peer_endpoint_identifier, @@ -557,8 +567,8 @@ hncp_print_rec(netdissect_options *ndo, ND_PRINT((ndo, " %s", istr)); break; } - endpoint_identifier = EXTRACT_32BITS(value); - interval = format_interval(EXTRACT_32BITS(value + 4)); + endpoint_identifier = EXTRACT_BE_U_4(value); + interval = format_interval(EXTRACT_BE_U_4(value + 4)); ND_PRINT((ndo, " EPID: %08x Interval: %s", endpoint_identifier, interval @@ -572,7 +582,7 @@ hncp_print_rec(netdissect_options *ndo, break; } ND_PRINT((ndo, " Verdict: %u Fingerprint: %s Common Name: ", - *value, + EXTRACT_U_1(value), format_256(value + 4))); safeputs(ndo, value + 36, bodylen - 36); } @@ -585,7 +595,7 @@ hncp_print_rec(netdissect_options *ndo, ND_PRINT((ndo, " %s", istr)); break; } - capabilities = EXTRACT_16BITS(value + 2); + capabilities = EXTRACT_BE_U_2(value + 2); M = (uint8_t)((capabilities >> 12) & 0xf); P = (uint8_t)((capabilities >> 8) & 0xf); H = (uint8_t)((capabilities >> 4) & 0xf); @@ -605,13 +615,13 @@ hncp_print_rec(netdissect_options *ndo, case HNCP_DELEGATED_PREFIX: { int l; - if (bodylen < 9 || bodylen < 9 + (value[8] + 7) / 8) { + if (bodylen < 9 || bodylen < 9 + (EXTRACT_U_1(value + 8) + 7) / 8) { ND_PRINT((ndo, " %s", istr)); break; } ND_PRINT((ndo, " VLSO: %s PLSO: %s Prefix: ", - format_interval(EXTRACT_32BITS(value)), - format_interval(EXTRACT_32BITS(value + 4)) + format_interval(EXTRACT_BE_U_4(value)), + format_interval(EXTRACT_BE_U_4(value + 4)) )); l = print_prefix(ndo, value + 8, bodylen - 8); if (l == -1) { @@ -645,7 +655,7 @@ hncp_print_rec(netdissect_options *ndo, ND_PRINT((ndo, " %s", istr)); break; } - policy = value[0]; + policy = EXTRACT_U_1(value); ND_PRINT((ndo, " type: ")); if (policy == 0) { if (bodylen != 1) { @@ -716,13 +726,13 @@ hncp_print_rec(netdissect_options *ndo, case HNCP_ASSIGNED_PREFIX: { uint8_t prty; int l; - if (bodylen < 6 || bodylen < 6 + (value[5] + 7) / 8) { + if (bodylen < 6 || bodylen < 6 + (EXTRACT_U_1(value + 5) + 7) / 8) { ND_PRINT((ndo, " %s", istr)); break; } - prty = (uint8_t)(value[4] & 0xf); + prty = EXTRACT_U_1(value + 4) & 0xf; ND_PRINT((ndo, " EPID: %08x Prty: %u", - EXTRACT_32BITS(value), + EXTRACT_BE_U_4(value), prty )); ND_PRINT((ndo, " Prefix: ")); @@ -745,7 +755,7 @@ hncp_print_rec(netdissect_options *ndo, ND_PRINT((ndo, " %s", istr)); break; } - endpoint_identifier = EXTRACT_32BITS(value); + endpoint_identifier = EXTRACT_BE_U_4(value); ip_address = format_ip6addr(ndo, value + 4); ND_PRINT((ndo, " EPID: %08x IP Address: %s", endpoint_identifier, @@ -766,9 +776,9 @@ hncp_print_rec(netdissect_options *ndo, ip_address = format_ip6addr(ndo, value); ND_PRINT((ndo, " IP-Address: %s %c%c%c ", ip_address, - (value[16] & 4) ? 'l' : '-', - (value[16] & 2) ? 'b' : '-', - (value[16] & 1) ? 's' : '-' + (EXTRACT_U_1(value + 16) & 4) ? 'l' : '-', + (EXTRACT_U_1(value + 16) & 2) ? 'b' : '-', + (EXTRACT_U_1(value + 16) & 1) ? 's' : '-' )); len = print_dns_label(ndo, value+17, bodylen-17, 1); if (len < 0) { @@ -798,7 +808,7 @@ hncp_print_rec(netdissect_options *ndo, ND_PRINT((ndo, " %s", istr)); break; } - l = value[16]; + l = EXTRACT_U_1(value + 16); if (bodylen < 17 + l) { ND_PRINT((ndo, " %s", istr)); break;