X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/e2982e7f6f0b624a773ec5a58885ee80fab46d34..2de3a27ab75415237de96d2539e86b959ad0a9d0:/print-ip.c

diff --git a/print-ip.c b/print-ip.c
index 3d5e97e1..e1085e96 100644
--- a/print-ip.c
+++ b/print-ip.c
@@ -22,10 +22,10 @@
 /* \summary: IP printer */
 
 #ifdef HAVE_CONFIG_H
-#include "config.h"
+#include <config.h>
 #endif
 
-#include <netdissect-stdinc.h>
+#include "netdissect-stdinc.h"
 
 #include <string.h>
 
@@ -36,7 +36,6 @@
 #include "ip.h"
 #include "ipproto.h"
 
-static const char tstr[] = "[|ip]";
 
 static const struct tok ip_option_values[] = {
     { IPOPT_EOL, "EOL" },
@@ -95,14 +94,17 @@ static uint32_t
 ip_finddst(netdissect_options *ndo,
            const struct ip *ip)
 {
-	int length;
-	int len;
+	u_int length;
+	u_int len;
 	const u_char *cp;
 
 	cp = (const u_char *)(ip + 1);
-	length = (IP_HL(ip) << 2) - sizeof(struct ip);
+	length = IP_HL(ip) * 4;
+	if (length < sizeof(struct ip))
+		goto trunc;
+	length -= sizeof(struct ip);
 
-	for (; length > 0; cp += len, length -= len) {
+	for (; length != 0; cp += len, length -= len) {
 		int tt;
 
 		ND_TCHECK_1(cp);
@@ -117,6 +119,8 @@ ip_finddst(netdissect_options *ndo,
 			if (len < 2)
 				break;
 		}
+		if (length < len)
+			goto trunc;
 		ND_TCHECK_LEN(cp, len);
 		switch (tt) {
 
@@ -134,7 +138,7 @@ trunc:
 /*
  * Compute a V4-style checksum by building a pseudoheader.
  */
-int
+uint16_t
 nextproto4_cksum(netdissect_options *ndo,
                  const struct ip *ip, const uint8_t *data,
                  u_int len, u_int covlen, u_int next_proto)
@@ -171,7 +175,7 @@ ip_printts(netdissect_options *ndo,
 {
 	u_int ptr;
 	u_int len;
-	int hoplen;
+	u_int hoplen;
 	const char *type;
 
 	if (length < 4) {
@@ -209,7 +213,7 @@ ip_printts(netdissect_options *ndo,
 		ND_PRINT("PRESPEC");
 		break;
 	default:
-		ND_PRINT("[bad ts type %d]", EXTRACT_U_1(cp + 3)&0xF);
+		ND_PRINT("[bad ts type %u]", EXTRACT_U_1(cp + 3)&0xF);
 		goto done;
 	}
 
@@ -218,7 +222,7 @@ ip_printts(netdissect_options *ndo,
 		if (ptr == len)
 			type = " ^ ";
 		ND_TCHECK_LEN(cp + len, hoplen);
-		ND_PRINT("%s%d@%s", type, EXTRACT_BE_U_4(cp + len + hoplen - 4),
+		ND_PRINT("%s%u@%s", type, EXTRACT_BE_U_4(cp + len + hoplen - 4),
 			  hoplen!=8 ? "" : ipaddr_string(ndo, cp + len));
 		type = " ";
 	}
@@ -227,7 +231,7 @@ done:
 	ND_PRINT("%s", ptr == len ? " ^ " : "");
 
 	if (EXTRACT_U_1(cp + 3) >> 4)
-		ND_PRINT(" [%d hops not recorded]} ", EXTRACT_U_1(cp + 3)>>4);
+		ND_PRINT(" [%u hops not recorded]} ", EXTRACT_U_1(cp + 3)>>4);
 	else
 		ND_PRINT("}");
 	return (0);
@@ -238,8 +242,9 @@ trunc:
 
 /*
  * print IP options.
+   If truncated return -1, else 0.
  */
-static void
+static int
 ip_optprint(netdissect_options *ndo,
             const u_char *cp, u_int length)
 {
@@ -267,20 +272,20 @@ ip_optprint(netdissect_options *ndo,
 			option_len = EXTRACT_U_1(cp + 1);
 			if (option_len < 2) {
 				ND_PRINT(" [bad length %u]", option_len);
-				return;
+				return 0;
 			}
 		}
 
 		if (option_len > length) {
 			ND_PRINT(" [bad length %u]", option_len);
-			return;
+			return 0;
 		}
 
