X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/546558eabd81cfc36a81a4df728fdfea0d83b41a..HEAD:/print-snmp.c diff --git a/print-snmp.c b/print-snmp.c index 856309b6..e1cc9771 100644 --- a/print-snmp.c +++ b/print-snmp.c @@ -58,25 +58,26 @@ /* \summary: Simple Network Management Protocol (SNMP) printer */ -#ifdef HAVE_CONFIG_H #include -#endif #include "netdissect-stdinc.h" #include #include +#include #ifdef USE_LIBSMI #include #endif +#include "netdissect-ctype.h" + +#define ND_LONGJMP_FROM_TCHECK #include "netdissect.h" #include "extract.h" #undef OPAQUE /* defined in */ -static const char tstr[] = "[|snmp]"; /* * Universal ASN.1 types @@ -198,7 +199,7 @@ static const char *ErrorStatus[] = { #define DECODE_ErrorStatus(e) \ ( e >= 0 && (size_t)e < sizeof(ErrorStatus)/sizeof(ErrorStatus[0]) \ ? ErrorStatus[e] \ - : (nd_snprintf(errbuf, sizeof(errbuf), "err=%u", e), errbuf)) + : (snprintf(errbuf, sizeof(errbuf), "err=%u", e), errbuf)) /* * generic-trap values in the SNMP Trap-PDU @@ -216,7 +217,7 @@ static const char *GenericTrap[] = { #define DECODE_GenericTrap(t) \ ( t >= 0 && (size_t)t < sizeof(GenericTrap)/sizeof(GenericTrap[0]) \ ? GenericTrap[t] \ - : (nd_snprintf(buf, sizeof(buf), "gt=%d", t), buf)) + : (snprintf(buf, sizeof(buf), "gt=%d", t), buf)) /* * ASN.1 type class table @@ -427,9 +428,8 @@ asn1_parse(netdissect_options *ndo, elem->type = BE_ANY; if (len < 1) { ND_PRINT("[nothing to parse]"); - return -1; + goto invalid; } - ND_TCHECK_1(p); /* * it would be nice to use a bit field, but you can't depend on them. @@ -438,14 +438,14 @@ asn1_parse(netdissect_options *ndo, * +---+---+---+---+---+---+---+---+ * 7 6 5 4 3 2 1 0 */ - id = EXTRACT_U_1(p) & ASN_ID_BITS; /* lower 5 bits, range 00-1f */ + id = GET_U_1(p) & ASN_ID_BITS; /* lower 5 bits, range 00-1f */ #ifdef notdef - form = (EXTRACT_U_1(p) & 0xe0) >> 5; /* move upper 3 bits to lower 3 */ + form = (GET_U_1(p) & 0xe0) >> 5; /* move upper 3 bits to lower 3 */ class = form >> 1; /* bits 7&6 -> bits 1&0, range 0-3 */ form &= 0x1; /* bit 5 -> bit 0, range 0-1 */ #else - form = (u_char)(EXTRACT_U_1(p) & ASN_FORM_BITS) >> ASN_FORM_SHIFT; - class = (u_char)(EXTRACT_U_1(p) & ASN_CLASS_BITS) >> ASN_CLASS_SHIFT; + form = (u_char)(GET_U_1(p) & ASN_FORM_BITS) >> ASN_FORM_SHIFT; + class = (u_char)(GET_U_1(p) & ASN_CLASS_BITS) >> ASN_CLASS_SHIFT; #endif elem->form = form; elem->class = class; @@ -464,63 +464,58 @@ asn1_parse(netdissect_options *ndo, * that won't fit in 32 bits. */ id = 0; - ND_TCHECK_1(p); - while (EXTRACT_U_1(p) & ASN_BIT8) { + while (GET_U_1(p) & ASN_BIT8) { if (len < 1) { ND_PRINT("[Xtagfield?]"); - return -1; + goto invalid; } - id = (id << 7) | (EXTRACT_U_1(p) & ~ASN_BIT8); + id = (id << 7) | (GET_U_1(p) & ~ASN_BIT8); len--; hdr++; p++; - ND_TCHECK_1(p); } if (len < 1) { ND_PRINT("[Xtagfield?]"); - return -1; + goto invalid; } - ND_TCHECK_1(p); - elem->id = id = (id << 7) | EXTRACT_U_1(p); + elem->id = id = (id << 7) | GET_U_1(p); --len; ++hdr; ++p; } if (len < 1) { ND_PRINT("[no asnlen]"); - return -1; + goto invalid; } - ND_TCHECK_1(p); - elem->asnlen = EXTRACT_U_1(p); + elem->asnlen = GET_U_1(p); p++; len--; hdr++; if (elem->asnlen & ASN_BIT8) { uint32_t noct = elem->asnlen % ASN_BIT8; elem->asnlen = 0; if (len < noct) { ND_PRINT("[asnlen? %d<%d]", len, noct); - return -1; + goto invalid; } - ND_TCHECK_LEN(p, noct); - for (; noct-- > 0; len--, hdr++) { - elem->asnlen = (elem->asnlen << ASN_SHIFT8) | EXTRACT_U_1(p); + for (; noct != 0; len--, hdr++, noct--) { + elem->asnlen = (elem->asnlen << ASN_SHIFT8) | GET_U_1(p); p++; } } if (len < elem->asnlen) { ND_PRINT("[len%dasnlen); - return -1; + goto invalid; } if (form >= sizeof(Form)/sizeof(Form[0])) { ND_PRINT("[form?%d]", form); - return -1; + goto invalid; } if (class >= sizeof(Class)/sizeof(Class[0])) { ND_PRINT("[class?%c/%d]", *Form[form], class); - return -1; + goto invalid; } if ((int)id >= Class[class].numIDs) { ND_PRINT("[id?%c/%s/%d]", *Form[form], Class[class].name, id); - return -1; + goto invalid; } ND_TCHECK_LEN(p, elem->asnlen); @@ -535,18 +530,18 @@ asn1_parse(netdissect_options *ndo, break; case INTEGER: { - int32_t data; + uint32_t data; elem->type = BE_INT; data = 0; if (elem->asnlen == 0) { ND_PRINT("[asnlen=0]"); - return -1; + goto invalid; } - if (EXTRACT_U_1(p) & ASN_BIT8) /* negative */ - data = -1; + if (GET_U_1(p) & ASN_BIT8) /* negative */ + data = UINT_MAX; for (i = elem->asnlen; i != 0; p++, i--) - data = (data << ASN_SHIFT8) | EXTRACT_U_1(p); + data = (data << ASN_SHIFT8) | GET_U_1(p); elem->data.integer = data; break; } @@ -583,7 +578,7 @@ asn1_parse(netdissect_options *ndo, elem->type = BE_UNS; data = 0; for (i = elem->asnlen; i != 0; p++, i--) - data = (data << 8) + EXTRACT_U_1(p); + data = (data << 8) + GET_U_1(p); elem->data.uns = data; break; } @@ -593,7 +588,7 @@ asn1_parse(netdissect_options *ndo, elem->type = BE_UNS64; data64 = 0; for (i = elem->asnlen; i != 0; p++, i--) - data64 = (data64 << 8) + EXTRACT_U_1(p); + data64 = (data64 << 8) + GET_U_1(p); elem->data.uns64 = data64; break; } @@ -668,29 +663,22 @@ asn1_parse(netdissect_options *ndo, len -= elem->asnlen; return elem->asnlen + hdr; -trunc: - ND_PRINT("%s", tstr); +invalid: return -1; } -static int +static void asn1_print_octets(netdissect_options *ndo, struct be *elem) { const u_char *p = (const u_char *)elem->data.raw; uint32_t asnlen = elem->asnlen; uint32_t i; - ND_TCHECK_LEN(p, asnlen); for (i = asnlen; i != 0; p++, i--) - ND_PRINT("_%.2x", EXTRACT_U_1(p)); - return 0; - -trunc: - ND_PRINT("%s", tstr); - return -1; + ND_PRINT("_%.2x", GET_U_1(p)); } -static int +static void asn1_print_string(netdissect_options *ndo, struct be *elem) { int