X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/c1c3c77463d592cc576eaa491e604752044ca55a..51d034f45b672c2f1bfc8c185cd5bd0c6798531d:/print-juniper.c diff --git a/print-juniper.c b/print-juniper.c index 91d40b13..b8383032 100644 --- a/print-juniper.c +++ b/print-juniper.c @@ -12,9 +12,11 @@ * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE. * - * Original code by Hannes Gredler (hannes@juniper.net) + * Original code by Hannes Gredler (hannes@gredler.at) */ +/* \summary: DLT_JUNIPER_* printers */ + #ifndef lint #else __RCSID("NetBSD: print-juniper.c,v 1.3 2007/07/25 06:31:32 dogcow Exp "); @@ -24,7 +26,9 @@ __RCSID("NetBSD: print-juniper.c,v 1.3 2007/07/25 06:31:32 dogcow Exp "); #include "config.h" #endif -#include +#include + +#include #include "netdissect.h" #include "addrtoname.h" @@ -88,7 +92,7 @@ enum { }; /* 1 byte type and 1-byte length */ -#define JUNIPER_EXT_TLV_OVERHEAD 2 +#define JUNIPER_EXT_TLV_OVERHEAD 2U static const struct tok jnx_ext_tlv_values[] = { { JUNIPER_EXT_TLV_IFD_IDX, "Device Interface Index" }, @@ -447,8 +451,8 @@ static int juniper_parse_header(netdissect_options *, const u_char *, const stru #ifdef DLT_JUNIPER_GGSN u_int -juniper_ggsn_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_ggsn_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; struct juniper_ggsn_header { @@ -468,6 +472,7 @@ juniper_ggsn_print(netdissect_options *ndo, p+=l2info.header_len; gh = (struct juniper_ggsn_header *)&l2info.cookie; + ND_TCHECK(*gh); if (ndo->ndo_eflag) { ND_PRINT((ndo, "proto %s (%u), vlan %u: ", tok2str(juniper_protocol_values,"Unknown",gh->proto), @@ -488,13 +493,17 @@ juniper_ggsn_print(netdissect_options *ndo, } return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_ES u_int -juniper_es_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_es_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; struct juniper_ipsec_header { @@ -515,6 +524,7 @@ juniper_es_print(netdissect_options *ndo, p+=l2info.header_len; ih = (const struct juniper_ipsec_header *)p; + ND_TCHECK(*ih); switch (ih->type) { case JUNIPER_IPSEC_O_ESP_ENCRYPT_ESP_AUTHEN_TYPE: case JUNIPER_IPSEC_O_ESP_ENCRYPT_AH_AUTHEN_TYPE: @@ -560,13 +570,17 @@ juniper_es_print(netdissect_options *ndo, ip_print(ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_MONITOR u_int -juniper_monitor_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_monitor_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; struct juniper_monitor_header { @@ -584,6 +598,7 @@ juniper_monitor_print(netdissect_options *ndo, p+=l2info.header_len; mh = (const struct juniper_monitor_header *)p; + ND_TCHECK(*mh); if (ndo->ndo_eflag) ND_PRINT((ndo, "service-id %u, iif %u, pkt-type %u: ", EXTRACT_32BITS(&mh->service_id), @@ -594,13 +609,17 @@ juniper_monitor_print(netdissect_options *ndo, ip_heuristic_guess (ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_SERVICES u_int -juniper_services_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_services_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; struct juniper_services_header { @@ -618,6 +637,7 @@ juniper_services_print(netdissect_options *ndo, p+=l2info.header_len; sh = (const struct juniper_services_header *)p; + ND_TCHECK(*sh); if (ndo->ndo_eflag) ND_PRINT((ndo, "service-id %u flags 0x%02x service-set-id 0x%04x iif %u: ", sh->svc_id, @@ -629,13 +649,17 @@ juniper_services_print(netdissect_options *ndo, ip_heuristic_guess (ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_PPPOE u_int -juniper_pppoe_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_pppoe_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; @@ -652,8 +676,8 @@ juniper_pppoe_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_ETHER u_int -juniper_ether_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_ether_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; @@ -670,8 +694,8 @@ juniper_ether_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_PPP