X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/7a2f97ed05068da9764efe57664519889c45af48..19e9fbaa1396067396b8fbfa2b9af65eae8cb3a5:/print-ldp.c diff --git a/print-ldp.c b/print-ldp.c index 3e643a4d..c42ee224 100644 --- a/print-ldp.c +++ b/print-ldp.c @@ -16,7 +16,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-ldp.c,v 1.8.2.3 2005-04-27 18:56:51 hannes Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ldp.c,v 1.8.2.8 2006-02-03 08:42:30 hannes Exp $"; #endif #ifdef HAVE_CONFIG_H @@ -116,7 +116,7 @@ static const struct tok ldp_msg_values[] = { { LDP_MSG_INIT, "Initialization" }, { LDP_MSG_KEEPALIVE, "Keepalive" }, { LDP_MSG_ADDRESS, "Address" }, - { LDP_MSG_ADDRESS_WITHDRAW, "Address Widthdraw" }, + { LDP_MSG_ADDRESS_WITHDRAW, "Address Withdraw" }, { LDP_MSG_LABEL_MAPPING, "Label Mapping" }, { LDP_MSG_LABEL_REQUEST, "Label Request" }, { LDP_MSG_LABEL_WITHDRAW, "Label Withdraw" }, @@ -215,8 +215,10 @@ static const struct tok ldp_fec_martini_ifparm_vccv_cv_values[] = { }; /* RFC1700 address family numbers, same definition in print-bgp.c */ +/* FIXME: move all AF stuff into dedicated files */ #define AFNUM_INET 1 #define AFNUM_INET6 2 +#define AFNUM_LEN 2 #define FALSE 0 #define TRUE 1 @@ -296,21 +298,24 @@ ldp_tlv_print(register const u_char *tptr) { case LDP_TLV_ADDRESS_LIST: af = EXTRACT_16BITS(tptr); - tptr+=2; - printf("\n\t Adress Family: "); + tptr+=AFNUM_LEN; + tlv_tlen -= AFNUM_LEN; + printf("\n\t Address Family: "); if (af == AFNUM_INET) { printf("IPv4, addresses:"); - for (i=0; i<(tlv_tlen-2)/4; i++) { + while(tlv_tlen >= sizeof(struct in_addr)) { printf(" %s",ipaddr_string(tptr)); - tptr+=4; + tlv_tlen-=sizeof(struct in_addr); + tptr+=sizeof(struct in_addr); } } #ifdef INET6 else if (af == AFNUM_INET6) { printf("IPv6, addresses:"); - for (i=0; i<(tlv_tlen-2)/16; i++) { + while(tlv_tlen >= sizeof(struct in6_addr)) { printf(" %s",ip6addr_string(tptr)); - tptr+=16; + tlv_tlen-=sizeof(struct in6_addr); + tptr+=sizeof(struct in6_addr); } } #endif @@ -352,20 +357,31 @@ ldp_tlv_print(register const u_char *tptr) { case LDP_FEC_HOSTADDRESS: break; case LDP_FEC_MARTINI_VC: + if (!TTEST2(*tptr, 11)) + goto trunc; vc_info_len = *(tptr+2); + printf(": %s, %scontrol word, group-ID %u, VC-ID %u, VC-info-length: %u", tok2str(l2vpn_encaps_values, "Unknown", EXTRACT_16BITS(tptr)&0x7fff), EXTRACT_16BITS(tptr)&0x8000 ? "" : "no ", EXTRACT_32BITS(tptr+3), EXTRACT_32BITS(tptr+7), vc_info_len); + + if (vc_info_len == 0) /* infinite loop protection */ + break; + tptr+=11; + if (!TTEST2(*tptr, vc_info_len)) + goto trunc; while (vc_info_len > 2) { vc_info_tlv_type = *tptr; vc_info_tlv_len = *(tptr+1); if (vc_info_tlv_len < 2) break; + if (vc_info_len < vc_info_tlv_len) + break; printf("\n\t\tInterface Parameter: %s (0x%02x), len %u", tok2str(ldp_fec_martini_ifparm_values,"Unknown",vc_info_tlv_type), @@ -463,6 +479,10 @@ ldp_tlv_print(register const u_char *tptr) { break; } return(tlv_len+4); /* Type & Length fields not included */ + +trunc: + printf("\n\t\t packet exceeded snapshot"); + return 0; } void @@ -559,6 +579,8 @@ ldp_msg_print(register const u_char *pptr) { case LDP_MSG_KEEPALIVE: case LDP_MSG_ADDRESS: case LDP_MSG_LABEL_MAPPING: + case LDP_MSG_ADDRESS_WITHDRAW: + case LDP_MSG_LABEL_WITHDRAW: while(msg_tlen >= 4) { processed = ldp_tlv_print(msg_tptr); if (processed == 0) @@ -573,9 +595,7 @@ ldp_msg_print(register const u_char *pptr) { * you are welcome to contribute code ;-) */ - case LDP_MSG_ADDRESS_WITHDRAW: case LDP_MSG_LABEL_REQUEST: - case LDP_MSG_LABEL_WITHDRAW: case LDP_MSG_LABEL_RELEASE: case LDP_MSG_LABEL_ABORT_REQUEST: