X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/546558eabd81cfc36a81a4df728fdfea0d83b41a..a63600a1fc28dbc7ae7ce9f996829c49a25fb33c:/print-ip6opts.c diff --git a/print-ip6opts.c b/print-ip6opts.c index 31523883..a78c76da 100644 --- a/print-ip6opts.c +++ b/print-ip6opts.c @@ -41,25 +41,25 @@ #include "ip6.h" -static void +static int ip6_sopt_print(netdissect_options *ndo, const u_char *bp, int len) { int i; int optlen; for (i = 0; i < len; i += optlen) { - if (EXTRACT_U_1(bp + i) == IP6OPT_PAD1) + if (GET_U_1(bp + i) == IP6OPT_PAD1) optlen = 1; else { if (i + 1 < len) - optlen = EXTRACT_U_1(bp + i + 1) + 2; + optlen = GET_U_1(bp + i + 1) + 2; else goto trunc; } if (i + optlen > len) goto trunc; - switch (EXTRACT_U_1(bp + i)) { + switch (GET_U_1(bp + i)) { case IP6OPT_PAD1: ND_PRINT(", pad1"); break; @@ -72,144 +72,194 @@ ip6_sopt_print(netdissect_options *ndo, const u_char *bp, int len) break; default: if (len - i < IP6OPT_MINLEN) { - ND_PRINT(", sopt_type %u: trunc)", EXTRACT_U_1(bp + i)); + ND_PRINT(", sopt_type %u: trunc)", GET_U_1(bp + i)); goto trunc; } - ND_PRINT(", sopt_type 0x%02x: len=%u", EXTRACT_U_1(bp + i), EXTRACT_U_1(bp + i + 1)); + ND_PRINT(", sopt_type 0x%02x: len=%u", GET_U_1(bp + i), + GET_U_1(bp + i + 1)); break; } } - return; + return 0; trunc: - ND_PRINT("[trunc] "); + return -1; } -static void -ip6_opt_print(netdissect_options *ndo, const u_char *bp, int len) +static int +ip6_opt_process(netdissect_options *ndo, const u_char *bp, int len, + int *found_jumbop, uint32_t *payload_len) { int i; int optlen = 0; + int found_jumbo = 0; + uint32_t jumbolen = 0; if (len == 0) - return; + return 0; for (i = 0; i < len; i += optlen) { - if (EXTRACT_U_1(bp + i) == IP6OPT_PAD1) + if (GET_U_1(bp + i) == IP6OPT_PAD1) optlen = 1; else { if (i + 1 < len) - optlen = EXTRACT_U_1(bp + i + 1) + 2; + optlen = GET_U_1(bp + i + 1) + 2; else goto trunc; } if (i + optlen > len) goto trunc; - switch (EXTRACT_U_1(bp + i)) { + switch (GET_U_1(bp + i)) { case IP6OPT_PAD1: - ND_PRINT("(pad1)"); + if (ndo->ndo_vflag) + ND_PRINT("(pad1)"); break; case IP6OPT_PADN: if (len - i < IP6OPT_MINLEN) { ND_PRINT("(padn: trunc)"); goto trunc; } - ND_PRINT("(padn)"); + if (ndo->ndo_vflag) + ND_PRINT("(padn)"); break; case IP6OPT_ROUTER_ALERT: if (len - i < IP6OPT_RTALERT_LEN) { ND_PRINT("(rtalert: trunc)"); goto trunc; } - if (EXTRACT_U_1(bp + i + 1) != IP6OPT_RTALERT_LEN - 2) { - ND_PRINT("(rtalert: invalid len %u)", EXTRACT_U_1(bp + i + 1)); + if (GET_U_1(bp + i + 1) != IP6OPT_RTALERT_LEN - 2) { + ND_PRINT("(rtalert: invalid len %u)", GET_U_1(bp + i + 1)); goto trunc; } - ND_PRINT("(rtalert: 0x%04x) ", EXTRACT_BE_U_2(bp + i + 2)); + if (ndo->ndo_vflag) + ND_PRINT("(rtalert: 0x%04x) ", GET_BE_U_2(bp + i + 2)); break; case IP6OPT_JUMBO: if (len - i < IP6OPT_JUMBO_LEN) { ND_PRINT("(jumbo: trunc)"); goto trunc; } - if (EXTRACT_U_1(bp + i + 1) != IP6OPT_JUMBO_LEN - 2) { - ND_PRINT("(jumbo: invalid len %u)", EXTRACT_U_1(bp + i + 1)); + if (GET_U_1(bp + i + 1) != IP6OPT_JUMBO_LEN - 2) { + ND_PRINT("(jumbo: invalid len %u)", GET_U_1(bp + i + 1)); goto trunc; } - ND_PRINT("(jumbo: %u) ", EXTRACT_BE_U_4(bp + i + 2)); + jumbolen = GET_BE_U_4(bp + i + 2); + if (found_jumbo) { + /* More than one Jumbo Payload option */ + if (ndo->ndo_vflag) + ND_PRINT("(jumbo: %u - already seen) ", jumbolen); + } else { + found_jumbo = 1; + if (payload_len == NULL) { + /* Not a hop-by-hop option - not valid */ + if (ndo->ndo_vflag) + ND_PRINT("(jumbo: %u - not a hop-by-hop option) ", jumbolen); + } else if (*payload_len != 0) { + /* Payload length was