X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/69cb46af9119e8b5554bcc4bf1bf36f39cb82131..32d1d15c5412b3a708ae2b45ed2016bdab9bb58b:/print-juniper.c diff --git a/print-juniper.c b/print-juniper.c index d5fd79d0..64c4f764 100644 --- a/print-juniper.c +++ b/print-juniper.c @@ -12,9 +12,11 @@ * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE. * - * Original code by Hannes Gredler (hannes@juniper.net) + * Original code by Hannes Gredler (hannes@gredler.at) */ +/* \summary: DLT_JUNIPER_* printers */ + #ifndef lint #else __RCSID("NetBSD: print-juniper.c,v 1.3 2007/07/25 06:31:32 dogcow Exp "); @@ -24,9 +26,11 @@ __RCSID("NetBSD: print-juniper.c,v 1.3 2007/07/25 06:31:32 dogcow Exp "); #include "config.h" #endif -#include +#include + +#include -#include "interface.h" +#include "netdissect.h" #include "addrtoname.h" #include "extract.h" #include "ppp.h" @@ -88,7 +92,7 @@ enum { }; /* 1 byte type and 1-byte length */ -#define JUNIPER_EXT_TLV_OVERHEAD 2 +#define JUNIPER_EXT_TLV_OVERHEAD 2U static const struct tok jnx_ext_tlv_values[] = { { JUNIPER_EXT_TLV_IFD_IDX, "Device Interface Index" }, @@ -362,7 +366,7 @@ static const struct tok juniper_ifle_values[] = { struct juniper_cookie_table_t { uint32_t pictype; /* pic type */ - uint8_t cookie_len; /* cookie len */ + uint8_t cookie_len; /* cookie len */ const char *s; /* pic name */ }; @@ -441,25 +445,26 @@ static const struct tok juniper_protocol_values[] = { { 0, NULL} }; -static int ip_heuristic_guess(netdissect_options *, register const u_char *, u_int); -static int juniper_ppp_heuristic_guess(netdissect_options *, register const u_char *, u_int); +static int ip_heuristic_guess(netdissect_options *, const u_char *, u_int); +static int juniper_ppp_heuristic_guess(netdissect_options *, const u_char *, u_int); static int juniper_parse_header(netdissect_options *, const u_char *, const struct pcap_pkthdr *, struct juniper_l2info_t *); #ifdef DLT_JUNIPER_GGSN u_int -juniper_ggsn_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_ggsn_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; struct juniper_ggsn_header { - uint8_t svc_id; - uint8_t flags_len; - uint8_t proto; - uint8_t flags; - uint8_t vlan_id[2]; - uint8_t res[2]; + nd_uint8_t svc_id; + nd_uint8_t flags_len; + nd_uint8_t proto; + nd_uint8_t flags; + nd_uint16_t vlan_id; + nd_byte res[2]; }; const struct juniper_ggsn_header *gh; + uint8_t proto; l2info.pictype = DLT_JUNIPER_GGSN; if (juniper_parse_header(ndo, p, h, &l2info) == 0) @@ -468,14 +473,16 @@ juniper_ggsn_print(netdissect_options *ndo, p+=l2info.header_len; gh = (struct juniper_ggsn_header *)&l2info.cookie; + ND_TCHECK(*gh); + proto = EXTRACT_U_1(gh->proto); if (ndo->ndo_eflag) { ND_PRINT((ndo, "proto %s (%u), vlan %u: ", - tok2str(juniper_protocol_values,"Unknown",gh->proto), - gh->proto, - EXTRACT_16BITS(&gh->vlan_id[0]))); + tok2str(juniper_protocol_values,"Unknown",proto), + proto, + EXTRACT_BE_U_2(gh->vlan_id))); } - switch (gh->proto) { + switch (proto) { case JUNIPER_PROTO_IPV4: ip_print(ndo, p, l2info.length); break; @@ -484,26 +491,30 @@ juniper_ggsn_print(netdissect_options *ndo, break; default: if (!ndo->ndo_eflag) - ND_PRINT((ndo, "unknown GGSN proto (%u)", gh->proto)); + ND_PRINT((ndo, "unknown GGSN proto (%u)", proto)); } return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_ES u_int -juniper_es_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_es_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; struct juniper_ipsec_header { - uint8_t sa_index[2]; - uint8_t ttl; - uint8_t type; - uint8_t spi[4]; - uint8_t src_ip[4]; - uint8_t dst_ip[4]; + nd_uint16_t sa_index; + nd_uint8_t ttl; + nd_uint8_t type; + nd_uint32_t spi; + nd_ipv4 src_ip; + nd_ipv4 dst_ip; }; u_int rewrite_len,es_type_bundle; const struct juniper_ipsec_header *ih; @@ -515,7 +526,8 @@ juniper_es_print(netdissect_options *ndo, p+=l2info.header_len; ih = (const struct juniper_ipsec_header *)p; - switch (ih->type) { + ND_TCHECK(*ih); + switch (EXTRACT_U_1(ih->type)) { case JUNIPER_IPSEC_O_ESP_ENCRYPT_ESP_AUTHEN_TYPE: case JUNIPER_IPSEC_O_ESP_ENCRYPT_AH_AUTHEN_TYPE: rewrite_len = 0; @@ -529,7 +541,7 @@ juniper_es_print(netdissect_options *ndo, break; default: ND_PRINT((ndo, "ES Invalid type %u, length %u", - ih->type, + EXTRACT_U_1(ih->type), l2info.length)); return l2info.header_len; } @@ -540,40 +552,44 @@ juniper_es_print(netdissect_options *ndo, if (ndo->ndo_eflag) { if (!es_type_bundle) { ND_PRINT((ndo, "ES SA, index %u, ttl %u type %s (%u), spi %u, Tunnel %s > %s, length %u\n", - EXTRACT_16BITS(&ih->sa_index), - ih->ttl, - tok2str(juniper_ipsec_type_values,"Unknown",ih->type), - ih->type, - EXTRACT_32BITS(&ih->spi), + EXTRACT_BE_U_2(ih->sa_index), + EXTRACT_U_1(ih->ttl), + tok2str(juniper_ipsec_type_values,"Unknown",EXTRACT_U_1(ih->type)), + EXTRACT_U_1(ih->type), + EXTRACT_BE_U_4(ih->spi), ipaddr_string(ndo, &ih->src_ip), ipaddr_string(ndo, &ih->dst_ip), l2info.length)); } else { ND_PRINT((ndo, "ES SA, index %u, ttl %u type %s (%u), length %u\n", - EXTRACT_16BITS(&ih->sa_index), - ih->ttl, - tok2str(juniper_ipsec_type_values,"Unknown",ih->type), - ih->type, + EXTRACT_BE_U_2(ih->sa_index), + EXTRACT_U_1(ih->ttl), + tok2str(juniper_ipsec_type_values,"Unknown",EXTRACT_U_1(ih->type)), + EXTRACT_U_1(ih->type), l2info.length)); } } ip_print(ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_MONITOR u_int -juniper_monitor_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_monitor_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; struct juniper_monitor_header { - uint8_t pkt_type; - uint8_t padding; - uint8_t iif[2]; - uint8_t service_id[4]; + nd_uint8_t pkt_type; + nd_byte padding; + nd_uint16_t iif; + nd_uint32_t service_id; }; const struct juniper_monitor_header *mh; @@ -584,30 +600,36 @@ juniper_monitor_print(netdissect_options *ndo, p+=l2info.header_len; mh = (const struct juniper_monitor_header *)p; + ND_TCHECK(*mh); if (ndo->ndo_eflag) ND_PRINT((ndo, "service-id %u, iif %u, pkt-type %u: ", - EXTRACT_32BITS(&mh->service_id), - EXTRACT_16BITS(&mh->iif), - mh->pkt_type)); + EXTRACT_BE_U_4(mh->service_id), + EXTRACT_BE_U_2(mh->iif), + EXTRACT_U_1(mh->pkt_type))); /* no proto field - lets guess by first byte of IP header*/ ip_heuristic_guess (ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_SERVICES u_int -juniper_services_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_services_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; struct juniper_services_header { - uint8_t svc_id; - uint8_t flags_len; - uint8_t svc_set_id[2]; - uint8_t dir_iif[4]; + nd_uint8_t