X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/69cb46af9119e8b5554bcc4bf1bf36f39cb82131..d7b497cac78b6e22a66a6bae9bdec60a8044f67a:/print-domain.c diff --git a/print-domain.c b/print-domain.c index 3f9c7065..e150116d 100644 --- a/print-domain.c +++ b/print-domain.c @@ -19,19 +19,22 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ +/* \summary: Domain Name System (DNS) printer */ + #ifdef HAVE_CONFIG_H #include "config.h" #endif -#include +#include #include "nameser.h" #include -#include "interface.h" +#include "netdissect.h" #include "addrtoname.h" -#include "extract.h" /* must come after interface.h */ +#include "addrtostr.h" +#include "extract.h" static const char *ns_ops[] = { "", " inv_q", " stat", " op3", " notify", " update", " op6", " op7", @@ -53,9 +56,10 @@ ns_nskip(netdissect_options *ndo, { register u_char i; - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return (NULL); - i = *cp++; + i = EXTRACT_U_1(cp); + cp++; while (i) { if ((i & INDIR_MASK) == INDIR_MASK) return (cp + 1); @@ -64,17 +68,19 @@ ns_nskip(netdissect_options *ndo, if ((i & ~INDIR_MASK) != EDNS0_ELT_BITLABEL) return(NULL); /* unknown ELT */ - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return (NULL); - if ((bitlen = *cp++) == 0) + if ((bitlen = EXTRACT_U_1(cp)) == 0) bitlen = 256; + cp++; bytelen = (bitlen + 7) / 8; cp += bytelen; } else cp += i; - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return (NULL); - i = *cp++; + i = EXTRACT_U_1(cp); + cp++; } return (cp); } @@ -88,9 +94,9 @@ blabel_print(netdissect_options *ndo, const u_char *bitp, *lim; char tc; - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return(NULL); - if ((bitlen = *cp) == 0) + if ((bitlen = EXTRACT_U_1(cp)) == 0) bitlen = 256; slen = (bitlen + 3) / 4; lim = cp + 1 + slen; @@ -99,15 +105,17 @@ blabel_print(netdissect_options *ndo, ND_PRINT((ndo, "\\[x")); for (bitp = cp + 1, b = bitlen; bitp < lim && b > 7; b -= 8, bitp++) { ND_TCHECK(*bitp); - ND_PRINT((ndo, "%02x", *bitp)); + ND_PRINT((ndo, "%02x", EXTRACT_U_1(bitp))); } if (b > 4) { ND_TCHECK(*bitp); - tc = *bitp++; + tc = EXTRACT_U_1(bitp); + bitp++; ND_PRINT((ndo, "%02x", tc & (0xff << (8 - b)))); } else if (b > 0) { ND_TCHECK(*bitp); - tc = *bitp++; + tc = EXTRACT_U_1(bitp); + bitp++; ND_PRINT((ndo, "%1x", ((tc >> 4) & 0x0f) & (0x0f << (4 - b)))); } ND_PRINT((ndo, "/%d]", bitlen)); @@ -123,18 +131,18 @@ labellen(netdissect_options *ndo, { register u_int i; - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return(-1); - i = *cp; + i = EXTRACT_U_1(cp); if ((i & INDIR_MASK) == EDNS0_MASK) { int bitlen, elt; if ((elt = (i & ~INDIR_MASK)) != EDNS0_ELT_BITLABEL) { ND_PRINT((ndo, "", elt)); return(-1); } - if (!ND_TTEST2(*(cp + 1), 1)) + if (!ND_TTEST_1(cp + 1)) return(-1); - if ((bitlen = *(cp + 1)) == 0) + if ((bitlen = EXTRACT_U_1(cp + 1)) == 0) bitlen = 256; return(((bitlen + 7) / 8) + 1); } else @@ -148,16 +156,17 @@ ns_nprint(netdissect_options *ndo, register u_int i, l; register const u_char *rp = NULL; register int compress = 0; - int chars_processed; int