X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/64e8f9a9ed91a3cbfa8e66367f87ef50a1d62b99..16c95291bde1c04a6e3c31da3b12c3b592d09968:/print-esp.c

diff --git a/print-esp.c b/print-esp.c
index 14885d6b..61c3e13b 100644
--- a/print-esp.c
+++ b/print-esp.c
@@ -347,7 +347,7 @@ static void esp_print_addsa(netdissect_options *ndo,
 	nsa = (struct sa_list *)malloc(sizeof(struct sa_list));
 	if (nsa == NULL)
 		(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
-				  "esp_print_addsa: malloc");
+				  "%s: malloc", __func__);
 
 	*nsa = *sa;
 
@@ -603,8 +603,8 @@ static void esp_print_decode_onesecret(netdissect_options *ndo, char *line,
 		secretfile = fopen(filename, FOPEN_READ_TXT);
 		if (secretfile == NULL) {
 			(*ndo->ndo_error)(ndo, S_ERR_ND_OPEN_FILE,
-					  "print_esp: can't open %s: %s\n",
-					  filename, strerror(errno));
+					  "%s: can't open %s: %s\n",
+					  __func__, filename, strerror(errno));
 		}
 
 		while (fgets(fileline, sizeof(fileline)-1, secretfile) != NULL) {
@@ -880,7 +880,7 @@ esp_print(netdissect_options *ndo,
 	if (!nd_push_buffer(ndo, pt, pt, ep)) {
 		free(pt);
 		(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
-			"esp_print: can't push buffer on buffer stack");
+			"%s: can't push buffer on buffer stack", __func__);
 	}
 
 	/*
@@ -903,12 +903,20 @@ esp_print(netdissect_options *ndo,
 
 	ND_PRINT(": ");
 
+	/*
+	 * Don't put padding + padding length(1 byte) + next header(1 byte)
+	 * in the buffer because they are not part of the plaintext to decode.
+	 */
+	nd_push_snapend(ndo, ep - (padlen + 2));
+
 	/* Now dissect the plaintext. */
 	ip_demux_print(ndo, pt, payloadlen - (padlen + 2), ver, fragmented,
-	    ttl_hl, nh, bp2);
+		       ttl_hl, nh, bp2);
 
 	/* Pop the buffer, freeing it. */
 	nd_pop_packet_info(ndo);
+	/* Pop the nd_push_snapend */
+	nd_pop_packet_info(ndo);
 #endif
 }
 #ifdef HAVE_LIBCRYPTO