 		ND_TCHECK_LEN(cp, option_len);
 
 		switch (option_code) {
 		case IPOPT_EOL:
-			return;
+			return 0;
 
 		case IPOPT_TS:
 			if (ip_printts(ndo, cp, option_len) == -1)
@@ -310,10 +315,10 @@ ip_optprint(netdissect_options *ndo,
 			break;
 		}
 	}
-	return;
+	return 0;
 
 trunc:
-	ND_PRINT("%s", tstr);
+	return -1;
 }
 
 #define IP_RES 0x8000
@@ -344,7 +349,8 @@ again:
 
 	case IPPROTO_AH:
 		if (!ND_TTEST_1(ipds->cp)) {
-			ND_PRINT("[|AH]");
+			ndo->ndo_protocol = "ah";
+			nd_print_trunc(ndo);
 			break;
 		}
 		ipds->nh = EXTRACT_U_1(ipds->cp);
@@ -429,7 +435,7 @@ again:
 		break;
 
 	case IPPROTO_ND:
-		ND_PRINT(" nd %d", ipds->len);
+		ND_PRINT(" nd %u", ipds->len);
 		break;
 
 	case IPPROTO_EGP:
@@ -479,15 +485,15 @@ again:
 		if (ndo->ndo_packettype == PT_CARP) {
 			if (ndo->ndo_vflag)
 				ND_PRINT("carp %s > %s: ",
-					     ipaddr_string(ndo, &ipds->ip->ip_src),
-					     ipaddr_string(ndo, &ipds->ip->ip_dst));
+					     ipaddr_string(ndo, ipds->ip->ip_src),
+					     ipaddr_string(ndo, ipds->ip->ip_dst));
 			carp_print(ndo, ipds->cp, ipds->len,
 				EXTRACT_U_1(ipds->ip->ip_ttl));
 		} else {
 			if (ndo->ndo_vflag)
 				ND_PRINT("vrrp %s > %s: ",
-					     ipaddr_string(ndo, &ipds->ip->ip_src),
-					     ipaddr_string(ndo, &ipds->ip->ip_dst));
+					     ipaddr_string(ndo, ipds->ip->ip_src),
+					     ipaddr_string(ndo, ipds->ip->ip_dst));
 			vrrp_print(ndo, ipds->cp, ipds->len,
 				(const u_char *)ipds->ip,
 				EXTRACT_U_1(ipds->ip->ip_ttl));
@@ -502,14 +508,14 @@ again:
 		if (ndo->ndo_nflag==0 && (p_name = netdb_protoname(ipds->nh)) != NULL)
 			ND_PRINT(" %s", p_name);
 		else
-			ND_PRINT(" ip-proto-%d", ipds->nh);
-		ND_PRINT(" %d", ipds->len);
+			ND_PRINT(" ip-proto-%u", ipds->nh);
+		ND_PRINT(" %u", ipds->len);
 		break;
 	}
 }
 
 void
-ip_print_inner(netdissect_options *ndo,
+ip_inner_print(netdissect_options *ndo,
 	       const u_char *bp,
 	       u_int length, u_int nh,
 	       const u_char *bp2)
@@ -543,14 +549,17 @@ ip_print(netdissect_options *ndo,
 	uint8_t ip_tos, ip_ttl, ip_proto;
 	uint16_t sum, ip_sum;
 	const char *p_name;
+	int truncated = 0;
 
+	ndo->ndo_protocol = "ip";
 	ipds->ip = (const struct ip *)bp;
-	ND_TCHECK(ipds->ip->ip_vhl);
+	ND_TCHECK_1(ipds->ip->ip_vhl);
 	if (IP_V(ipds->ip) != 4) { /* print version and fail if != 4 */
 	    if (IP_V(ipds->ip) == 6)
-	      ND_PRINT("IP6, wrong link-layer encapsulation ");
+	      ND_PRINT("IP6, wrong link-layer encapsulation");
 	    else
-	      ND_PRINT("IP%u ", IP_V(ipds->ip));
+	      ND_PRINT("IP%u", IP_V(ipds->ip));
+	    nd_print_invalid(ndo);
 	    return;
 	}
 	if (!ndo->ndo_eflag)
@@ -567,7 +576,7 @@ ip_print(netdissect_options *ndo,
 		return;
 	}
 
-	ipds->len = EXTRACT_BE_U_2(&ipds->ip->ip_len);
+	ipds->len = EXTRACT_BE_U_2(ipds->ip->ip_len);
 	if (length < ipds->len)
 		ND_PRINT("truncated-ip - %u bytes missing! ",
 			ipds->len - length);
@@ -596,7 +605,7 @@ ip_print(netdissect_options *ndo,
 
 	ipds->len -= hlen;
 
