X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/c36abfe8a86fb2e3d8256fa53d6569a4aa65b39c..5ef0bcb5edd748de9d9af13c40da0395dfdd94e8:/print-isoclns.c diff --git a/print-isoclns.c b/print-isoclns.c index 361497ae..44d1aa73 100644 --- a/print-isoclns.c +++ b/print-isoclns.c @@ -29,7 +29,7 @@ /* * specification: * - * CLNP: ISO 8473 (respective ITU version is at http://www.itu.int/rec/T-REC-X.233/en/) + * CLNP: ISO 8473 (respective ITU version is at https://www.itu.int/rec/T-REC-X.233/en/) * ES-IS: ISO 9542 * IS-IS: ISO 10589 */ @@ -106,7 +106,7 @@ static const struct tok isis_pdu_values[] = { #define ISIS_TLV_PART_DIS 4 /* iso10589 */ #define ISIS_TLV_PREFIX_NEIGH 5 /* iso10589 */ #define ISIS_TLV_ISNEIGH 6 /* iso10589 */ -#define ISIS_TLV_ISNEIGH_VARLEN 7 /* iso10589 */ +#define ISIS_TLV_INSTANCE_ID 7 /* rfc8202 */ #define ISIS_TLV_PADDING 8 /* iso10589 */ #define ISIS_TLV_LSP 9 /* iso10589 */ #define ISIS_TLV_AUTH 10 /* iso10589, rfc3567 */ @@ -114,7 +114,6 @@ static const struct tok isis_pdu_values[] = { #define ISIS_TLV_CHECKSUM_MINLEN 2 #define ISIS_TLV_POI 13 /* rfc6232 */ #define ISIS_TLV_LSP_BUFFERSIZE 14 /* iso10589 rev2 */ -#define ISIS_TLV_LSP_BUFFERSIZE_MINLEN 2 #define ISIS_TLV_EXT_IS_REACH 22 /* rfc5305 */ #define ISIS_TLV_IS_ALIAS_ID 24 /* rfc5311 */ #define ISIS_TLV_DECNET_PHASE4 42 @@ -123,7 +122,6 @@ static const struct tok isis_pdu_values[] = { #define ISIS_TLV_PROTOCOLS 129 /* rfc1195 */ #define ISIS_TLV_EXT_IP_REACH 130 /* rfc1195, rfc2966 */ #define ISIS_TLV_IDRP_INFO 131 /* rfc1195 */ -#define ISIS_TLV_IDRP_INFO_MINLEN 1 #define ISIS_TLV_IPADDR 132 /* rfc1195 */ #define ISIS_TLV_IPAUTH 133 /* rfc1195 */ #define ISIS_TLV_TE_ROUTER_ID 134 /* rfc5305 */ @@ -139,14 +137,13 @@ static const struct tok isis_pdu_values[] = { #define ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN 2 #define ISIS_TLV_MT_IS_REACH 222 /* draft-ietf-isis-wg-multi-topology-05 */ #define ISIS_TLV_MT_SUPPORTED 229 /* draft-ietf-isis-wg-multi-topology-05 */ -#define ISIS_TLV_MT_SUPPORTED_MINLEN 2 #define ISIS_TLV_IP6ADDR 232 /* draft-ietf-isis-ipv6-02 */ #define ISIS_TLV_MT_IP_REACH 235 /* draft-ietf-isis-wg-multi-topology-05 */ #define ISIS_TLV_IP6_REACH 236 /* draft-ietf-isis-ipv6-02 */ #define ISIS_TLV_MT_IP6_REACH 237 /* draft-ietf-isis-wg-multi-topology-05 */ #define ISIS_TLV_PTP_ADJ 240 /* rfc3373 */ #define ISIS_TLV_IIH_SEQNR 241 /* draft-shen-isis-iih-sequence-00 */ -#define ISIS_TLV_IIH_SEQNR_MINLEN 4 +#define ISIS_TLV_ROUTER_CAPABILITY 242 /* rfc7981 */ #define ISIS_TLV_VENDOR_PRIVATE 250 /* draft-ietf-isis-experimental-tlv-01 */ #define ISIS_TLV_VENDOR_PRIVATE_MINLEN 3 @@ -157,7 +154,7 @@ static const struct tok isis_tlv_values[] = { { ISIS_TLV_PART_DIS, "Partition DIS"}, { ISIS_TLV_PREFIX_NEIGH, "Prefix Neighbors"}, { ISIS_TLV_ISNEIGH, "IS Neighbor(s)"}, - { ISIS_TLV_ISNEIGH_VARLEN, "IS Neighbor(s) (variable length)"}, + { ISIS_TLV_INSTANCE_ID, "Instance Identifier"}, { ISIS_TLV_PADDING, "Padding"}, { ISIS_TLV_LSP, "LSP entries"}, { ISIS_TLV_AUTH, "Authentication"}, @@ -191,6 +188,7 @@ static const struct tok isis_tlv_values[] = { { ISIS_TLV_MT_IP6_REACH, "Multi-Topology IP6 Reachability"}, { ISIS_TLV_PTP_ADJ, "Point-to-point Adjacency State"}, { ISIS_TLV_IIH_SEQNR, "Hello PDU Sequence Number"}, + { ISIS_TLV_ROUTER_CAPABILITY, "IS-IS Router Capability"}, { ISIS_TLV_VENDOR_PRIVATE, "Vendor Private"}, { 0, NULL } }; @@ -344,6 +342,25 @@ static const struct tok clnp_option_qos_global_values[] = { { 0, NULL } }; +static const struct tok isis_tlv_router_capability_flags[] = { + { 0x01, "S bit"}, + { 0x02, "D bit"}, + { 0, NULL } +}; + +#define ISIS_SUBTLV_ROUTER_CAP_SR 2 /* rfc 8667 */ + +static const struct tok isis_router_capability_subtlv_values[] = { + { ISIS_SUBTLV_ROUTER_CAP_SR, "SR-Capabilities"}, + { 0, NULL } +}; + +static const struct tok isis_router_capability_sr_flags[] = { + { 0x80, "ipv4"}, + { 0x40, "ipv6"}, + { 0, NULL } +}; + #define ISIS_SUBTLV_EXT_IS_REACH_ADMIN_GROUP 3 /* rfc5305 */ #define ISIS_SUBTLV_EXT_IS_REACH_LINK_LOCAL_REMOTE_ID 4 /* rfc4205 */ #define ISIS_SUBTLV_EXT_IS_REACH_LINK_REMOTE_ID 5 /* rfc5305 */ @@ -358,6 +375,7 @@ static const struct tok clnp_option_qos_global_values[] = { #define ISIS_SUBTLV_EXT_IS_REACH_LINK_PROTECTION_TYPE 20 /* rfc4205 */ #define ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR 21 /* rfc4205 */ #define ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS 22 /* rfc4124 */ +#define ISIS_SUBTLV_EXT_IS_REACH_LAN_ADJ_SEGMENT_ID 32 /* rfc8667 */ #define ISIS_SUBTLV_SPB_METRIC 29 /* rfc6329 */ @@ -376,6 +394,7 @@ static const struct tok isis_ext_is_reach_subtlv_values[] = { { ISIS_SUBTLV_EXT_IS_REACH_INTF_SW_CAP_DESCR, "Interface Switching Capability" }, { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS_OLD, "Bandwidth Constraints (old)" }, { ISIS_SUBTLV_EXT_IS_REACH_BW_CONSTRAINTS, "Bandwidth Constraints" }, + { ISIS_SUBTLV_EXT_IS_REACH_LAN_ADJ_SEGMENT_ID, "LAN Adjacency Segment Identifier" }, { ISIS_SUBTLV_SPB_METRIC, "SPB Metric" }, { 250, "Reserved for cisco specific extensions" }, { 251, "Reserved for cisco specific extensions" }, @@ -388,15 +407,42 @@ static const struct tok isis_ext_is_reach_subtlv_values[] = { #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32 1 /* draft-ietf-isis-admin-tags-01 */ #define ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64 2 /* draft-ietf-isis-admin-tags-01 */ +#define ISIS_SUBTLV_EXTD_IP_REACH_PREFIX_SID 3 /* rfc8667 */ #define ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR 117 /* draft-ietf-isis-wg-multi-topology-05 */ static const struct tok isis_ext_ip_reach_subtlv_values[] = { { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG32, "32-Bit Administrative tag" }, { ISIS_SUBTLV_EXTD_IP_REACH_ADMIN_TAG64, "64-Bit Administrative tag" }, + { ISIS_SUBTLV_EXTD_IP_REACH_PREFIX_SID, "Prefix SID" }, { ISIS_SUBTLV_EXTD_IP_REACH_MGMT_PREFIX_COLOR, "Management Prefix Color" }, { 0, NULL } }; +#define ISIS_PREFIX_SID_FLAG_R 0x80 /* rfc 8667 */ +#define ISIS_PREFIX_SID_FLAG_N 0x40 /* rfc 8667 */ +#define ISIS_PREFIX_SID_FLAG_P 0x20 /* rfc 8667 */ +#define ISIS_PREFIX_SID_FLAG_E 0x10 /* rfc 8667 */ +#define ISIS_PREFIX_SID_FLAG_V 0x08 /* rfc 8667 */ +#define ISIS_PREFIX_SID_FLAG_L 0x04 /* rfc 8667 */ + +static const struct tok prefix_sid_flag_values[] = { + { ISIS_PREFIX_SID_FLAG_R, "Readvertisement"}, + { ISIS_PREFIX_SID_FLAG_N, "Node"}, + { ISIS_PREFIX_SID_FLAG_P, "No-PHP"}, + { ISIS_PREFIX_SID_FLAG_E, "Explicit NULL"}, + { ISIS_PREFIX_SID_FLAG_V, "Value"}, + { ISIS_PREFIX_SID_FLAG_L, "Local"}, + { 0, NULL} +}; + + +/* rfc 8667 */ +static const struct tok prefix_sid_algo_values[] = { + { 0, "SPF"}, + { 1, "strict-SPF"}, + { 0, NULL} +}; + static const struct tok isis_subtlv_link_attribute_values[] = { { 0x01, "Local Protection Available" }, { 0x02, "Link excluded from local protection path" }, @@ -404,6 +450,16 @@ static const struct tok isis_subtlv_link_attribute_values[] = { { 0, NULL } }; +static const struct tok isis_lan_adj_sid_flag_values[] = { + { 0x80, "Address family IPv6" }, + { 0x40, "Backup" }, + { 0x20, "Value" }, + { 0x10, "Local significance" }, + { 0x08, "Set of adjacencies" }, + { 0x04, "Persistent" }, + { 0, NULL } +}; + #define ISIS_SUBTLV_AUTH_SIMPLE 1 #define ISIS_SUBTLV_AUTH_GENERIC 3 /* rfc 5310 */ #define ISIS_SUBTLV_AUTH_MD5 54 @@ -679,7 +735,6 @@ void isoclns_print(netdissect_options *ndo, const u_char *p, u_int length) { ndo->ndo_protocol = "isoclns"; - ND_TCHECK_1(p); /* enough bytes on the wire ? */ if (ndo->ndo_eflag) ND_PRINT("OSI NLPID %s (0x%02x): ", @@ -730,9 +785,6 @@ isoclns_print(netdissect_options *ndo, const u_char *p, u_int length) print_unknown_data(ndo, p, "\n\t", length); break; } - return; -trunc: - nd_print_trunc(ndo); } #define CLNP_PDU_ER 1 @@ -790,7 +842,7 @@ clnp_print(netdissect_options *ndo, optr = pptr; if (!ndo->ndo_eflag) - ND_PRINT("CLNP"); + nd_print_protocol_caps(ndo); /* * Sanity checking of the header. @@ -828,7 +880,6 @@ clnp_print(netdissect_options *ndo, ND_PRINT("li < size of fixed part of CLNP header and addresses"); return (0); } - ND_TCHECK_1(pptr); dest_address_length = GET_U_1(pptr); pptr += 1; li_remaining -= 1; @@ -845,7 +896,6 @@ clnp_print(netdissect_options *ndo, ND_PRINT("li < size of fixed part of CLNP header and addresses"); return (0); } - ND_TCHECK_1(pptr); source_address_length = GET_U_1(pptr); pptr += 1; li_remaining -= 1; @@ -861,8 +911,8 @@ clnp_print(netdissect_options *ndo, if (ndo->ndo_vflag < 1) { ND_PRINT("%s%s > %s, %s, length %u", ndo->ndo_eflag ? "" : ", ", - isonsap_string(ndo, source_address, source_address_length), - isonsap_string(ndo, dest_address, dest_address_length), + GET_ISONSAP_STRING(source_address, source_address_length), + GET_ISONSAP_STRING(dest_address, dest_address_length), tok2str(clnp_pdu_values,"unknown (%u)",clnp_pdu_type), length); return (1); @@ -886,9 +936,9 @@ clnp_print(netdissect_options *ndo, ND_PRINT("\n\tsource address (length %u): %s\n\tdest address (length %u): %s", source_address_length, - isonsap_string(ndo, source_address, source_address_length), + GET_ISONSAP_STRING(source_address, source_address_length), dest_address_length, - isonsap_string(ndo, dest_address, dest_address_length)); + GET_ISONSAP_STRING(dest_address, dest_address_length)); if (clnp_flags & CLNP_SEGMENT_PART) { if (li_remaining < sizeof(struct clnp_segment_header_t)) { @@ -914,7 +964,6 @@ clnp_print(netdissect_options *ndo, ND_PRINT(", bad opts/li"); return (0); } - ND_TCHECK_2(pptr); op = GET_U_1(pptr); opli = GET_U_1(pptr + 1); pptr += 2; @@ -973,11 +1022,9 @@ clnp_print(netdissect_options *ndo, } if (source_address_length > 0) { source_address=(tptr+1); - ND_TCHECK_LEN(source_address, - source_address_length); ND_PRINT("\n\t NSAP address (length %u): %s", source_address_length, - isonsap_string(ndo, source_address, source_address_length)); + GET_ISONSAP_STRING(source_address, source_address_length)); } tlen-=source_address_length+1; } @@ -1053,7 +1100,6 @@ clnp_print(netdissect_options *ndo, case CLNP_PDU_ER: /* fall through */ case CLNP_PDU_ERP: - ND_TCHECK_1(pptr); if (GET_U_1(pptr) == NLPID_CLNP) { ND_PRINT("\n\t-----original packet-----\n\t"); /* FIXME recursion protection */ @@ -1079,9 +1125,9 @@ clnp_print(netdissect_options *ndo, default: /* dump the PDU specific data */ - if (length-(pptr-optr) > 0) { + if (length > ND_BYTES_BETWEEN(pptr, optr)) { ND_PRINT("\n\t undecoded non-header data, length %u", length-li); - print_unknown_data(ndo, pptr, "\n\t ", length - (int)(pptr - optr)); + print_unknown_data(ndo, pptr, "\n\t ", length - ND_BYTES_BETWEEN(pptr, optr)); } } @@ -1218,7 +1264,7 @@ esis_print(netdissect_options *ndo, dst = pptr; pptr += dstl; li -= dstl; - ND_PRINT("\n\t %s", isonsap_string(ndo, dst, dstl)); + ND_PRINT("\n\t %s", GET_ISONSAP_STRING(dst, dstl)); ND_TCHECK_1(pptr); if (li < 1) { @@ -1255,15 +1301,15 @@ esis_print(netdissect_options *ndo, if (snpal == 6) ND_PRINT("\n\t SNPA (length: %u): %s", snpal, - etheraddr_string(ndo, snpa)); + GET_ETHERADDR_STRING(snpa)); else ND_PRINT("\n\t SNPA (length: %u): %s", snpal, - linkaddr_string(ndo, snpa, LINKADDR_OTHER, snpal)); + GET_LINKADDR_STRING(snpa, LINKADDR_OTHER, snpal)); if (netal != 0) ND_PRINT("\n\t NET (length: %u) %s", netal, - isonsap_string(ndo, neta, netal)); + GET_ISONSAP_STRING(neta, netal)); break; } @@ -1296,7 +1342,7 @@ esis_print(netdissect_options *ndo, } ND_PRINT("\n\t NET (length: %u): %s", source_address_length, - isonsap_string(ndo, pptr, source_address_length)); + GET_ISONSAP_STRING(pptr, source_address_length)); pptr += source_address_length; li -= source_address_length; source_address_number--; @@ -1318,7 +1364,7 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad ish/li"); return; } - ND_PRINT("\n\t NET (length: %u): %s", source_address_length, isonsap_string(ndo, pptr, source_address_length)); + ND_PRINT("\n\t NET (length: %u): %s", source_address_length, GET_ISONSAP_STRING(pptr, source_address_length)); pptr += source_address_length; li -= source_address_length; break; @@ -1326,8 +1372,12 @@ esis_print(netdissect_options *ndo, default: if (ndo->ndo_vflag <= 1) { - if (pptr < ndo->ndo_snapend) - print_unknown_data(ndo, pptr, "\n\t ", (int)(ndo->ndo_snapend - pptr)); + /* + * If there's at least one byte to print, print + * it/them. + */ + if (ND_TTEST_LEN(pptr, 1)) + print_unknown_data(ndo, pptr, "\n\t ", ND_BYTES_AVAILABLE_AFTER(pptr)); } return; } @@ -1341,7 +1391,6 @@ esis_print(netdissect_options *ndo, ND_PRINT(", bad opts/li"); return; } - ND_TCHECK_2(pptr); op = GET_U_1(pptr); opli = GET_U_1(pptr + 1); pptr += 2; @@ -1370,7 +1419,6 @@ esis_print(netdissect_options *ndo, case ESIS_OPTION_PROTOCOLS: while (opli>0) { - ND_TCHECK_1(tptr); ND_PRINT("%s (0x%02x)", tok2str(nlpid_values, "unknown", @@ -1442,7 +1490,6 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, while (len > 2) { - ND_TCHECK_2(tptr); stlv_type = GET_U_1(tptr); stlv_len = GET_U_1(tptr + 1); @@ -1452,13 +1499,13 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, stlv_type, stlv_len); - tptr = tptr + 2; + tptr += 2; /*len -= TLV_TYPE_LEN_OFFSET;*/ - len = len - 2; + len -= 2; /* Make sure the subTLV fits within the space left */ if (len < stlv_len) - goto trunc; + goto subtlv_too_long; /* Make sure the entire subTLV is in the captured data */ ND_TCHECK_LEN(tptr, stlv_len); @@ -1467,7 +1514,7 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, case ISIS_SUBTLV_SPB_MCID: { if (stlv_len < ISIS_SUBTLV_SPB_MCID_MIN_LEN) - goto trunc; + goto subtlv_too_short; subtlv_spb_mcid = (const struct isis_subtlv_spb_mcid *)tptr; @@ -1482,9 +1529,9 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, /*tptr += SPB_MCID_MIN_LEN; len -= SPB_MCID_MIN_LEN; */ - tptr = tptr + ISIS_SUBTLV_SPB_MCID_MIN_LEN; - len = len - ISIS_SUBTLV_SPB_MCID_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_MCID_MIN_LEN; + tptr += ISIS_SUBTLV_SPB_MCID_MIN_LEN; + len -= ISIS_SUBTLV_SPB_MCID_MIN_LEN; + stlv_len -= ISIS_SUBTLV_SPB_MCID_MIN_LEN; break; } @@ -1492,7 +1539,7 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, case ISIS_SUBTLV_SPB_DIGEST: { if (stlv_len < ISIS_SUBTLV_SPB_DIGEST_MIN_LEN) - goto trunc; + goto subtlv_too_short; ND_PRINT("\n\t RES: %u V: %u A: %u D: %u", (GET_U_1(tptr) >> 5), @@ -1509,32 +1556,38 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, ND_PRINT("%08x ", GET_BE_U_4(tptr)); if (i%4 == 0 && i != 8) ND_PRINT("\n\t "); - tptr = tptr + 4; + tptr += 4; } - len = len - ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; + len -= ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; + stlv_len -= ISIS_SUBTLV_SPB_DIGEST_MIN_LEN; break; } case ISIS_SUBTLV_SPB_BVID: { - while (stlv_len >= ISIS_SUBTLV_SPB_BVID_MIN_LEN) + while (stlv_len != 0) { + if (stlv_len < 4) + goto subtlv_too_short; ND_PRINT("\n\t ECT: %08x", GET_BE_U_4(tptr)); - tptr = tptr+4; + tptr += 4; + len -= 4; + stlv_len -= 4; + if (stlv_len < 2) + goto subtlv_too_short; ND_PRINT(" BVID: %u, U:%01x M:%01x ", (GET_BE_U_2(tptr) >> 4) , (GET_BE_U_2(tptr) >> 3) & 0x01, (GET_BE_U_2(tptr) >> 2) & 0x01); - tptr = tptr + 2; - len = len - ISIS_SUBTLV_SPB_BVID_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_BVID_MIN_LEN; + tptr += 2; + len -= 2; + stlv_len -= 2; } break; @@ -1546,12 +1599,19 @@ isis_print_mt_port_cap_subtlv(netdissect_options *ndo, tptr += stlv_len; len -= stlv_len; } + return (0); + +trunc: + nd_print_trunc(ndo); + return (1); - return 0; +subtlv_too_long: + ND_PRINT(" (> containing TLV length)"); + return (1); - trunc: - nd_print_trunc(ndo); - return(1); +subtlv_too_short: + ND_PRINT(" (too short)"); + return (1); } static int @@ -1562,11 +1622,10 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, while (len > 2) { - ND_TCHECK_2(tptr); stlv_type = GET_U_1(tptr); stlv_len = GET_U_1(tptr + 1); - tptr = tptr + 2; - len = len - 2; + tptr += 2; + len -= 2; /* first lets see if we know the subTLVs name*/ ND_PRINT("\n\t %s subTLV #%u, length: %u", @@ -1576,7 +1635,7 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, /* Make sure the subTLV fits within the space left */ if (len < stlv_len) - goto trunc; + goto subtlv_too_long; /* Make sure the entire subTLV is in the captured data */ ND_TCHECK_LEN(tptr, stlv_len); @@ -1584,30 +1643,30 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, { case ISIS_SUBTLV_SPB_INSTANCE: if (stlv_len < ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN) - goto trunc; + goto subtlv_too_short; ND_PRINT("\n\t CIST Root-ID: %08x", GET_BE_U_4(tptr)); - tptr = tptr+4; + tptr += 4; ND_PRINT(" %08x", GET_BE_U_4(tptr)); - tptr = tptr+4; + tptr += 4; ND_PRINT(", Path Cost: %08x", GET_BE_U_4(tptr)); - tptr = tptr+4; + tptr += 4; ND_PRINT(", Prio: %u", GET_BE_U_2(tptr)); - tptr = tptr + 2; + tptr += 2; ND_PRINT("\n\t RES: %u", GET_BE_U_2(tptr) >> 5); ND_PRINT(", V: %u", (GET_BE_U_2(tptr) >> 4) & 0x0001); ND_PRINT(", SPSource-ID: %u", (GET_BE_U_4(tptr) & 0x000fffff)); - tptr = tptr+4; + tptr += 4; ND_PRINT(", No of Trees: %x", GET_U_1(tptr)); treecount = GET_U_1(tptr); tptr++; - len = len - ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; + len -= ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; + stlv_len -= ISIS_SUBTLV_SPB_INSTANCE_MIN_LEN; while (treecount) { @@ -1624,15 +1683,15 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, ND_PRINT(", ECT: %08x", GET_BE_U_4(tptr)); - tptr = tptr + 4; + tptr += 4; ND_PRINT(", BVID: %u, SPVID: %u", (GET_BE_U_3(tptr) >> 12) & 0x000fff, GET_BE_U_3(tptr) & 0x000fff); - tptr = tptr + 3; - len = len - ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; - stlv_len = stlv_len - ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; + tptr += 3; + len -= ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; + stlv_len -= ISIS_SUBTLV_SPB_INSTANCE_VLAN_TUPLE_LEN; treecount--; } @@ -1643,28 +1702,27 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, goto trunc; ND_PRINT("\n\t BMAC: %08x", GET_BE_U_4(tptr)); - tptr = tptr+4; + tptr += 4; ND_PRINT("%04x", GET_BE_U_2(tptr)); - tptr = tptr+2; + tptr += 2; ND_PRINT(", RES: %u, VID: %u", GET_BE_U_2(tptr) >> 12, (GET_BE_U_2(tptr)) & 0x0fff); - tptr = tptr+2; - len = len - 8; - stlv_len = stlv_len - 8; + tptr += 2; + len -= 8; + stlv_len -= 8; while (stlv_len >= 4) { - ND_TCHECK_4(tptr); ND_PRINT("\n\t T: %u, R: %u, RES: %u, ISID: %u", (GET_BE_U_4(tptr) >> 31), (GET_BE_U_4(tptr) >> 30) & 0x01, (GET_BE_U_4(tptr) >> 24) & 0x03f, (GET_BE_U_4(tptr)) & 0x0ffffff); - tptr = tptr + 4; - len = len - 4; - stlv_len = stlv_len - 4; + tptr += 4; + len -= 4; + stlv_len -= 4; } break; @@ -1675,11 +1733,19 @@ isis_print_mt_capability_subtlv(netdissect_options *ndo, tptr += stlv_len; len -= stlv_len; } - return 0; + return (0); - trunc: - nd_print_trunc(ndo); - return(1); +trunc: + nd_print_trunc(ndo); + return (1); + +subtlv_too_long: + ND_PRINT(" (> containing TLV length)"); + return (1); + +subtlv_too_short: + ND_PRINT(" (too short)"); + return (1); } /* shared routine for printing system, node and lsp-ids */ @@ -1695,19 +1761,19 @@ isis_print_id(netdissect_options *ndo, const uint8_t *cp, u_int id_len) if (sysid_len > id_len) sysid_len = id_len; for (i = 1; i <= sysid_len; i++) { - nd_snprintf(pos, sizeof(id) - (pos - id), "%02x", GET_U_1(cp)); + snprintf(pos, sizeof(id) - (pos - id), "%02x", GET_U_1(cp)); cp++; pos += strlen(pos); if (i == 2 || i == 4) *pos++ = '.'; } if (id_len >= NODE_ID_LEN) { - nd_snprintf(pos, sizeof(id) - (pos - id), ".%02x", GET_U_1(cp)); + snprintf(pos, sizeof(id) - (pos - id), ".%02x", GET_U_1(cp)); cp++; pos += strlen(pos); } if (id_len == LSP_ID_LEN) - nd_snprintf(pos, sizeof(id) - (pos - id), "-%02x", GET_U_1(cp)); + snprintf(pos, sizeof(id) - (pos - id), "-%02x", GET_U_1(cp)); return (id); } @@ -1746,9 +1812,9 @@ isis_print_tlv_ip_reach(netdissect_options *ndo, while (length > 0) { if ((size_t)length < sizeof(*tlv_ip_reach)) { - ND_PRINT("short IPv4 Reachability (%u vs %lu)", + ND_PRINT("short IPv4 Reachability (%u vs %zu)", length, - (unsigned long)sizeof(*tlv_ip_reach)); + sizeof(*tlv_ip_reach)); return (0); } @@ -1759,12 +1825,12 @@ isis_print_tlv_ip_reach(netdissect_options *ndo, if (prefix_len == -1) ND_PRINT("%sIPv4 prefix: %s mask %s", ident, - ipaddr_string(ndo, (tlv_ip_reach->prefix)), - ipaddr_string(ndo, (tlv_ip_reach->mask))); + GET_IPADDR_STRING(tlv_ip_reach->prefix), + GET_IPADDR_STRING(tlv_ip_reach->mask)); else ND_PRINT("%sIPv4 prefix: %15s/%u", ident, - ipaddr_string(ndo, (tlv_ip_reach->prefix)), + GET_IPADDR_STRING(tlv_ip_reach->prefix), prefix_len); ND_PRINT(", Distribution: %s, Metric: %u, %s", @@ -1835,6 +1901,35 @@ isis_print_ip_reach_subtlv(netdissect_options *ndo, subl-=8; } break; + case ISIS_SUBTLV_EXTD_IP_REACH_PREFIX_SID: + { + uint8_t algo, flags; + uint32_t sid; + + flags = GET_U_1(tptr); + algo = GET_U_1(tptr+1); + + if (flags & ISIS_PREFIX_SID_FLAG_V) { + if (subl < 5) + goto trunc; + sid = GET_BE_U_3(tptr+2); + tptr+=5; + subl-=5; + } else { + if (subl < 6) + goto trunc; + sid = GET_BE_U_4(tptr+2); + tptr+=6; + subl-=6; + } + + ND_PRINT(", Flags [%s], Algo %s (%u), %s %u", + bittok2str(prefix_sid_flag_values, "None", flags), + tok2str(prefix_sid_algo_values, "Unknown", algo), algo, + flags & ISIS_PREFIX_SID_FLAG_V ? "label" : "index", + sid); + } + break; default: if (!print_unknown_data(ndo, tptr, "\n\t\t ", subl)) return(0); @@ -1873,6 +1968,7 @@ isis_print_ext_is_reach(netdissect_options *ndo, ND_PRINT("%sIS Neighbor: %s", ident, isis_print_id(ndo, tptr, NODE_ID_LEN)); tptr+=NODE_ID_LEN; tlv_remaining-=NODE_ID_LEN; + proc_bytes+=NODE_ID_LEN; if (tlv_type != ISIS_TLV_IS_ALIAS_ID) { /* the Alias TLV Metric field is implicit 0 */ ND_TCHECK_3(tptr); @@ -1881,6 +1977,7 @@ isis_print_ext_is_reach(netdissect_options *ndo, ND_PRINT(", Metric: %u", GET_BE_U_3(tptr)); tptr+=3; tlv_remaining-=3; + proc_bytes+=3; } ND_TCHECK_1(tptr); @@ -1889,12 +1986,12 @@ isis_print_ext_is_reach(netdissect_options *ndo, subtlv_sum_len=GET_U_1(tptr); /* read out subTLV length */ tptr++; tlv_remaining--; - proc_bytes=NODE_ID_LEN+3+1; + proc_bytes++; ND_PRINT(", %ssub-TLVs present",subtlv_sum_len ? "" : "no "); if (subtlv_sum_len) { ND_PRINT(" (%u)", subtlv_sum_len); /* prepend the indent string */ - nd_snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); + snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); ident = ident_buffer; while (subtlv_sum_len != 0) { ND_TCHECK_2(tptr); @@ -1945,7 +2042,7 @@ isis_print_ext_is_reach(netdissect_options *ndo, case ISIS_SUBTLV_EXT_IS_REACH_IPV4_INTF_ADDR: case ISIS_SUBTLV_EXT_IS_REACH_IPV4_NEIGHBOR_ADDR: if (subtlv_len >= sizeof(nd_ipv4)) - ND_PRINT(", %s", ipaddr_string(ndo, tptr)); + ND_PRINT(", %s", GET_IPADDR_STRING(tptr)); break; case ISIS_SUBTLV_EXT_IS_REACH_MAX_LINK_BW : case ISIS_SUBTLV_EXT_IS_REACH_RESERVABLE_BW: @@ -2085,6 +2182,41 @@ isis_print_ext_is_reach(netdissect_options *ndo, } } break; + case ISIS_SUBTLV_EXT_IS_REACH_LAN_ADJ_SEGMENT_ID: + if (subtlv_len >= 8) { + ND_PRINT("%s Flags: [%s]", ident, + bittok2str(isis_lan_adj_sid_flag_values, + "none", + GET_U_1(tptr))); + int vflag = (GET_U_1(tptr) & 0x20) ? 1:0; + int lflag = (GET_U_1(tptr) & 0x10) ? 1:0; + tptr++; + subtlv_len--; + subtlv_sum_len--; + proc_bytes++; + ND_PRINT("%s Weight: %u", ident, GET_U_1(tptr)); + tptr++; + subtlv_len--; + subtlv_sum_len--; + proc_bytes++; + if(subtlv_len>=SYSTEM_ID_LEN) { + ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); + ND_PRINT("%s Neighbor System-ID: %s", ident, + isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); + } + /* RFC 8667 section 2.2.2 */ + /* if V-flag is set to 1 and L-flag is set to 1 ==> 3 octet label */ + /* if V-flag is set to 0 and L-flag is set to 0 ==> 4 octet index */ + if (vflag && lflag) { + ND_PRINT("%s Label: %u", + ident, GET_BE_U_3(tptr+SYSTEM_ID_LEN)); + } else if ((!vflag) && (!lflag)) { + ND_PRINT("%s Index: %u", + ident, GET_BE_U_4(tptr+SYSTEM_ID_LEN)); + } else + nd_print_invalid(ndo); + } + break; default: if (!print_unknown_data(ndo, tptr, "\n\t\t ", subtlv_len)) return(0); @@ -2108,11 +2240,12 @@ trunc: * it is called from various MT-TLVs (222,229,235,237) */ -static u_int +static uint8_t isis_print_mtid(netdissect_options *ndo, - const uint8_t *tptr, const char *ident) + const uint8_t *tptr, const char *ident, u_int tlv_remaining) { - ND_TCHECK_2(tptr); + if (tlv_remaining < 2) + goto trunc; ND_PRINT("%s%s", ident, @@ -2144,13 +2277,11 @@ isis_print_extd_ip_reach(netdissect_options *ndo, uint8_t prefix[sizeof(nd_ipv6)]; /* shared copy buffer for IPv4 and IPv6 prefixes */ u_int metric, status_byte, bit_length, byte_length, sublen, processed, subtlvtype, subtlvlen; - ND_TCHECK_4(tptr); metric = GET_BE_U_4(tptr); processed=4; tptr+=4; if (afi == AF_INET) { - ND_TCHECK_1(tptr); status_byte=GET_U_1(tptr); tptr++; bit_length = status_byte&0x3f; @@ -2162,7 +2293,6 @@ isis_print_extd_ip_reach(netdissect_options *ndo, } processed++; } else if (afi == AF_INET6) { - ND_TCHECK_2(tptr); status_byte=GET_U_1(tptr); bit_length=GET_U_1(tptr + 1); if (bit_length > 128) { @@ -2187,12 +2317,12 @@ isis_print_extd_ip_reach(netdissect_options *ndo, if (afi == AF_INET) ND_PRINT("%sIPv4 prefix: %15s/%u", ident, - ipaddr_string(ndo, prefix), + ipaddr_string(ndo, prefix), /* local buffer, not packet data; don't use GET_IPADDR_STRING() */ bit_length); else if (afi == AF_INET6) ND_PRINT("%sIPv6 prefix: %s/%u", ident, - ip6addr_string(ndo, prefix), + ip6addr_string(ndo, prefix), /* local buffer, not packet data; don't use GET_IP6ADDR_STRING() */ bit_length); ND_PRINT(", Distribution: %s, Metric: %u", @@ -2213,19 +2343,17 @@ isis_print_extd_ip_reach(netdissect_options *ndo, than one subTLV - therefore the first byte must reflect the aggregate bytecount of the subTLVs for this prefix */ - ND_TCHECK_1(tptr); sublen=GET_U_1(tptr); tptr++; processed+=sublen+1; ND_PRINT(" (%u)", sublen); /* print out subTLV length */ while (sublen>0) { - ND_TCHECK_2(tptr); subtlvtype=GET_U_1(tptr); subtlvlen=GET_U_1(tptr + 1); tptr+=2; /* prepend the indent string */ - nd_snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); + snprintf(ident_buffer, sizeof(ident_buffer), "%s ",ident); if (!isis_print_ip_reach_subtlv(ndo, tptr, subtlvtype, subtlvlen, ident_buffer)) return(0); tptr+=subtlvlen; @@ -2237,6 +2365,89 @@ trunc: return 0; } +static void +isis_print_router_cap_subtlv(netdissect_options *ndo, const uint8_t *tptr, uint8_t tlen) +{ + uint8_t subt, subl; + + while (tlen >= 2) { + subt = GET_U_1(tptr); + subl = GET_U_1(tptr+1); + tlen -= 2; + tptr += 2; + + /* first lets see if we know the subTLVs name*/ + ND_PRINT("\n\t\t%s subTLV #%u, length: %u", + tok2str(isis_router_capability_subtlv_values, "unknown", subt), + subt, subl); + + /* + * Boundary check. + */ + if (subl > tlen) { + break; + } + ND_TCHECK_LEN(tptr, subl); + + switch (subt) { + case ISIS_SUBTLV_ROUTER_CAP_SR: + { + uint8_t flags, sid_tlen, sid_type, sid_len; + uint32_t range; + const uint8_t *sid_ptr; + + flags = GET_U_1(tptr); + range = GET_BE_U_3(tptr+1); + ND_PRINT(", Flags [%s], Range %u", + bittok2str(isis_router_capability_sr_flags, "None", flags), + range); + sid_ptr = tptr + 4; + sid_tlen = subl - 4; + + while (sid_tlen >= 5) { + sid_type = GET_U_1(sid_ptr); + sid_len = GET_U_1(sid_ptr+1); + sid_tlen -= 2; + sid_ptr += 2; + + /* + * Boundary check. + */ + if (sid_len > sid_tlen) { + break; + } + + switch (sid_type) { + case 1: + if (sid_len == 3) { + ND_PRINT(", SID value %u", GET_BE_U_3(sid_ptr)); + } else if (sid_len == 4) { + ND_PRINT(", SID value %u", GET_BE_U_4(sid_ptr)); + } else { + ND_PRINT(", Unknown SID length%u", sid_len); + } + break; + default: + print_unknown_data(ndo, sid_ptr, "\n\t\t ", sid_len); + } + + sid_ptr += sid_len; + sid_tlen -= sid_len; + } + } + break; + default: + print_unknown_data(ndo, tptr, "\n\t\t", subl); + break; + } + + tlen -= subl; + tptr += subl; + } + trunc: + return; +} + /* * Clear checksum and lifetime prior to signature verification. */ @@ -2256,6 +2467,14 @@ isis_clear_checksum_lifetime(void *header) * Decode IS-IS packets. Return 0 on error. */ +#define INVALID_OR_DECREMENT(length,decr) \ + if ((length) < (decr)) { \ + ND_PRINT(" [packet length %u < %zu]", (length), (decr)); \ + nd_print_invalid(ndo); \ + return 1; \ + } \ + length -= (decr); + static int isis_print(netdissect_options *ndo, const uint8_t *p, u_int length) @@ -2274,13 +2493,16 @@ isis_print(netdissect_options *ndo, const struct isis_tlv_es_reach *tlv_es_reach; uint8_t version, pdu_version, fixed_len; - uint8_t pdu_type, pdu_max_area, max_area, pdu_id_length, id_length, tlv_type, tlv_len, tlen, alen, lan_alen, prefix_len; - u_int ext_is_len, ext_ip_len, mt_len; + uint8_t pdu_type, pdu_max_area, max_area, pdu_id_length, id_length, tlv_type, tlv_len, tlen, alen, prefix_len; + u_int ext_is_len, ext_ip_len; + uint8_t mt_len; uint8_t isis_subtlv_idrp; const uint8_t *optr, *pptr, *tptr; u_int packet_len; u_short pdu_len, key_id; - u_int i,vendor_id; + u_int i,vendor_id, num_vals; + uint8_t auth_type; + uint8_t num_system_ids; int sigcheck; ndo->ndo_protocol = "isis"; @@ -2411,8 +2633,8 @@ isis_print(netdissect_options *ndo, case ISIS_PDU_L1_LAN_IIH: case ISIS_PDU_L2_LAN_IIH: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE)); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_iih_lan); @@ -2450,14 +2672,14 @@ isis_print(netdissect_options *ndo, return (0); } - packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); + INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_LAN_HEADER_SIZE); break; case ISIS_PDU_PTP_IIH: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE)); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_iih_ptp); @@ -2489,16 +2711,15 @@ isis_print(netdissect_options *ndo, if (!print_unknown_data(ndo, pptr, "\n\t ", ISIS_IIH_PTP_HEADER_SIZE)) return (0); } - - packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); + INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_IIH_PTP_HEADER_SIZE); break; case ISIS_PDU_L1_LSP: case ISIS_PDU_L2_LSP: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)ISIS_LSP_HEADER_SIZE); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_LSP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_lsp); @@ -2548,15 +2769,15 @@ isis_print(netdissect_options *ndo, return (0); } - packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); + INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_LSP_HEADER_SIZE); break; case ISIS_PDU_L1_CSNP: case ISIS_PDU_L2_CSNP: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)) { - ND_PRINT(", bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE)); + ND_PRINT(", bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_csnp); @@ -2586,15 +2807,15 @@ isis_print(netdissect_options *ndo, return (0); } - packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); + INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_CSNP_HEADER_SIZE); break; case ISIS_PDU_L1_PSNP: case ISIS_PDU_L2_PSNP: if (fixed_len != (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)) { - ND_PRINT("- bogus fixed header length %u should be %lu", - fixed_len, (unsigned long)(ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE)); + ND_PRINT("- bogus fixed header length %u should be %zu", + fixed_len, ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); return (0); } ND_TCHECK_SIZE(header_psnp); @@ -2620,7 +2841,7 @@ isis_print(netdissect_options *ndo, return (0); } - packet_len -= (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); + INVALID_OR_DECREMENT(packet_len,ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); pptr = p + (ISIS_COMMON_HEADER_SIZE+ISIS_PSNP_HEADER_SIZE); break; @@ -2656,34 +2877,29 @@ isis_print(netdissect_options *ndo, tlv_type, tlv_len); - if (tlv_len == 0) /* something is invalid */ - continue; - if (packet_len < tlv_len) goto trunc; /* now check if we have a decoder otherwise do a hexdump at the end*/ switch (tlv_type) { case ISIS_TLV_AREA_ADDR: - ND_TCHECK_1(tptr); - alen = GET_U_1(tptr); - tptr++; - while (tlen && alen < tlen) { - ND_TCHECK_LEN(tptr, alen); + while (tlen != 0) { + alen = GET_U_1(tptr); + tptr++; + tlen--; + if (tlen < alen) + goto tlv_trunc; ND_PRINT("\n\t Area address (length: %u): %s", alen, - isonsap_string(ndo, tptr, alen)); + GET_ISONSAP_STRING(tptr, alen)); tptr += alen; - tlen -= alen + 1; - if (tlen==0) /* if this is the last area address do not attempt a boundary check */ - break; - ND_TCHECK_1(tptr); - alen = GET_U_1(tptr); - tptr++; + tlen -= alen; } break; case ISIS_TLV_ISNEIGH: - while (tlen >= MAC_ADDR_LEN) { + while (tlen != 0) { + if (tlen < MAC_ADDR_LEN) + goto tlv_trunc; ND_TCHECK_LEN(tptr, MAC_ADDR_LEN); ND_PRINT("\n\t SNPA: %s", isis_print_id(ndo, tptr, MAC_ADDR_LEN)); tlen -= MAC_ADDR_LEN; @@ -2691,23 +2907,22 @@ isis_print(netdissect_options *ndo, } break; - case ISIS_TLV_ISNEIGH_VARLEN: - if (!ND_TTEST_1(tptr) || tlen < 3) /* min. TLV length */ - goto trunc; - lan_alen = GET_U_1(tptr); /* LAN address length */ - tptr++; - if (lan_alen == 0) { - ND_PRINT("\n\t LAN address length 0 bytes"); - nd_print_invalid(ndo); - break; - } - tlen --; - ND_PRINT("\n\t LAN address length %u bytes ", lan_alen); - while (tlen >= lan_alen) { - ND_TCHECK_LEN(tptr, lan_alen); - ND_PRINT("\n\t\tIS Neighbor: %s", isis_print_id(ndo, tptr, lan_alen)); - tlen -= lan_alen; - tptr +=lan_alen; + case ISIS_TLV_INSTANCE_ID: + if (tlen < 4) + goto tlv_trunc; + num_vals = (tlen-2)/2; + ND_PRINT("\n\t Instance ID: %u, ITIDs(%u)%s ", + GET_BE_U_2(tptr), num_vals, + num_vals ? ":" : ""); + tptr += 2; + tlen -= 2; + for (i=0; i < num_vals; i++) { + ND_PRINT("%u", GET_BE_U_2(tptr)); + if (i < (num_vals - 1)) { + ND_PRINT(", "); + } + tptr += 2; + tlen -= 2; } break; @@ -2715,12 +2930,12 @@ isis_print(netdissect_options *ndo, break; case ISIS_TLV_MT_IS_REACH: - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) /* did something go wrong ? */ goto trunc; tptr+=mt_len; tlen-=mt_len; - while (tlen >= 2+NODE_ID_LEN+3+1) { + while (tlen != 0) { ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); if (ext_is_len == 0) /* did something go wrong ? */ goto trunc; @@ -2729,28 +2944,28 @@ isis_print(netdissect_options *ndo, nd_print_invalid(ndo); break; } - tlen-=ext_is_len; - tptr+=ext_is_len; + tlen-=(uint8_t)ext_is_len; + tptr+=(uint8_t)ext_is_len; } break; case ISIS_TLV_IS_ALIAS_ID: - while (tlen >= NODE_ID_LEN+1) { /* is it worth attempting a decode ? */ - ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); - if (ext_is_len == 0) /* did something go wrong ? */ - goto trunc; + while (tlen != 0) { + ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); + if (ext_is_len == 0) /* did something go wrong ? */ + goto trunc; if (tlen < ext_is_len) { ND_PRINT(" [remaining tlv length %u < %u]", tlen, ext_is_len); nd_print_invalid(ndo); break; } - tlen-=ext_is_len; - tptr+=ext_is_len; - } - break; + tlen-=(uint8_t)ext_is_len; + tptr+=(uint8_t)ext_is_len; + } + break; case ISIS_TLV_EXT_IS_REACH: - while (tlen >= NODE_ID_LEN+3+1) { /* is it worth attempting a decode ? */ + while (tlen != 0) { ext_is_len = isis_print_ext_is_reach(ndo, tptr, "\n\t ", tlv_type, tlen); if (ext_is_len == 0) /* did something go wrong ? */ goto trunc; @@ -2759,19 +2974,23 @@ isis_print(netdissect_options *ndo, nd_print_invalid(ndo); break; } - tlen-=ext_is_len; - tptr+=ext_is_len; + tlen-=(uint8_t)ext_is_len; + tptr+=(uint8_t)ext_is_len; } break; case ISIS_TLV_IS_REACH: - ND_TCHECK_1(tptr); /* check if there is one byte left to read out the virtual flag */ + if (tlen < 1) + goto tlv_trunc; ND_PRINT("\n\t %s", tok2str(isis_is_reach_virtual_values, "bogus virtual flag 0x%02x", GET_U_1(tptr))); tptr++; + tlen--; tlv_is_reach = (const struct isis_tlv_is_reach *)tptr; - while (tlen >= sizeof(struct isis_tlv_is_reach)) { + while (tlen != 0) { + if (tlen < sizeof(struct isis_tlv_is_reach)) + goto tlv_trunc; ND_TCHECK_SIZE(tlv_is_reach); ND_PRINT("\n\t IS Neighbor: %s", isis_print_id(ndo, tlv_is_reach->neighbor_nodeid, NODE_ID_LEN)); @@ -2783,7 +3002,9 @@ isis_print(netdissect_options *ndo, case ISIS_TLV_ESNEIGH: tlv_es_reach = (const struct isis_tlv_es_reach *)tptr; - while (tlen >= sizeof(struct isis_tlv_es_reach)) { + while (tlen != 0) { + if (tlen < sizeof(struct isis_tlv_es_reach)) + goto tlv_trunc; ND_TCHECK_SIZE(tlv_es_reach); ND_PRINT("\n\t ES Neighbor: %s", isis_print_id(ndo, tlv_es_reach->neighbor_sysid, SYSTEM_ID_LEN)); @@ -2801,7 +3022,7 @@ isis_print(netdissect_options *ndo, break; case ISIS_TLV_EXTD_IP_REACH: - while (tlen != 0) { + while (tlen != 0) { ext_ip_len = isis_print_extd_ip_reach(ndo, tptr, "\n\t ", AF_INET); if (ext_ip_len == 0) /* did something go wrong ? */ goto trunc; @@ -2810,13 +3031,13 @@ isis_print(netdissect_options *ndo, nd_print_invalid(ndo); break; } - tptr+=ext_ip_len; - tlen-=ext_ip_len; + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; } break; case ISIS_TLV_MT_IP_REACH: - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) { /* did something go wrong ? */ goto trunc; } @@ -2832,8 +3053,8 @@ isis_print(netdissect_options *ndo, nd_print_invalid(ndo); break; } - tptr+=ext_ip_len; - tlen-=ext_ip_len; + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; } break; @@ -2847,13 +3068,13 @@ isis_print(netdissect_options *ndo, nd_print_invalid(ndo); break; } - tptr+=ext_ip_len; - tlen-=ext_ip_len; + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; } break; case ISIS_TLV_MT_IP6_REACH: - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) { /* did something go wrong ? */ goto trunc; } @@ -2869,61 +3090,66 @@ isis_print(netdissect_options *ndo, nd_print_invalid(ndo); break; } - tptr+=ext_ip_len; - tlen-=ext_ip_len; + tlen-=(uint8_t)ext_ip_len; + tptr+=(uint8_t)ext_ip_len; } break; case ISIS_TLV_IP6ADDR: - while (tlen>=sizeof(nd_ipv6)) { - ND_TCHECK_LEN(tptr, sizeof(nd_ipv6)); - + while (tlen != 0) { + if (tlen < sizeof(nd_ipv6)) + goto tlv_trunc; ND_PRINT("\n\t IPv6 interface address: %s", - ip6addr_string(ndo, tptr)); + GET_IP6ADDR_STRING(tptr)); tptr += sizeof(nd_ipv6); tlen -= sizeof(nd_ipv6); } break; case ISIS_TLV_AUTH: - ND_TCHECK_1(tptr); + if (tlen < 1) + goto tlv_trunc; + auth_type = GET_U_1(tptr); + tptr++; + tlen--; ND_PRINT("\n\t %s: ", tok2str(isis_subtlv_auth_values, "unknown Authentication type 0x%02x", - GET_U_1(tptr))); + auth_type)); - switch (GET_U_1(tptr)) { + switch (auth_type) { case ISIS_SUBTLV_AUTH_SIMPLE: - if (nd_printzp(ndo, tptr + 1, tlv_len - 1, ndo->ndo_snapend)) + if (nd_printzp(ndo, tptr, tlen, ndo->ndo_snapend)) goto trunc; break; case ISIS_SUBTLV_AUTH_MD5: - for(i=1;i=1) { - ND_TCHECK_1(tptr); ND_PRINT("\n\t Adjacency State: %s (%u)", tok2str(isis_ptp_adjancey_values, "unknown", GET_U_1(tptr)), GET_U_1(tptr)); tlen--; } if(tlen>sizeof(tlv_ptp_adj->extd_local_circuit_id)) { - ND_TCHECK_4(tlv_ptp_adj->extd_local_circuit_id); ND_PRINT("\n\t Extended Local circuit-ID: 0x%08x", GET_BE_U_4(tlv_ptp_adj->extd_local_circuit_id)); tlen-=sizeof(tlv_ptp_adj->extd_local_circuit_id); @@ -2951,7 +3175,6 @@ isis_print(netdissect_options *ndo, tlen-=SYSTEM_ID_LEN; } if(tlen>=sizeof(tlv_ptp_adj->neighbor_extd_local_circuit_id)) { - ND_TCHECK_4(tlv_ptp_adj->neighbor_extd_local_circuit_id); ND_PRINT("\n\t Neighbor Extended Local circuit-ID: 0x%08x", GET_BE_U_4(tlv_ptp_adj->neighbor_extd_local_circuit_id)); } @@ -2959,8 +3182,7 @@ isis_print(netdissect_options *ndo, case ISIS_TLV_PROTOCOLS: ND_PRINT("\n\t NLPID(s): "); - while (tlen>0) { - ND_TCHECK_1(tptr); + while (tlen != 0) { ND_PRINT("%s (0x%02x)", tok2str(nlpid_values, "unknown", @@ -2973,49 +3195,52 @@ isis_print(netdissect_options *ndo, } break; - case ISIS_TLV_MT_PORT_CAP: - { - ND_TCHECK_2(tptr); - - ND_PRINT("\n\t RES: %u, MTID(s): %u", - (GET_BE_U_2(tptr) >> 12), - (GET_BE_U_2(tptr) & 0x0fff)); + case ISIS_TLV_MT_PORT_CAP: + { + if (tlen < 2) + goto tlv_trunc; - tlen = tlen-2; - tptr = tptr+2; + ND_PRINT("\n\t RES: %u, MTID(s): %u", + (GET_BE_U_2(tptr) >> 12), + (GET_BE_U_2(tptr) & 0x0fff)); - if (tlen) - isis_print_mt_port_cap_subtlv(ndo, tptr, tlen); + tptr += 2; + tlen -= 2; - break; - } + if (tlen) + isis_print_mt_port_cap_subtlv(ndo, tptr, tlen); - case ISIS_TLV_MT_CAPABILITY: + break; + } - ND_TCHECK_2(tptr); + case ISIS_TLV_MT_CAPABILITY: + if (tlen < 2) + goto tlv_trunc; - ND_PRINT("\n\t O: %u, RES: %u, MTID(s): %u", - (GET_BE_U_2(tptr) >> 15) & 0x01, - (GET_BE_U_2(tptr) >> 12) & 0x07, - GET_BE_U_2(tptr) & 0x0fff); + ND_PRINT("\n\t O: %u, RES: %u, MTID(s): %u", + (GET_BE_U_2(tptr) >> 15) & 0x01, + (GET_BE_U_2(tptr) >> 12) & 0x07, + GET_BE_U_2(tptr) & 0x0fff); - tlen = tlen-2; - tptr = tptr+2; + tptr += 2; + tlen -= 2; - if (tlen) - isis_print_mt_capability_subtlv(ndo, tptr, tlen); + if (tlen) + isis_print_mt_capability_subtlv(ndo, tptr, tlen); - break; + break; case ISIS_TLV_TE_ROUTER_ID: - ND_TCHECK_LEN(pptr, sizeof(nd_ipv4)); - ND_PRINT("\n\t Traffic Engineering Router ID: %s", ipaddr_string(ndo, pptr)); + if (tlen < sizeof(nd_ipv4)) + goto tlv_trunc; + ND_PRINT("\n\t Traffic Engineering Router ID: %s", GET_IPADDR_STRING(pptr)); break; case ISIS_TLV_IPADDR: - while (tlen>=sizeof(nd_ipv4)) { - ND_TCHECK_LEN(tptr, sizeof(nd_ipv4)); - ND_PRINT("\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr)); + while (tlen != 0) { + if (tlen < sizeof(nd_ipv4)) + goto tlv_trunc; + ND_PRINT("\n\t IPv4 interface address: %s", GET_IPADDR_STRING(tptr)); tptr += sizeof(nd_ipv4); tlen -= sizeof(nd_ipv4); } @@ -3037,7 +3262,6 @@ isis_print(netdissect_options *ndo, if (tlen < 1) break; - ND_TCHECK_1(tptr); ND_PRINT(", Flags: [%s]", ISIS_MASK_TLV_SHARED_RISK_GROUP(GET_U_1(tptr)) ? "numbered" : "unnumbered"); tptr++; @@ -3045,20 +3269,19 @@ isis_print(netdissect_options *ndo, if (tlen < sizeof(nd_ipv4)) break; - ND_TCHECK_LEN(tptr, sizeof(nd_ipv4)); - ND_PRINT("\n\t IPv4 interface address: %s", ipaddr_string(ndo, tptr)); + ND_PRINT("\n\t IPv4 interface address: %s", GET_IPADDR_STRING(tptr)); tptr+=sizeof(nd_ipv4); tlen-=sizeof(nd_ipv4); if (tlen < sizeof(nd_ipv4)) break; - ND_TCHECK_LEN(tptr, sizeof(nd_ipv4)); - ND_PRINT("\n\t IPv4 neighbor address: %s", ipaddr_string(ndo, tptr)); + ND_PRINT("\n\t IPv4 neighbor address: %s", GET_IPADDR_STRING(tptr)); tptr+=sizeof(nd_ipv4); tlen-=sizeof(nd_ipv4); - while (tlen>=4) { - ND_TCHECK_4(tptr); + while (tlen != 0) { + if (tlen < 4) + goto tlv_trunc; ND_PRINT("\n\t Link-ID: 0x%08x", GET_BE_U_4(tptr)); tptr+=4; tlen-=4; @@ -3067,17 +3290,16 @@ isis_print(netdissect_options *ndo, case ISIS_TLV_LSP: tlv_lsp = (const struct isis_tlv_lsp *)tptr; - while(tlen>=sizeof(struct isis_tlv_lsp)) { + while (tlen != 0) { + if (tlen < sizeof(struct isis_tlv_lsp)) + goto tlv_trunc; ND_TCHECK_1(tlv_lsp->lsp_id + LSP_ID_LEN - 1); ND_PRINT("\n\t lsp-id: %s", isis_print_id(ndo, tlv_lsp->lsp_id, LSP_ID_LEN)); - ND_TCHECK_4(tlv_lsp->sequence_number); ND_PRINT(", seq: 0x%08x", GET_BE_U_4(tlv_lsp->sequence_number)); - ND_TCHECK_2(tlv_lsp->remaining_lifetime); ND_PRINT(", lifetime: %5ds", GET_BE_U_2(tlv_lsp->remaining_lifetime)); - ND_TCHECK_2(tlv_lsp->checksum); ND_PRINT(", chksum: 0x%04x", GET_BE_U_2(tlv_lsp->checksum)); tlen-=sizeof(struct isis_tlv_lsp); tlv_lsp++; @@ -3099,27 +3321,40 @@ isis_print(netdissect_options *ndo, break; case ISIS_TLV_POI: - if (tlv_len >= SYSTEM_ID_LEN + 1) { - ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN + 1); + if (tlen < 1) + goto tlv_trunc; + num_system_ids = GET_U_1(tptr); + tptr++; + tlen--; + if (num_system_ids == 0) { + /* Not valid */ + ND_PRINT(" No system IDs supplied"); + } else { + if (tlen < SYSTEM_ID_LEN) + goto tlv_trunc; + ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); ND_PRINT("\n\t Purge Originator System-ID: %s", - isis_print_id(ndo, tptr + 1, SYSTEM_ID_LEN)); - } - - if (tlv_len == 2 * SYSTEM_ID_LEN + 1) { - ND_TCHECK_LEN(tptr, 2 * SYSTEM_ID_LEN + 1); - ND_PRINT("\n\t Received from System-ID: %s", - isis_print_id(ndo, tptr + SYSTEM_ID_LEN + 1, SYSTEM_ID_LEN)); + isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); + tptr += SYSTEM_ID_LEN; + tlen -= SYSTEM_ID_LEN; + + if (num_system_ids > 1) { + if (tlen < SYSTEM_ID_LEN) + goto tlv_trunc; + ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); + ND_TCHECK_LEN(tptr, 2 * SYSTEM_ID_LEN + 1); + ND_PRINT("\n\t Received from System-ID: %s", + isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); + } } break; case ISIS_TLV_MT_SUPPORTED: - if (tlen < ISIS_TLV_MT_SUPPORTED_MINLEN) - break; - while (tlen>1) { + while (tlen != 0) { /* length can only be a multiple of 2, otherwise there is something broken -> so decode down until length is 1 */ if (tlen!=1) { - mt_len = isis_print_mtid(ndo, tptr, "\n\t "); + mt_len = isis_print_mtid(ndo, tptr, "\n\t ", tlen); if (mt_len == 0) /* did something go wrong ? */ goto trunc; tptr+=mt_len; @@ -3161,38 +3396,40 @@ isis_print(netdissect_options *ndo, break; case ISIS_TLV_IDRP_INFO: - if (tlen < ISIS_TLV_IDRP_INFO_MINLEN) + if (tlen < 1) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_IDRP_INFO_MINLEN); + isis_subtlv_idrp = GET_U_1(tptr); ND_PRINT("\n\t Inter-Domain Information Type: %s", tok2str(isis_subtlv_idrp_values, "Unknown (0x%02x)", - GET_U_1(tptr))); - isis_subtlv_idrp = GET_U_1(tptr); + isis_subtlv_idrp)); tptr++; + tlen--; switch (isis_subtlv_idrp) { case ISIS_SUBTLV_IDRP_ASN: - ND_TCHECK_2(tptr); /* fetch AS number */ + if (tlen < 2) + goto tlv_trunc; ND_PRINT("AS Number: %u", GET_BE_U_2(tptr)); break; case ISIS_SUBTLV_IDRP_LOCAL: case ISIS_SUBTLV_IDRP_RES: default: - if (!print_unknown_data(ndo, tptr, "\n\t ", tlv_len - 1)) + if (!print_unknown_data(ndo, tptr, "\n\t ", tlen)) return(0); break; } break; case ISIS_TLV_LSP_BUFFERSIZE: - if (tlen < ISIS_TLV_LSP_BUFFERSIZE_MINLEN) + if (tlen < 2) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_LSP_BUFFERSIZE_MINLEN); ND_PRINT("\n\t LSP Buffersize: %u", GET_BE_U_2(tptr)); break; case ISIS_TLV_PART_DIS: - while (tlen >= SYSTEM_ID_LEN) { + while (tlen != 0) { + if (tlen < SYSTEM_ID_LEN) + goto tlv_trunc; ND_TCHECK_LEN(tptr, SYSTEM_ID_LEN); ND_PRINT("\n\t %s", isis_print_id(ndo, tptr, SYSTEM_ID_LEN)); tptr+=SYSTEM_ID_LEN; @@ -3209,43 +3446,55 @@ isis_print(netdissect_options *ndo, tptr+=sizeof(struct isis_metric_block); tlen-=sizeof(struct isis_metric_block); - while(tlen>0) { - ND_TCHECK_1(tptr); + while (tlen != 0) { prefix_len=GET_U_1(tptr); /* read out prefix length in semioctets*/ tptr++; + tlen--; if (prefix_len < 2) { ND_PRINT("\n\t\tAddress: prefix length %u < 2", prefix_len); break; } - tlen--; if (tlen < prefix_len/2) break; - ND_TCHECK_LEN(tptr, prefix_len / 2); ND_PRINT("\n\t\tAddress: %s/%u", - isonsap_string(ndo, tptr, prefix_len / 2), prefix_len * 4); + GET_ISONSAP_STRING(tptr, prefix_len / 2), prefix_len * 4); tptr+=prefix_len/2; tlen-=prefix_len/2; } break; case ISIS_TLV_IIH_SEQNR: - if (tlen < ISIS_TLV_IIH_SEQNR_MINLEN) + if (tlen < 4) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_IIH_SEQNR_MINLEN); /* check if four bytes are on the wire */ ND_PRINT("\n\t Sequence number: %u", GET_BE_U_4(tptr)); break; + case ISIS_TLV_ROUTER_CAPABILITY: + if (tlen < 5) { + ND_PRINT(" [object length %u < 5]", tlen); + nd_print_invalid(ndo); + break; + } + ND_PRINT("\n\t Router-ID %s", GET_IPADDR_STRING(tptr)); + ND_PRINT(", Flags [%s]", + bittok2str(isis_tlv_router_capability_flags, "none", GET_U_1(tptr+4))); + + /* Optional set of sub-TLV */ + if (tlen > 5) { + isis_print_router_cap_subtlv(ndo, tptr+5, tlen-5); + } + break; + case ISIS_TLV_VENDOR_PRIVATE: - if (tlen < ISIS_TLV_VENDOR_PRIVATE_MINLEN) + if (tlen < 3) break; - ND_TCHECK_LEN(tptr, ISIS_TLV_VENDOR_PRIVATE_MINLEN); /* check if enough byte for a full oui */ vendor_id = GET_BE_U_3(tptr); ND_PRINT("\n\t Vendor: %s (%u)", tok2str(oui_values, "Unknown", vendor_id), vendor_id); tptr+=3; tlen-=3; - if (tlen > 0) /* hexdump the rest */ + if (tlen != 0) /* hexdump the rest */ if (!print_unknown_data(ndo, tptr, "\n\t\t", tlen)) return(0); break; @@ -3267,6 +3516,7 @@ isis_print(netdissect_options *ndo, } break; } +tlv_trunc: /* do we want to see an additionally hexdump ? */ if (ndo->ndo_vflag> 1) { if (!print_unknown_data(ndo, pptr, "\n\t ", tlv_len)) @@ -3305,7 +3555,7 @@ osi_print_cksum(netdissect_options *ndo, const uint8_t *pptr, ND_PRINT(" (unverified)"); } else { #if 0 - printf("\nosi_print_cksum: %p %d %u\n", pptr, checksum_offset, length); + ND_PRINT("\nosi_print_cksum: %p %d %u\n", pptr, checksum_offset, length); #endif calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); if (checksum == calculated_checksum) {