svc_id; + nd_uint8_t flags_len; + nd_uint16_t svc_set_id; + nd_byte pad; + nd_uint24_t dir_iif; }; const struct juniper_services_header *sh; @@ -618,24 +640,29 @@ juniper_services_print(netdissect_options *ndo, p+=l2info.header_len; sh = (const struct juniper_services_header *)p; + ND_TCHECK(*sh); if (ndo->ndo_eflag) ND_PRINT((ndo, "service-id %u flags 0x%02x service-set-id 0x%04x iif %u: ", - sh->svc_id, - sh->flags_len, - EXTRACT_16BITS(&sh->svc_set_id), - EXTRACT_24BITS(&sh->dir_iif[1]))); + EXTRACT_U_1(sh->svc_id), + EXTRACT_U_1(sh->flags_len), + EXTRACT_BE_U_2(sh->svc_set_id), + EXTRACT_BE_U_3(sh->dir_iif))); /* no proto field - lets guess by first byte of IP header*/ ip_heuristic_guess (ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_PPPOE u_int -juniper_pppoe_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_pppoe_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; @@ -652,8 +679,8 @@ juniper_pppoe_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_ETHER u_int -juniper_ether_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_ether_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; @@ -670,8 +697,8 @@ juniper_ether_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_PPP u_int -juniper_ppp_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_ppp_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; @@ -688,8 +715,8 @@ juniper_ppp_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_FRELAY u_int -juniper_frelay_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_frelay_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; @@ -706,8 +733,8 @@ juniper_frelay_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_CHDLC u_int -juniper_chdlc_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_chdlc_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; @@ -724,8 +751,8 @@ juniper_chdlc_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_PPPOE_ATM u_int -juniper_pppoe_atm_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_pppoe_atm_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; uint16_t extracted_ethertype; @@ -736,24 +763,30 @@ juniper_pppoe_atm_print(netdissect_options *ndo, p+=l2info.header_len; - extracted_ethertype = EXTRACT_16BITS(p); + ND_TCHECK_2(p); + extracted_ethertype = EXTRACT_BE_U_2(p); /* this DLT contains nothing but raw PPPoE frames, * prepended with a type field*/ if (ethertype_print(ndo, extracted_ethertype, p+ETHERTYPE_LEN, l2info.length-ETHERTYPE_LEN, - l2info.caplen-ETHERTYPE_LEN) == 0) + l2info.caplen-ETHERTYPE_LEN, + NULL, NULL) == 0) /* ether_type not known, probably it wasn't one */ ND_PRINT((ndo, "unknown ethertype 0x%04x", extracted_ethertype)); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_pppoe_atm]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_MLPPP u_int -juniper_mlppp_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_mlppp_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; @@ -764,8 +797,8 @@ juniper_mlppp_print(netdissect_options *ndo, /* suppress Bundle-ID if frame was captured on a child-link * best indicator if the cookie looks like a proto */ if (ndo->ndo_eflag && - EXTRACT_16BITS(&l2info.cookie) != PPP_OSI && - EXTRACT_16BITS(&l2info.cookie) != (PPP_ADDRESS << 8 | PPP_CONTROL)) + EXTRACT_BE_U_2(&l2info.cookie) != PPP_OSI && + EXTRACT_BE_U_2(&l2info.cookie) != (PPP_ADDRESS << 8 | PPP_CONTROL)) ND_PRINT((ndo, "Bundle-ID %u: ", l2info.bundle)); p+=l2info.header_len; @@ -788,14 +821,14 @@ juniper_mlppp_print(netdissect_options *ndo, mpls_print(ndo, p, l2info.length); return l2info.header_len; case JUNIPER_LSQ_L3_PROTO_ISO: - isoclns_print(ndo, p, l2info.length, l2info.caplen); + isoclns_print(ndo, p, l2info.length); return l2info.header_len; default: break; } /* zero length cookie ? */ - switch (EXTRACT_16BITS(&l2info.cookie)) { + switch (EXTRACT_BE_U_2(&l2info.cookie)) { case PPP_OSI: ppp_print(ndo, p - 2, l2info.length + 2); break; @@ -812,11 +845,12 @@ juniper_mlppp_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_MFR u_int -juniper_mfr_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_mfr_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; + memset(&l2info, 0, sizeof(l2info)); l2info.pictype = DLT_JUNIPER_MFR; if (juniper_parse_header(ndo, p, h, &l2info) == 0) return l2info.header_len; @@ -842,7 +876,7 @@ juniper_mfr_print(netdissect_options *ndo, mpls_print(ndo, p, l2info.length); return l2info.header_len; case JUNIPER_LSQ_L3_PROTO_ISO: - isoclns_print(ndo, p, l2info.length, l2info.caplen); + isoclns_print(ndo, p, l2info.length); return l2info.header_len; default: break; @@ -851,17 +885,17 @@ juniper_mfr_print(netdissect_options *ndo, } /* suppress Bundle-ID if frame was captured on a child-link */ - if (ndo->ndo_eflag && EXTRACT_32BITS(l2info.cookie) != 1) + if (ndo->ndo_eflag && EXTRACT_BE_U_4(l2info.cookie) != 1) ND_PRINT((ndo, "Bundle-ID %u, ", l2info.bundle)); switch (l2info.proto) { case (LLCSAP_ISONS<<8 | LLCSAP_ISONS): - isoclns_print(ndo, p + 1, l2info.length - 1, l2info.caplen - 1); + isoclns_print(ndo, p + 1, l2info.length - 1); break; case (LLC_UI<<8 | NLPID_Q933): case (LLC_UI<<8 | NLPID_IP): case (LLC_UI<<8 | NLPID_IP6): /* pass IP{4,6} to the OSI layer for proper link-layer printing */ - isoclns_print(ndo, p - 1, l2info.length + 1, l2info.caplen + 1); + isoclns_print(ndo, p - 1, l2info.length + 1); break; default: ND_PRINT((ndo, "unknown protocol 0x%04x, length %u", l2info.proto, l2info.length)); @@ -873,8 +907,8 @@ juniper_mfr_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_MLFR u_int -juniper_mlfr_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_mlfr_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { struct juniper_l2info_t l2info; @@ -885,18 +919,18 @@ juniper_mlfr_print(netdissect_options *ndo, p+=l2info.header_len; /* suppress Bundle-ID if frame was captured on a child-link */ - if (ndo->ndo_eflag && EXTRACT_32BITS(l2info.cookie) != 1) + if (ndo->ndo_eflag && EXTRACT_BE_U_4(l2info.cookie) != 1) ND_PRINT((ndo, "Bundle-ID %u, ", l2info.bundle)); switch (l2info.proto) { case (LLC_UI): case (LLC_UI<<8): - isoclns_print(ndo, p, l2info.length, l2info.caplen); + isoclns_print(ndo, p, l2info.length); break; case (LLC_UI<<8 | NLPID_Q933): case (LLC_UI<<8 | NLPID_IP): case (LLC_UI<<8 | NLPID_IP6): /* pass IP{4,6} to the OSI layer for proper link-layer printing */ - isoclns_print(ndo, p - 1, l2info.length + 1, l2info.caplen + 1); + isoclns_print(ndo, p - 1, l2info.length + 1); break; default: ND_PRINT((ndo, "unknown protocol 0x%04x, length %u", l2info.proto, l2info.length)); @@ -916,8 +950,8 @@ juniper_mlfr_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_ATM1 u_int -juniper_atm1_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_atm1_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { int llc_hdrlen; @@ -934,16 +968,17 @@ juniper_atm1_print(netdissect_options *ndo, return l2info.header_len; } - if (EXTRACT_24BITS(p) == 0xfefe03 || /* NLPID encaps ? */ - EXTRACT_24BITS(p) == 0xaaaa03) { /* SNAP encaps ? */ + ND_TCHECK_3(p); + if (EXTRACT_BE_U_3(p) == 0xfefe03 || /* NLPID encaps ? */ + EXTRACT_BE_U_3(p) == 0xaaaa03) { /* SNAP encaps ? */ llc_hdrlen = llc_print(ndo, p, l2info.length, l2info.caplen, NULL, NULL); if (llc_hdrlen > 0) return l2info.header_len; } - if (p[0] == 0x03) { /* Cisco style NLPID encaps ? */ - isoclns_print(ndo, p + 1, l2info.length - 1, l2info.caplen - 1); + if (EXTRACT_U_1(p) == 0x03) { /* Cisco style NLPID encaps ? */ + isoclns_print(ndo, p + 1, l2info.length - 1); /* FIXME check if frame was recognized */ return l2info.header_len; } @@ -952,6 +987,10 @@ juniper_atm1_print(netdissect_options *ndo, return l2info.header_len; return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_atm1]")); + return l2info.header_len; } #endif @@ -965,8 +1004,8 @@ juniper_atm1_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_ATM2 u_int -juniper_atm2_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_atm2_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, const u_char *p) { int llc_hdrlen; @@ -983,8 +1022,9 @@ juniper_atm2_print(netdissect_options *ndo, return l2info.header_len; } - if (EXTRACT_24BITS(p) == 0xfefe03 || /* NLPID encaps ? */ - EXTRACT_24BITS(p) == 0xaaaa03) { /* SNAP encaps ? */ + ND_TCHECK_3(p); + if (EXTRACT_BE_U_3(p) == 0xfefe03 || /* NLPID encaps ? */ + EXTRACT_BE_U_3(p) == 0xaaaa03) { /* SNAP encaps ? */ llc_hdrlen = llc_print(ndo, p, l2info.length, l2info.caplen, NULL, NULL); if (llc_hdrlen > 0) @@ -992,13 +1032,13 @@ juniper_atm2_print(netdissect_options *ndo, } if (l2info.direction != JUNIPER_BPF_PKT_IN && /* ether-over-1483 encaps ? */ - (EXTRACT_32BITS(l2info.cookie) & ATM2_GAP_COUNT_MASK)) { + (EXTRACT_BE_U_4(l2info.cookie) & ATM2_GAP_COUNT_MASK)) { ether_print(ndo, p, l2info.length, l2info.caplen, NULL, NULL); return l2info.header_len; } - if (p[0] == 0x03) { /* Cisco style NLPID encaps ? */ - isoclns_print(ndo, p + 1, l2info.length - 1, l2info.caplen - 1); + if (EXTRACT_U_1(p) == 0x03) { /* Cisco style NLPID encaps ? */ + isoclns_print(ndo, p + 1, l2info.length - 1); /* FIXME check if frame was recognized */ return l2info.header_len; } @@ -1010,6 +1050,10 @@ juniper_atm2_print(netdissect_options *ndo, return l2info.header_len; return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_atm2]")); + return l2info.header_len; } #endif @@ -1018,9 +1062,9 @@ juniper_atm2_print(netdissect_options *ndo, * a juniper router if the payload data is encapsulated using PPP */ static int juniper_ppp_heuristic_guess(netdissect_options *ndo, - register const u_char *p, u_int length) + const u_char *p, u_int length) { - switch(EXTRACT_16BITS(p)) { + switch(EXTRACT_BE_U_2(p)) { case PPP_IP : case PPP_OSI : case PPP_MPLS_UCAST : @@ -1032,10 +1076,8 @@ juniper_ppp_heuristic_guess(netdissect_options *ndo, case PPP_PAP : case PPP_CHAP : case PPP_ML : -#ifdef INET6 case PPP_IPV6 : case