printable = 1, first = 1; @@ -699,28 +687,19 @@ asn1_print_string(netdissect_options *ndo, struct be *elem) uint32_t i; p = elem->data.str; - ND_TCHECK_LEN(p, asnlen); for (i = asnlen; printable && i != 0; p++, i--) - printable = ND_ISPRINT(EXTRACT_U_1(p)); + printable = ND_ASCII_ISPRINT(GET_U_1(p)); p = elem->data.str; if (printable) { ND_PRINT("\""); - if (fn_printn(ndo, p, asnlen, ndo->ndo_snapend)) { - ND_PRINT("\""); - goto trunc; - } + nd_printjn(ndo, p, asnlen); ND_PRINT("\""); } else { for (i = asnlen; i != 0; p++, i--) { - ND_PRINT(first ? "%.2x" : "_%.2x", EXTRACT_U_1(p)); + ND_PRINT(first ? "%.2x" : "_%.2x", GET_U_1(p)); first = 0; } } - return 0; - -trunc: - ND_PRINT("%s", tstr); - return -1; } /* @@ -739,15 +718,15 @@ asn1_print(netdissect_options *ndo, switch (elem->type) { case BE_OCTET: - if (asn1_print_octets(ndo, elem) == -1) - return -1; + asn1_print_octets(ndo, elem); break; case BE_NULL: break; case BE_OID: { - int o = 0, first = -1; + int first = -1; + uint32_t o = 0; p = (const u_char *)elem->data.raw; i = asnlen; @@ -756,8 +735,7 @@ asn1_print(netdissect_options *ndo, for (; a->node; a++) { if (i < a->oid_len) continue; - if (!ND_TTEST_LEN(p, a->oid_len)) - continue; + ND_TCHECK_LEN(p, a->oid_len); if (memcmp(a->oid, p, a->oid_len) == 0) { objp = a->node->child; i -= a->oid_len; @@ -770,9 +748,8 @@ asn1_print(netdissect_options *ndo, } for (; i != 0; p++, i--) { - ND_TCHECK_1(p); - o = (o << ASN_SHIFT7) + (EXTRACT_U_1(p) & ~ASN_BIT8); - if (EXTRACT_U_1(p) & ASN_LONGLEN) + o = (o << ASN_SHIFT7) + (GET_U_1(p) & ~ASN_BIT8); + if (GET_U_1(p) & ASN_LONGLEN) continue; /* @@ -811,8 +788,7 @@ asn1_print(netdissect_options *ndo, break; case BE_STR: - if (asn1_print_string(ndo, elem) == -1) - return -1; + asn1_print_string(ndo, elem); break; case BE_SEQ: @@ -823,9 +799,8 @@ asn1_print(netdissect_options *ndo, if (asnlen != ASNLEN_INETADDR) ND_PRINT("[inetaddr len!=%d]", ASNLEN_INETADDR); p = (const u_char *)elem->data.raw; - ND_TCHECK_LEN(p, asnlen); for (i = asnlen; i != 0; p++, i--) { - ND_PRINT((i == asnlen) ? "%u" : ".%u", EXTRACT_U_1(p)); + ND_PRINT((i == asnlen) ? "%u" : ".%u", GET_U_1(p)); } break; @@ -847,11 +822,11 @@ asn1_print(netdissect_options *ndo, ND_PRINT("[be!?]"); break; } + /* This function now always returns 0. Don't make it void yet, as other + * code checks for negative result and this function might need to signal + * invalid data later. + */ return 0; - -trunc: - ND_PRINT("%s", tstr); - return -1; } #ifdef notdef @@ -870,7 +845,7 @@ asn1_decode(u_char *p, u_int length) struct be elem; int i = 0; - while (i >= 0 && length > 0) { + while (i >= 0 && length != 0) { i = asn1_parse(ndo, p, length, &elem); if (i >= 0) { ND_PRINT(" "); @@ -923,9 +898,8 @@ smi_decode_oid(netdissect_options *ndo, unsigned int firstval; for (*oidlen = 0; i != 