u_int -juniper_ppp_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_ppp_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; @@ -688,8 +712,8 @@ juniper_ppp_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_FRELAY u_int -juniper_frelay_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_frelay_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; @@ -706,8 +730,8 @@ juniper_frelay_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_CHDLC u_int -juniper_chdlc_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_chdlc_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; @@ -724,8 +748,8 @@ juniper_chdlc_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_PPPOE_ATM u_int -juniper_pppoe_atm_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_pppoe_atm_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; uint16_t extracted_ethertype; @@ -736,24 +760,30 @@ juniper_pppoe_atm_print(netdissect_options *ndo, p+=l2info.header_len; + ND_TCHECK2(p[0], 2); extracted_ethertype = EXTRACT_16BITS(p); /* this DLT contains nothing but raw PPPoE frames, * prepended with a type field*/ if (ethertype_print(ndo, extracted_ethertype, p+ETHERTYPE_LEN, l2info.length-ETHERTYPE_LEN, - l2info.caplen-ETHERTYPE_LEN) == 0) + l2info.caplen-ETHERTYPE_LEN, + NULL, NULL) == 0) /* ether_type not known, probably it wasn't one */ ND_PRINT((ndo, "unknown ethertype 0x%04x", extracted_ethertype)); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_pppoe_atm]")); + return l2info.header_len; } #endif #ifdef DLT_JUNIPER_MLPPP u_int -juniper_mlppp_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_mlppp_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; @@ -788,7 +818,7 @@ juniper_mlppp_print(netdissect_options *ndo, mpls_print(ndo, p, l2info.length); return l2info.header_len; case JUNIPER_LSQ_L3_PROTO_ISO: - isoclns_print(ndo, p, l2info.length, l2info.caplen); + isoclns_print(ndo, p, l2info.length); return l2info.header_len; default: break; @@ -812,11 +842,12 @@ juniper_mlppp_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_MFR u_int -juniper_mfr_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_mfr_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; + memset(&l2info, 0, sizeof(l2info)); l2info.pictype = DLT_JUNIPER_MFR; if (juniper_parse_header(ndo, p, h, &l2info) == 0) return l2info.header_len; @@ -842,7 +873,7 @@ juniper_mfr_print(netdissect_options *ndo, mpls_print(ndo, p, l2info.length); return l2info.header_len; case JUNIPER_LSQ_L3_PROTO_ISO: - isoclns_print(ndo, p, l2info.length, l2info.caplen); + isoclns_print(ndo, p, l2info.length); return l2info.header_len; default: break; @@ -855,13 +886,13 @@ juniper_mfr_print(netdissect_options *ndo, ND_PRINT((ndo, "Bundle-ID %u, ", l2info.bundle)); switch (l2info.proto) { case (LLCSAP_ISONS<<8 | LLCSAP_ISONS): - isoclns_print(ndo, p + 1, l2info.length - 1, l2info.caplen - 1); + isoclns_print(ndo, p + 1, l2info.length - 1); break; case (LLC_UI<<8 | NLPID_Q933): case (LLC_UI<<8 | NLPID_IP): case (LLC_UI<<8 | NLPID_IP6): /* pass IP{4,6} to the OSI layer for proper link-layer printing */ - isoclns_print(ndo, p - 1, l2info.length + 1, l2info.caplen + 1); + isoclns_print(ndo, p - 1, l2info.length + 1); break; default: ND_PRINT((ndo, "unknown protocol 0x%04x, length %u", l2info.proto, l2info.length)); @@ -873,8 +904,8 @@ juniper_mfr_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_MLFR u_int -juniper_mlfr_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_mlfr_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { struct juniper_l2info_t l2info; @@ -890,13 +921,13 @@ juniper_mlfr_print(netdissect_options *ndo, switch (l2info.proto) { case (LLC_UI): case (LLC_UI<<8): - isoclns_print(ndo, p, l2info.length, l2info.caplen); + isoclns_print(ndo, p, l2info.length); break; case (LLC_UI<<8 | NLPID_Q933): case (LLC_UI<<8 | NLPID_IP): case (LLC_UI<<8 | NLPID_IP6): /* pass IP{4,6} to the OSI layer for proper link-layer printing */ - isoclns_print(ndo, p - 1, l2info.length + 1, l2info.caplen + 1); + isoclns_print(ndo, p - 1, l2info.length + 1); break; default: ND_PRINT((ndo, "unknown protocol 0x%04x, length %u", l2info.proto, l2info.length)); @@ -916,8 +947,8 @@ juniper_mlfr_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_ATM1 u_int -juniper_atm1_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_atm1_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { int llc_hdrlen; @@ -934,6 +965,7 @@ juniper_atm1_print(netdissect_options *ndo, return l2info.header_len; } + ND_TCHECK2(p[0], 3); if (EXTRACT_24BITS(p) == 0xfefe03 || /* NLPID encaps ? */ EXTRACT_24BITS(p) == 0xaaaa03) { /* SNAP encaps ? */ @@ -943,7 +975,7 @@ juniper_atm1_print(netdissect_options *ndo, } if (p[0] == 0x03) { /* Cisco style NLPID encaps ? */ - isoclns_print(ndo, p + 1, l2info.length - 1, l2info.caplen - 1); + isoclns_print(ndo, p + 1, l2info.length - 1); /* FIXME check if frame was recognized */ return l2info.header_len; } @@ -952,6 +984,10 @@ juniper_atm1_print(netdissect_options *ndo, return l2info.header_len; return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_atm1]")); + return l2info.header_len; } #endif @@ -965,8 +1001,8 @@ juniper_atm1_print(netdissect_options *ndo, #ifdef DLT_JUNIPER_ATM2 u_int -juniper_atm2_print(netdissect_options *ndo, - const struct pcap_pkthdr *h, register const u_char *p) +juniper_atm2_if_print(netdissect_options *ndo, + const struct pcap_pkthdr *h, register const u_char *p) { int llc_hdrlen; @@ -983,6 +1019,7 @@ juniper_atm2_print(netdissect_options *ndo, return l2info.header_len; } + ND_TCHECK2(p[0], 3); if (EXTRACT_24BITS(p) == 0xfefe03 || /* NLPID encaps ? */ EXTRACT_24BITS(p) == 0xaaaa03) { /* SNAP encaps ? */ @@ -998,7 +1035,7 @@ juniper_atm2_print(netdissect_options *ndo, } if (p[0] == 0x03) { /* Cisco style NLPID encaps ? */ - isoclns_print(ndo, p + 1, l2info.length - 1, l2info.caplen - 1); + isoclns_print(ndo, p + 1, l2info.length - 1); /* FIXME check if frame was recognized */ return l2info.header_len; } @@ -1010,6 +1047,10 @@ juniper_atm2_print(netdissect_options *ndo, return l2info.header_len; return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_atm2]")); + return l2info.header_len; } #endif @@ -1032,10 +1073,8 @@ juniper_ppp_heuristic_guess(netdissect_options *ndo, case PPP_PAP : case PPP_CHAP : case PPP_ML : -#ifdef INET6 case PPP_IPV6 : case PPP_IPV6CP : -#endif ppp_print(ndo, p, length); break; @@ -1199,9 +1238,11 @@ juniper_parse_header(netdissect_options *ndo, tlv_len = *(tptr++); tlv_value = 0; - /* sanity check */ + /* sanity checks */ if (tlv_type == 0 || tlv_len == 0) break; + if (tlv_len+JUNIPER_EXT_TLV_OVERHEAD > jnx_ext_len) + goto trunc; if (ndo->ndo_vflag > 1) ND_PRINT((ndo, "\n\t %s Extension TLV #%u, length %u, value ", @@ -1274,6 +1315,7 @@ juniper_parse_header(netdissect_options *ndo, l2info->caplen -= l2info->header_len; /* search through the cookie table and copy values matching for our PIC type */ + ND_TCHECK(p[0]); while (lp->s != NULL) { if (lp->pictype == l2info->pictype) { @@ -1325,6 +1367,7 @@ juniper_parse_header(netdissect_options *ndo, if (ndo->ndo_eflag) ND_PRINT((ndo, ": ")); /* print demarc b/w L2/L3*/ + ND_TCHECK_16BITS(p+l2info->cookie_len); l2info->proto = EXTRACT_16BITS(p+l2info->cookie_len); break; } @@ -1354,6 +1397,7 @@ juniper_parse_header(netdissect_options *ndo, case DLT_JUNIPER_MLFR: switch (l2info->cookie_type) { case LS_COOKIE_ID: + ND_TCHECK2(p[0], 2); l2info->bundle = l2info->cookie[1]; l2info->proto = EXTRACT_16BITS(p); l2info->header_len += 2; @@ -1377,6 +1421,7 @@ juniper_parse_header(netdissect_options *ndo, case DLT_JUNIPER_MFR: switch (l2info->cookie_type) { case LS_COOKIE_ID: + ND_TCHECK2(p[0], 2); l2info->bundle = l2info->cookie[1]; l2info->proto = EXTRACT_16BITS(p); l2info->header_len += 2;