PPP_IPV6CP : -#endif ppp_print(ndo, p, length); break; @@ -1048,9 +1090,9 @@ juniper_ppp_heuristic_guess(netdissect_options *ndo, static int ip_heuristic_guess(netdissect_options *ndo, - register const u_char *p, u_int length) + const u_char *p, u_int length) { - switch(p[0]) { + switch(EXTRACT_U_1(p)) { case 0x45: case 0x46: case 0x47: @@ -1098,16 +1140,16 @@ juniper_read_tlv_value(const u_char *p, u_int tlv_type, u_int tlv_len) if (tlv_type < 128) { switch (tlv_len) { case 1: - tlv_value = *p; + tlv_value = EXTRACT_U_1(p); break; case 2: - tlv_value = EXTRACT_LE_16BITS(p); + tlv_value = EXTRACT_LE_U_2(p); break; case 3: - tlv_value = EXTRACT_LE_24BITS(p); + tlv_value = EXTRACT_LE_U_3(p); break; case 4: - tlv_value = EXTRACT_LE_32BITS(p); + tlv_value = EXTRACT_LE_U_4(p); break; default: tlv_value = -1; @@ -1117,16 +1159,16 @@ juniper_read_tlv_value(const u_char *p, u_int tlv_type, u_int tlv_len) /* TLVs >= 128 are big endian encoded */ switch (tlv_len) { case 1: - tlv_value = *p; + tlv_value = EXTRACT_U_1(p); break; case 2: - tlv_value = EXTRACT_16BITS(p); + tlv_value = EXTRACT_BE_U_2(p); break; case 3: - tlv_value = EXTRACT_24BITS(p); + tlv_value = EXTRACT_BE_U_3(p); break; case 4: - tlv_value = EXTRACT_32BITS(p); + tlv_value = EXTRACT_BE_U_4(p); break; default: tlv_value = -1; @@ -1155,11 +1197,11 @@ juniper_parse_header(netdissect_options *ndo, l2info->length = h->len; l2info->caplen = h->caplen; - ND_TCHECK2(p[0], 4); - l2info->flags = p[3]; - l2info->direction = p[3]&JUNIPER_BPF_PKT_IN; + ND_TCHECK_4(p); + l2info->flags = EXTRACT_U_1(p + 3); + l2info->direction = EXTRACT_U_1(p + 3) & JUNIPER_BPF_PKT_IN; - if (EXTRACT_24BITS(p) != JUNIPER_MGC_NUMBER) { /* magic number found ? */ + if (EXTRACT_BE_U_3(p) != JUNIPER_MGC_NUMBER) { /* magic number found ? */ ND_PRINT((ndo, "no magic-number found!")); return 0; } @@ -1180,8 +1222,8 @@ juniper_parse_header(netdissect_options *ndo, tptr = p+jnx_header_len; /* ok to read extension length ? */ - ND_TCHECK2(tptr[0], 2); - jnx_ext_len = EXTRACT_16BITS(tptr); + ND_TCHECK_2(tptr); + jnx_ext_len = EXTRACT_BE_U_2(tptr); jnx_header_len += 2; tptr +=2; @@ -1193,15 +1235,19 @@ juniper_parse_header(netdissect_options *ndo, if (ndo->ndo_vflag > 1) ND_PRINT((ndo, ", PCAP Extension(s) total length %u", jnx_ext_len)); - ND_TCHECK2(tptr[0], jnx_ext_len); + ND_TCHECK_LEN(tptr, jnx_ext_len); while (jnx_ext_len > JUNIPER_EXT_TLV_OVERHEAD) { - tlv_type = *(tptr++); - tlv_len = *(tptr++); + tlv_type = EXTRACT_U_1(tptr); + tptr++; + tlv_len = EXTRACT_U_1(tptr); + tptr++; tlv_value = 0; - /* sanity check */ + /* sanity checks */ if (tlv_type == 0 || tlv_len == 0) break; + if (tlv_len+JUNIPER_EXT_TLV_OVERHEAD > jnx_ext_len) + goto trunc; if (ndo->ndo_vflag > 1) ND_PRINT((ndo, "\n\t %s Extension TLV #%u, length %u, value ", @@ -1259,7 +1305,7 @@ juniper_parse_header(netdissect_options *ndo, * perform the v4/v6 heuristics * to figure out what it is */ - ND_TCHECK2(p[jnx_header_len + 4], 1); + ND_TCHECK_1(p + (jnx_header_len + 4)); if (ip_heuristic_guess(ndo, p + jnx_header_len + 4, l2info->length - (jnx_header_len + 4)) == 0) ND_PRINT((ndo, "no IP-hdr found!")); @@ -1274,12 +1320,13 @@ juniper_parse_header(netdissect_options *ndo, l2info->caplen -= l2info->header_len; /* search through the cookie table and