0; p++, i--) { - ND_TCHECK_1(p); - o = (o << ASN_SHIFT7) + (EXTRACT_U_1(p) & ~ASN_BIT8); - if (EXTRACT_U_1(p) & ASN_LONGLEN) + o = (o << ASN_SHIFT7) + (GET_U_1(p) & ~ASN_BIT8); + if (GET_U_1(p) & ASN_LONGLEN) continue; /* @@ -933,7 +907,7 @@ smi_decode_oid(netdissect_options *ndo, * (see X.690:1997 clause 8.19 for the details) */ if (first < 0) { - first = 0; + first = 0; firstval = o / OIDMUX; if (firstval > 2) firstval = 2; o -= firstval * OIDMUX; @@ -947,10 +921,6 @@ smi_decode_oid(netdissect_options *ndo, o = 0; } return 0; - -trunc: - ND_PRINT("%s", tstr); - return -1; } static int smi_check_type(SmiBasetype basetype, int be) @@ -1098,7 +1068,7 @@ smi_print_value(netdissect_options *ndo, } if (NOTIFY_CLASS(pduid) && smiNode->access < SMI_ACCESS_NOTIFY) { - ND_PRINT("[notNotifyable]"); + ND_PRINT("[notNotifiable]"); } if (READ_CLASS(pduid) && smiNode->access < SMI_ACCESS_READ_ONLY) { @@ -1227,7 +1197,7 @@ varbind_print(netdissect_options *ndo, u_short pduid, const u_char *np, u_int length) { struct be elem; - int count = 0, ind; + int count = 0; #ifdef USE_LIBSMI SmiNode *smiNode = NULL; #endif @@ -1247,7 +1217,7 @@ varbind_print(netdissect_options *ndo, length = elem.asnlen; np = (const u_char *)elem.data.raw; - for (ind = 1; length > 0; ind++) { + while (length) { const u_char *vbend; u_int vblength; @@ -1390,7 +1360,6 @@ snmppdu_print(netdissect_options *ndo, np += count; varbind_print(ndo, pduid, np, length); - return; } /* @@ -1481,7 +1450,6 @@ trappdu_print(netdissect_options *ndo, np += count; varbind_print(ndo, TRAP, np, length); - return; } /* @@ -1579,8 +1547,7 @@ scopedpdu_print(netdissect_options *ndo, np += count; ND_PRINT("E="); - if (asn1_print_octets(ndo, &elem) == -1) - return; + asn1_print_octets(ndo, &elem); ND_PRINT(" "); /* contextName (OCTET STRING) */ @@ -1595,8 +1562,7 @@ scopedpdu_print(netdissect_options *ndo, np += count; ND_PRINT("C="); - if (asn1_print_string(ndo, &elem) == -1) - return; + asn1_print_string(ndo, &elem); ND_PRINT(" "); pdu_print(ndo, np, length, version); @@ -1626,8 +1592,7 @@ community_print(netdissect_options *ndo, sizeof(DEF_COMMUNITY) - 1) == 0)) { /* ! "public" */ ND_PRINT("C="); - if (asn1_print_string(ndo, &elem) == -1) - return; + asn1_print_string(ndo, &elem); ND_PRINT(" "); } length -= count; @@ -1706,8 +1671,7 @@ usm_print(netdissect_options *ndo, np += count; ND_PRINT("U="); - if (asn1_print_string(ndo, &elem) == -1) - return; + asn1_print_string(ndo, &elem); ND_PRINT(" "); /* msgAuthenticationParameters (OCTET STRING) */ @@ -1799,7 +1763,7 @@ v3msg_print(netdissect_options *ndo, ND_PRINT("[msgFlags size %d]", elem.asnlen); return; } - flags = EXTRACT_U_1(elem.data.str); + flags = GET_U_1(elem.data.str); if (flags != 0x00 && flags != 0x01 && flags != 0x03 && flags != 0x04 && flags != 0x05 && flags != 0x07) { ND_PRINT("[msgFlags=0x%02X]", flags);