-	ipds->off = EXTRACT_BE_U_2(&ipds->ip->ip_off);
+	ipds->off = EXTRACT_BE_U_2(ipds->ip->ip_off);
 
         ip_proto = EXTRACT_U_1(ipds->ip->ip_p);
 
@@ -632,7 +641,7 @@ ip_print(netdissect_options *ndo,
 	     * For unfragmented datagrams, note the don't fragment flag.
 	     */
 	    ND_PRINT(", id %u, offset %u, flags [%s], proto %s (%u)",
-                         EXTRACT_BE_U_2(&ipds->ip->ip_id),
+                         EXTRACT_BE_U_2(ipds->ip->ip_id),
                          (ipds->off & 0x1fff) * 8,
                          bittok2str(ip_frag_values, "none", ipds->off&0xe000),
                          tok2str(ipproto_values, "unknown", ip_proto),
@@ -642,7 +651,11 @@ ip_print(netdissect_options *ndo,
 
             if ((hlen - sizeof(struct ip)) > 0) {
                 ND_PRINT(", options (");
-                ip_optprint(ndo, (const u_char *)(ipds->ip + 1), hlen - sizeof(struct ip));
+                if (ip_optprint(ndo, (const u_char *)(ipds->ip + 1),
+                    hlen - sizeof(struct ip)) == -1) {
+                        ND_PRINT(" [truncated-option]");
+			truncated = 1;
+                }
                 ND_PRINT(")");
             }
 
@@ -658,6 +671,12 @@ ip_print(netdissect_options *ndo,
 	    }
 
 	    ND_PRINT(")\n    ");
+	    if (truncated) {
+		ND_PRINT("%s > %s: ",
+			 ipaddr_string(ndo, ipds->ip->ip_src),
+			 ipaddr_string(ndo, ipds->ip->ip_dst));
+		goto trunc;
+	    }
 	}
 
 	/*
@@ -671,8 +690,8 @@ ip_print(netdissect_options *ndo,
 		if (ipds->nh != IPPROTO_TCP && ipds->nh != IPPROTO_UDP &&
 		    ipds->nh != IPPROTO_SCTP && ipds->nh != IPPROTO_DCCP) {
 			ND_PRINT("%s > %s: ",
-				     ipaddr_string(ndo, &ipds->ip->ip_src),
-				     ipaddr_string(ndo, &ipds->ip->ip_dst));
+				     ipaddr_string(ndo, ipds->ip->ip_src),
+				     ipaddr_string(ndo, ipds->ip->ip_dst));
 		}
 		ip_print_demux(ndo, ipds);
 	} else {
@@ -688,8 +707,8 @@ ip_print(netdissect_options *ndo,
 		 * next level protocol header.  print the ip addr
 		 * and the protocol.
 		 */
-		ND_PRINT("%s > %s:", ipaddr_string(ndo, &ipds->ip->ip_src),
-		          ipaddr_string(ndo, &ipds->ip->ip_dst));
+		ND_PRINT("%s > %s:", ipaddr_string(ndo, ipds->ip->ip_src),
+		          ipaddr_string(ndo, ipds->ip->ip_dst));
 		if (!ndo->ndo_nflag && (p_name = netdb_protoname(ip_proto)) != NULL)
 			ND_PRINT(" %s", p_name);
 		else
@@ -698,25 +717,26 @@ ip_print(netdissect_options *ndo,
 	return;
 
 trunc:
-	ND_PRINT("%s", tstr);
+	nd_print_trunc(ndo);
 	return;
 }
 
 void
 ipN_print(netdissect_options *ndo, const u_char *bp, u_int length)
 {
+	ndo->ndo_protocol = "ipN";
 	if (length < 1) {
-		ND_PRINT("truncated-ip %d", length);
+		ND_PRINT("truncated-ip %u", length);
 		return;
 	}
 
 	ND_TCHECK_1(bp);
 	switch (EXTRACT_U_1(bp) & 0xF0) {
 	case 0x40:
-		ip_print (ndo, bp, length);
+		ip_print(ndo, bp, length);
 		break;
 	case 0x60:
-		ip6_print (ndo, bp, length);
+		ip6_print(ndo, bp, length);
 		break;
 	default:
 		ND_PRINT("unknown ip %u", (EXTRACT_U_1(bp) & 0xF0) >> 4);
@@ -725,15 +745,6 @@ ipN_print(netdissect_options *ndo, const u_char *bp, u_int length)
 	return;
 
 trunc:
-	ND_PRINT("%s", tstr);
+	nd_print_trunc(ndo);
 	return;
 }
-
-/*
- * Local Variables:
- * c-style: whitesmith
- * c-basic-offset: 8
- * End:
- */
-
-