copy values matching for our PIC type */ + ND_TCHECK_1(p); while (lp->s != NULL) { if (lp->pictype == l2info->pictype) { l2info->cookie_len += lp->cookie_len; - switch (p[0]) { + switch (EXTRACT_U_1(p)) { case LS_COOKIE_ID: l2info->cookie_type = LS_COOKIE_ID; l2info->cookie_len += 2; @@ -1298,7 +1345,7 @@ juniper_parse_header(netdissect_options *ndo, #ifdef DLT_JUNIPER_MFR /* MFR child links don't carry cookies */ if (l2info->pictype == DLT_JUNIPER_MFR && - (p[0] & MFR_BE_MASK) == MFR_BE_MASK) { + (EXTRACT_U_1(p) & MFR_BE_MASK) == MFR_BE_MASK) { l2info->cookie_len = 0; } #endif @@ -1313,19 +1360,20 @@ juniper_parse_header(netdissect_options *ndo, l2info->cookie_len)); if (l2info->cookie_len > 0) { - ND_TCHECK2(p[0], l2info->cookie_len); + ND_TCHECK_LEN(p, l2info->cookie_len); if (ndo->ndo_eflag) ND_PRINT((ndo, ", cookie 0x")); for (idx = 0; idx < l2info->cookie_len; idx++) { - l2info->cookie[idx] = p[idx]; /* copy cookie data */ - if (ndo->ndo_eflag) ND_PRINT((ndo, "%02x", p[idx])); + l2info->cookie[idx] = EXTRACT_U_1(p + idx); /* copy cookie data */ + if (ndo->ndo_eflag) ND_PRINT((ndo, "%02x", EXTRACT_U_1(p + idx))); } } if (ndo->ndo_eflag) ND_PRINT((ndo, ": ")); /* print demarc b/w L2/L3*/ - l2info->proto = EXTRACT_16BITS(p+l2info->cookie_len); + ND_TCHECK_2(p + l2info->cookie_len); + l2info->proto = EXTRACT_BE_U_2(p + l2info->cookie_len); break; } ++lp; @@ -1341,7 +1389,7 @@ juniper_parse_header(netdissect_options *ndo, l2info->bundle = l2info->cookie[1]; break; case AS_COOKIE_ID: - l2info->bundle = (EXTRACT_16BITS(&l2info->cookie[6])>>3)&0xfff; + l2info->bundle = (EXTRACT_BE_U_2(&l2info->cookie[6])>>3)&0xfff; l2info->proto = (l2info->cookie[5])&JUNIPER_LSQ_L3_PROTO_MASK; break; default: @@ -1354,14 +1402,15 @@ juniper_parse_header(netdissect_options *ndo, case DLT_JUNIPER_MLFR: switch (l2info->cookie_type) { case LS_COOKIE_ID: + ND_TCHECK_2(p); l2info->bundle = l2info->cookie[1]; - l2info->proto = EXTRACT_16BITS(p); + l2info->proto = EXTRACT_BE_U_2(p); l2info->header_len += 2; l2info->length -= 2; l2info->caplen -= 2; break; case AS_COOKIE_ID: - l2info->bundle = (EXTRACT_16BITS(&l2info->cookie[6])>>3)&0xfff; + l2info->bundle = (EXTRACT_BE_U_2(&l2info->cookie[6])>>3)&0xfff; l2info->proto = (l2info->cookie[5])&JUNIPER_LSQ_L3_PROTO_MASK; break; default: @@ -1377,14 +1426,15 @@ juniper_parse_header(netdissect_options *ndo, case DLT_JUNIPER_MFR: switch (l2info->cookie_type) { case LS_COOKIE_ID: + ND_TCHECK_2(p); l2info->bundle = l2info->cookie[1]; - l2info->proto = EXTRACT_16BITS(p); + l2info->proto = EXTRACT_BE_U_2(p); l2info->header_len += 2; l2info->length -= 2; l2info->caplen -= 2; break; case AS_COOKIE_ID: - l2info->bundle = (EXTRACT_16BITS(&l2info->cookie[6])>>3)&0xfff; + l2info->bundle = (EXTRACT_BE_U_2(&l2info->cookie[6])>>3)&0xfff; l2info->proto = (l2info->cookie[5])&JUNIPER_LSQ_L3_PROTO_MASK; break; default: @@ -1395,10 +1445,10 @@ juniper_parse_header(netdissect_options *ndo, #endif #ifdef DLT_JUNIPER_ATM2 case DLT_JUNIPER_ATM2: - ND_TCHECK2(p[0], 4); + ND_TCHECK_4(p); /* ATM cell relay control word present ? */ if (l2info->cookie[7] & ATM2_PKT_TYPE_MASK) { - control_word = EXTRACT_32BITS(p); + control_word = EXTRACT_BE_U_4(p); /* some control word heuristics */ switch(control_word) { case 0: /* zero control word */