non-zero - not valid */ + if (ndo->ndo_vflag) + ND_PRINT("(jumbo: %u - payload len != 0) ", jumbolen); + } else { + /* + * This is a hop-by-hop option, and Payload length + * was zero in the IPv6 header. + */ + if (jumbolen < 65536) { + /* Too short */ + if (ndo->ndo_vflag) + ND_PRINT("(jumbo: %u - < 65536) ", jumbolen); + } else { + /* OK, this is valid */ + *found_jumbop = 1; + *payload_len = jumbolen; + if (ndo->ndo_vflag) + ND_PRINT("(jumbo: %u) ", jumbolen); + } + } + } break; case IP6OPT_HOME_ADDRESS: if (len - i < IP6OPT_HOMEADDR_MINLEN) { ND_PRINT("(homeaddr: trunc)"); goto trunc; } - if (EXTRACT_U_1(bp + i + 1) < IP6OPT_HOMEADDR_MINLEN - 2) { - ND_PRINT("(homeaddr: invalid len %u)", EXTRACT_U_1(bp + i + 1)); + if (GET_U_1(bp + i + 1) < IP6OPT_HOMEADDR_MINLEN - 2) { + ND_PRINT("(homeaddr: invalid len %u)", GET_U_1(bp + i + 1)); goto trunc; } - ND_PRINT("(homeaddr: %s", ip6addr_string(ndo, bp + i + 2)); - if (EXTRACT_U_1(bp + i + 1) > IP6OPT_HOMEADDR_MINLEN - 2) { - ip6_sopt_print(ndo, bp + i + IP6OPT_HOMEADDR_MINLEN, - (optlen - IP6OPT_HOMEADDR_MINLEN)); + if (ndo->ndo_vflag) { + ND_PRINT("(homeaddr: %s", GET_IP6ADDR_STRING(bp + i + 2)); + if (GET_U_1(bp + i + 1) > IP6OPT_HOMEADDR_MINLEN - 2) { + if (ip6_sopt_print(ndo, bp + i + IP6OPT_HOMEADDR_MINLEN, + (optlen - IP6OPT_HOMEADDR_MINLEN)) == -1) + goto trunc; + } + ND_PRINT(")"); } - ND_PRINT(")"); break; default: if (len - i < IP6OPT_MINLEN) { - ND_PRINT("(type %u: trunc)", EXTRACT_U_1(bp + i)); + ND_PRINT("(type %u: trunc)", GET_U_1(bp + i)); goto trunc; } - ND_PRINT("(opt_type 0x%02x: len=%u)", EXTRACT_U_1(bp + i), EXTRACT_U_1(bp + i + 1)); + if (ndo->ndo_vflag) + ND_PRINT("(opt_type 0x%02x: len=%u)", GET_U_1(bp + i), + GET_U_1(bp + i + 1)); break; } } - ND_PRINT(" "); - return; + if (ndo->ndo_vflag) + ND_PRINT(" "); + return 0; trunc: - ND_PRINT("[trunc] "); + return -1; } int -hbhopt_print(netdissect_options *ndo, const u_char *bp) +hbhopt_process(netdissect_options *ndo, const u_char *bp, int *found_jumbo, + uint32_t *jumbolen) { const struct ip6_hbh *dp = (const struct ip6_hbh *)bp; u_int hbhlen = 0; ndo->ndo_protocol = "hbhopt"; - ND_TCHECK_1(dp->ip6h_len); - hbhlen = (EXTRACT_U_1(dp->ip6h_len) + 1) << 3; + hbhlen = (GET_U_1(dp->ip6h_len) + 1) << 3; ND_TCHECK_LEN(dp, hbhlen); ND_PRINT("HBH "); - if (ndo->ndo_vflag) - ip6_opt_print(ndo, (const u_char *)dp + sizeof(*dp), hbhlen - sizeof(*dp)); - - return(hbhlen); + if (ip6_opt_process(ndo, (const u_char *)dp + sizeof(*dp), + hbhlen - sizeof(*dp), found_jumbo, jumbolen) == -1) + goto trunc; + return hbhlen; - trunc: - ND_PRINT("[|HBH]"); - return(-1); +trunc: + nd_print_trunc(ndo); + return -1; } int -dstopt_print(netdissect_options *ndo, const u_char *bp) +dstopt_process(netdissect_options *ndo, const u_char *bp) { const struct ip6_dest *dp = (const struct ip6_dest *)bp; u_int dstoptlen = 0; ndo->ndo_protocol = "dstopt"; - ND_TCHECK_1(dp->ip6d_len); - dstoptlen = (EXTRACT_U_1(dp->ip6d_len) + 1) << 3; + dstoptlen = (GET_U_1(dp->ip6d_len) + 1) << 3; ND_TCHECK_LEN(dp, dstoptlen); ND_PRINT("DSTOPT "); if (ndo->ndo_vflag) { - ip6_opt_print(ndo, (const u_char *)dp + sizeof(*dp), - dstoptlen - sizeof(*dp)); + /* + * The Jumbo Payload option is a hop-by-hop option; we don't + * honor Jumbo Payload destination options, reporting them + * as invalid. + */ + if (ip6_opt_process(ndo, (const u_char *)dp + sizeof(*dp), + dstoptlen - sizeof(*dp), NULL, NULL) == -1) + goto trunc; } - return(dstoptlen); + return dstoptlen; - trunc: - ND_PRINT("[|DSTOPT]"); - return(-1); +trunc: + nd_print_trunc(ndo); + return -1; }