elt; - int data_size = ndo->ndo_snapend - bp; + u_int offset, max_offset; if ((l = labellen(ndo, cp)) == (u_int)-1) return(NULL); - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return(NULL); - chars_processed = 1; - if (((i = *cp++) & INDIR_MASK) != INDIR_MASK) { + max_offset = (u_int)(cp - bp); + i = EXTRACT_U_1(cp); + cp++; + if ((i & INDIR_MASK) != INDIR_MASK) { compress = 0; rp = cp + l; } @@ -169,26 +178,31 @@ ns_nprint(netdissect_options *ndo, rp = cp + 1; compress = 1; } - if (!ND_TTEST2(*cp, 1)) - return(NULL); - cp = bp + (((i << 8) | *cp) & 0x3fff); - if ((l = labellen(ndo, cp)) == (u_int)-1) + if (!ND_TTEST_1(cp)) return(NULL); - if (!ND_TTEST2(*cp, 1)) - return(NULL); - i = *cp++; - chars_processed++; - + offset = (((i << 8) | EXTRACT_U_1(cp)) & 0x3fff); /* - * If we've looked at every character in - * the message, this pointer will make - * us look at some character again, - * which means we're looping. + * This must move backwards in the packet. + * No RFC explicitly says that, but BIND's + * name decompression code requires it, + * as a way of preventing infinite loops + * and other bad behavior, and it's probably + * what was intended (compress by pointing + * to domain name suffixes already seen in + * the packet). */ - if (chars_processed >= data_size) { - ND_PRINT((ndo, "")); - return (NULL); + if (offset >= max_offset) { + ND_PRINT((ndo, "")); + return(NULL); } + max_offset = offset; + cp = bp + offset; + if ((l = labellen(ndo, cp)) == (u_int)-1) + return(NULL); + if (!ND_TTEST_1(cp)) + return(NULL); + i = EXTRACT_U_1(cp); + cp++; continue; } if ((i & INDIR_MASK) == EDNS0_MASK) { @@ -209,14 +223,13 @@ ns_nprint(netdissect_options *ndo, } cp += l; - chars_processed += l; ND_PRINT((ndo, ".")); if ((l = labellen(ndo, cp)) == (u_int)-1) return(NULL); - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return(NULL); - i = *cp++; - chars_processed++; + i = EXTRACT_U_1(cp); + cp++; if (!compress) rp += l + 1; } @@ -232,9 +245,10 @@ ns_cprint(netdissect_options *ndo, { register u_int i; - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return (NULL); - i = *cp++; + i = EXTRACT_U_1(cp); + cp++; if (fn_printn(ndo, cp, i, ndo->ndo_snapend)) return (NULL); return (cp + i); @@ -324,15 +338,15 @@ ns_qprint(netdissect_options *ndo, cp = ns_nskip(ndo, cp); - if (cp == NULL || !ND_TTEST2(*cp, 4)) + if (cp == NULL || !ND_TTEST_4(cp)) return(NULL); /* print the qtype */ - i = EXTRACT_16BITS(cp); + i = EXTRACT_BE_U_2(cp); cp += 2; ND_PRINT((ndo, " %s", tok2str(ns_type2str, "Type%d", i))); /* print the qclass (if it's not IN) */ - i = EXTRACT_16BITS(cp); + i = EXTRACT_BE_U_2(cp); cp += 2; if (is_mdns) class = (i & ~C_QU); @@ -369,10 +383,10 @@ ns_rprint(netdissect_options *ndo, return (ndo->ndo_snapend); /* print the type/qtype */ - typ = EXTRACT_16BITS(cp); + typ = EXTRACT_BE_U_2(cp); cp += 2; /* print the class (if it's not IN and the type isn't OPT) */ - i = EXTRACT_16BITS(cp); + i = EXTRACT_BE_U_2(cp); cp += 2; if (is_mdns) class = (i & ~C_CACHE_FLUSH); @@ -388,13 +402,13 @@ ns_rprint(netdissect_options *ndo, if (typ == T_OPT) { /* get opt flags */ cp += 2; - opt_flags = EXTRACT_16BITS(cp); + opt_flags = EXTRACT_BE_U_2(cp); /* ignore rest of ttl field */ cp += 2; } else if (ndo->ndo_vflag > 2) { /* print ttl */ ND_PRINT((ndo, " [")); - relts_print(ndo, EXTRACT_32BITS(cp)); + unsigned_relts_print(ndo, EXTRACT_BE_U_4(cp)); ND_PRINT((ndo, "]")); cp += 4; } else { @@ -402,7 +416,7 @@ ns_rprint(netdissect_options *ndo, cp += 4; } - len = EXTRACT_16BITS(cp); + len = EXTRACT_BE_U_2(cp); cp += 2; rp = cp + len; @@ -415,7 +429,7 @@ ns_rprint(netdissect_options *ndo, case T_A: if (!ND_TTEST2(*cp, sizeof(struct in_addr))) return(NULL); - ND_PRINT((ndo, " %s", intoa(htonl(EXTRACT_32BITS(cp))))); + ND_PRINT((ndo, " %s", intoa(htonl(EXTRACT_BE_U_4(cp))))); break; case T_NS: @@ -440,24 +454,24 @@ ns_rprint(netdissect_options *ndo, return(NULL); if (!ND_TTEST2(*cp, 5 * 4)) return(NULL); - ND_PRINT((ndo, " %u", EXTRACT_32BITS(cp))); + ND_PRINT((ndo, " %u", EXTRACT_BE_U_4(cp))); cp += 4; - ND_PRINT((ndo, " %u", EXTRACT_32BITS(cp))); + ND_PRINT((ndo, " %u", EXTRACT_BE_U_4(cp))); cp += 4; - ND_PRINT((ndo, " %u", EXTRACT_32BITS(cp))); + ND_PRINT((ndo, " %u", EXTRACT_BE_U_4(cp))); cp += 4; - ND_PRINT((ndo, " %u", EXTRACT_32BITS(cp))); + ND_PRINT((ndo, " %u", EXTRACT_BE_U_4(cp))); cp += 4; - ND_PRINT((ndo, " %u", EXTRACT_32BITS(cp))); + ND_PRINT((ndo, " %u", EXTRACT_BE_U_4(cp))); cp += 4; break; case T_MX: ND_PRINT((ndo, " ")); - if (!ND_TTEST2(*cp, 2)) + if (!ND_TTEST_2(cp)) return(NULL); if (ns_nprint(ndo, cp + 2, bp) == NULL) return(NULL); - ND_PRINT((ndo, " %d", EXTRACT_16BITS(cp))); + ND_PRINT((ndo, " %d", EXTRACT_BE_U_2(cp))); break; case T_TXT: @@ -472,25 +486,22 @@ ns_rprint(netdissect_options *ndo, case T_SRV: ND_PRINT((ndo, " ")); - if (!ND_TTEST2(*cp, 6)) + if (!ND_TTEST_6(cp)) return(NULL); if (ns_nprint(ndo, cp + 6, bp) == NULL) return(NULL); - ND_PRINT((ndo, ":%d %d %d", EXTRACT_16BITS(cp + 4), - EXTRACT_16BITS(cp), EXTRACT_16BITS(cp + 2))); + ND_PRINT((ndo, ":%d %d %d", EXTRACT_BE_U_2(cp + 4), + EXTRACT_BE_U_2(cp), EXTRACT_BE_U_2(cp + 2))); break; -#ifdef INET6 case T_AAAA: { - struct in6_addr addr; char ntop_buf[INET6_ADDRSTRLEN]; if (!ND_TTEST2(*cp, sizeof(struct in6_addr))) return(NULL); - memcpy(&addr, cp, sizeof(struct in6_addr)); ND_PRINT((ndo, " %s", - inet_ntop(AF_INET6, &addr, ntop_buf, sizeof(ntop_buf)))); + addrtostr6(cp, ntop_buf, sizeof(ntop_buf)))); break; } @@ -501,9 +512,9 @@ ns_rprint(netdissect_options *ndo, int pbit, pbyte; char ntop_buf[INET6_ADDRSTRLEN]; - if (!ND_TTEST2(*cp, 1)) + if (!ND_TTEST_1(cp)) return(NULL); - pbit = *cp; + pbit = EXTRACT_U_1(cp); pbyte = (pbit & ~7) / 8; if (pbit > 128) { ND_PRINT((ndo, " %u(bad plen)", pbit)); @@ -514,7 +525,7 @@ ns_rprint(netdissect_options *ndo, memset(&a, 0, sizeof(a)); memcpy(&a.s6_addr[pbyte], cp + 1, sizeof(a) - pbyte); ND_PRINT((ndo, " %u %s", pbit, - inet_ntop(AF_INET6, &a, ntop_buf, sizeof(ntop_buf)))); + addrtostr6(&a, ntop_buf, sizeof(ntop_buf)))); } if (pbit > 0) { ND_PRINT((ndo, " ")); @@ -523,12 +534,11 @@ ns_rprint(netdissect_options *ndo, } break; } -#endif /*INET6*/ case T_OPT: ND_PRINT((ndo, " UDPsize=%u", class)); if (opt_flags & 0x8000) - ND_PRINT((ndo, " OK")); + ND_PRINT((ndo, " DO")); break; case T_UNSPECA: /* One long string */ @@ -548,25 +558,25 @@ ns_rprint(netdissect_options *ndo, if ((cp = ns_nprint(ndo, cp, bp)) == NULL) return(NULL); cp += 6; - if (!ND_TTEST2(*cp, 2)) + if (!ND_TTEST_2(cp)) return(NULL); - ND_PRINT((ndo, " fudge=%u", EXTRACT_16BITS(cp))); + ND_PRINT((ndo, " fudge=%u", EXTRACT_BE_U_2(cp))); cp += 2; - if (!ND_TTEST2(*cp, 2)) + if (!ND_TTEST_2(cp)) return(NULL); - ND_PRINT((ndo, " maclen=%u", EXTRACT_16BITS(cp))); - cp += 2 + EXTRACT_16BITS(cp); - if (!ND_TTEST2(*cp, 2)) + ND_PRINT((ndo, " maclen=%u", EXTRACT_BE_U_2(cp))); + cp += 2 + EXTRACT_BE_U_2(cp); + if (!ND_TTEST_2(cp)) return(NULL); - ND_PRINT((ndo, " origid=%u", EXTRACT_16BITS(cp))); + ND_PRINT((ndo, " origid=%u", EXTRACT_BE_U_2(cp))); cp += 2; - if (!ND_TTEST2(*cp, 2)) + if (!ND_TTEST_2(cp)) return(NULL); - ND_PRINT((ndo, " error=%u", EXTRACT_16BITS(cp))); + ND_PRINT((ndo, " error=%u", EXTRACT_BE_U_2(cp))); cp += 2; - if (!ND_TTEST2(*cp, 2)) + if (!ND_TTEST_2(cp)) return(NULL); - ND_PRINT((ndo, " otherlen=%u", EXTRACT_16BITS(cp))); + ND_PRINT((ndo, " otherlen=%u", EXTRACT_BE_U_2(cp))); cp += 2; } } @@ -574,7 +584,7 @@ ns_rprint(netdissect_options *ndo, } void -ns_print(netdissect_options *ndo, +domain_print(netdissect_options *ndo, register const u_char *bp, u_int length, int is_mdns) { register const HEADER *np; @@ -585,15 +595,15 @@ ns_print(netdissect_options *ndo, np = (const HEADER *)bp; ND_TCHECK(*np); /* get the byte-order right */ - qdcount = EXTRACT_16BITS(&np->qdcount); - ancount = EXTRACT_16BITS(&np->ancount); - nscount = EXTRACT_16BITS(&np->nscount); - arcount = EXTRACT_16BITS(&np->arcount); + qdcount = EXTRACT_BE_U_2(&np->qdcount); + ancount = EXTRACT_BE_U_2(&np->ancount); + nscount = EXTRACT_BE_U_2(&np->nscount); + arcount = EXTRACT_BE_U_2(&np->arcount); if (DNS_QR(np)) { /* this is a response */ ND_PRINT((ndo, "%d%s%s%s%s%s%s", - EXTRACT_16BITS(&np->id), + EXTRACT_BE_U_2(&np->id), ns_ops[DNS_OPCODE(np)], ns_resp[DNS_RCODE(np)], DNS_AA(np)? "*" : "", @@ -606,7 +616,7 @@ ns_print(netdissect_options *ndo, /* Print QUESTION section on -vv */ cp = (const u_char *)(np + 1); while (qdcount--) { - if (qdcount < EXTRACT_16BITS(&np->qdcount) - 1) + if (qdcount < EXTRACT_BE_U_2(&np->qdcount) - 1) ND_PRINT((ndo, ",")); if (ndo->ndo_vflag > 1) { ND_PRINT((ndo, " q:")); @@ -660,12 +670,12 @@ ns_print(netdissect_options *ndo, } else { /* this is a request */ - ND_PRINT((ndo, "%d%s%s%s", EXTRACT_16BITS(&np->id), ns_ops[DNS_OPCODE(np)], - DNS_RD(np) ? "+" : "", - DNS_CD(np) ? "%" : "")); + ND_PRINT((ndo, "%d%s%s%s", EXTRACT_BE_U_2(&np->id), ns_ops[DNS_OPCODE(np)], + DNS_RD(np) ? "+" : "", + DNS_CD(np) ? "%" : "")); /* any weirdness? */ - b2 = EXTRACT_16BITS(((const u_short *)np)+1); + b2 = EXTRACT_BE_U_2(((const u_short *)np) + 1); if (b2 & 0x6cf) ND_PRINT((ndo, " [b2&3=0x%x]", b2));