X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/ee68aa36460d7efeca48747f33b7f2adc0900bfb..6f245276a2a24d673f2919e33476191781e20499:/print-sflow.c diff --git a/print-sflow.c b/print-sflow.c index 68bca017..51325e28 100644 --- a/print-sflow.c +++ b/print-sflow.c @@ -19,7 +19,7 @@ /* \summary: sFlow protocol printer */ -/* specification: http://www.sflow.org/developers/specifications.php */ +/* specification: https://sflow.org/developers/specifications.php */ #ifdef HAVE_CONFIG_H #include @@ -27,6 +27,7 @@ #include "netdissect-stdinc.h" +#define ND_LONGJMP_FROM_TCHECK #include "netdissect.h" #include "extract.h" #include "addrtoname.h" @@ -308,7 +309,6 @@ print_sflow_counter_generic(netdissect_options *ndo, return 1; sflow_gen_counter = (const struct sflow_generic_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_gen_counter); ND_PRINT("\n\t ifindex %u, iftype %u, ifspeed %" PRIu64 ", ifdirection %u (%s)", GET_BE_U_4(sflow_gen_counter->ifindex), GET_BE_U_4(sflow_gen_counter->iftype), @@ -342,9 +342,6 @@ print_sflow_counter_generic(netdissect_options *ndo, GET_BE_U_4(sflow_gen_counter->ifpromiscmode)); return 0; - -trunc: - return 1; } static int @@ -357,7 +354,6 @@ print_sflow_counter_ethernet(netdissect_options *ndo, return 1; sflow_eth_counter = (const struct sflow_ethernet_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_eth_counter); ND_PRINT("\n\t align errors %u, fcs errors %u, single collision %u, multiple collision %u, test error %u", GET_BE_U_4(sflow_eth_counter->alignerrors), GET_BE_U_4(sflow_eth_counter->fcserrors), @@ -376,9 +372,6 @@ print_sflow_counter_ethernet(netdissect_options *ndo, GET_BE_U_4(sflow_eth_counter->symbol_errors)); return 0; - -trunc: - return 1; } static int @@ -398,7 +391,6 @@ print_sflow_counter_basevg(netdissect_options *ndo, return 1; sflow_100basevg_counter = (const struct sflow_100basevg_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_100basevg_counter); ND_PRINT("\n\t in high prio frames %u, in high prio octets %" PRIu64, GET_BE_U_4(sflow_100basevg_counter->in_highpriority_frames), GET_BE_U_8(sflow_100basevg_counter->in_highpriority_octets)); @@ -423,9 +415,6 @@ print_sflow_counter_basevg(netdissect_options *ndo, GET_BE_U_8(sflow_100basevg_counter->hc_out_highpriority_octets)); return 0; - -trunc: - return 1; } static int @@ -438,7 +427,6 @@ print_sflow_counter_vlan(netdissect_options *ndo, return 1; sflow_vlan_counter = (const struct sflow_vlan_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_vlan_counter); ND_PRINT("\n\t vlan_id %u, octets %" PRIu64 ", unicast_pkt %u, multicast_pkt %u, broadcast_pkt %u, discards %u", GET_BE_U_4(sflow_vlan_counter->vlan_id), @@ -449,9 +437,6 @@ print_sflow_counter_vlan(netdissect_options *ndo, GET_BE_U_4(sflow_vlan_counter->discards)); return 0; - -trunc: - return 1; } struct sflow_processor_counter_t { @@ -472,7 +457,6 @@ print_sflow_counter_processor(netdissect_options *ndo, return 1; sflow_processor_counter = (const struct sflow_processor_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_processor_counter); ND_PRINT("\n\t 5sec %u, 1min %u, 5min %u, total_mem %" PRIu64 ", total_mem %" PRIu64, GET_BE_U_4(sflow_processor_counter->five_sec_util), @@ -482,9 +466,6 @@ print_sflow_counter_processor(netdissect_options *ndo, GET_BE_U_8(sflow_processor_counter->free_memory)); return 0; - -trunc: - return 1; } static int @@ -508,7 +489,6 @@ sflow_print_counter_records(netdissect_options *ndo, if (tlen < sizeof(struct sflow_counter_record_t)) return 1; sflow_counter_record = (const struct sflow_counter_record_t *)tptr; - ND_TCHECK_SIZE(sflow_counter_record); enterprise = GET_BE_U_4(sflow_counter_record->format); counter_type = enterprise & 0x0FFF; @@ -564,9 +544,6 @@ sflow_print_counter_records(netdissect_options *ndo, } return 0; - -trunc: - return 1; } static int @@ -580,7 +557,6 @@ sflow_print_counter_sample(netdissect_options *ndo, return 1; sflow_counter_sample = (const struct sflow_counter_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_counter_sample); nrecords = GET_BE_U_4(sflow_counter_sample->records); @@ -593,9 +569,6 @@ sflow_print_counter_sample(netdissect_options *ndo, return sflow_print_counter_records(ndo, pointer + sizeof(struct sflow_counter_sample_t), len - sizeof(struct sflow_counter_sample_t), nrecords); - -trunc: - return 1; } static int @@ -610,7 +583,6 @@ sflow_print_expanded_counter_sample(netdissect_options *ndo, return 1; sflow_expanded_counter_sample = (const struct sflow_expanded_counter_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_expanded_counter_sample); nrecords = GET_BE_U_4(sflow_expanded_counter_sample->records); @@ -623,9 +595,6 @@ sflow_print_expanded_counter_sample(netdissect_options *ndo, return sflow_print_counter_records(ndo, pointer + sizeof(struct sflow_expanded_counter_sample_t), len - sizeof(struct sflow_expanded_counter_sample_t), nrecords); - -trunc: - return 1; } static int @@ -638,7 +607,6 @@ print_sflow_raw_packet(netdissect_options *ndo, return 1; sflow_flow_raw = (const struct sflow_expanded_flow_raw_t *)pointer; - ND_TCHECK_SIZE(sflow_flow_raw); ND_PRINT("\n\t protocol %s (%u), length %u, stripped bytes %u, header_size %u", tok2str(sflow_flow_raw_protocol_values,"Unknown",GET_BE_U_4(sflow_flow_raw->protocol)), GET_BE_U_4(sflow_flow_raw->protocol), @@ -647,12 +615,9 @@ print_sflow_raw_packet(netdissect_options *ndo, GET_BE_U_4(sflow_flow_raw->header_size)); /* QUESTION - should we attempt to print the raw header itself? - assuming of course there is wnough data present to do so... */ + assuming of course there is enough data present to do so... */ return 0; - -trunc: - return 1; } static int @@ -665,16 +630,12 @@ print_sflow_ethernet_frame(netdissect_options *ndo, return 1; sflow_ethernet_frame = (const struct sflow_ethernet_frame_t *)pointer; - ND_TCHECK_SIZE(sflow_ethernet_frame); ND_PRINT("\n\t frame len %u, type %u", GET_BE_U_4(sflow_ethernet_frame->length), GET_BE_U_4(sflow_ethernet_frame->type)); return 0; - -trunc: - return 1; } static int @@ -687,7 +648,6 @@ print_sflow_extended_switch_data(netdissect_options *ndo, return 1; sflow_extended_sw_data = (const struct sflow_extended_switch_data_t *)pointer; - ND_TCHECK_SIZE(sflow_extended_sw_data); ND_PRINT("\n\t src vlan %u, src pri %u, dst vlan %u, dst pri %u", GET_BE_U_4(sflow_extended_sw_data->src_vlan), GET_BE_U_4(sflow_extended_sw_data->src_pri), @@ -695,9 +655,6 @@ print_sflow_extended_switch_data(netdissect_options *ndo, GET_BE_U_4(sflow_extended_sw_data->dst_pri)); return 0; - -trunc: - return 1; } static int @@ -722,7 +679,6 @@ sflow_print_flow_records(netdissect_options *ndo, return 1; sflow_flow_record = (const struct sflow_flow_record_t *)tptr; - ND_TCHECK_SIZE(sflow_flow_record); /* so, the funky encoding means we cannot blythly mask-off bits, we must also check the enterprise. */ @@ -785,9 +741,6 @@ sflow_print_flow_records(netdissect_options *ndo, } return 0; - -trunc: - return 1; } static int @@ -801,7 +754,6 @@ sflow_print_flow_sample(netdissect_options *ndo, return 1; sflow_flow_sample = (const struct sflow_flow_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_flow_sample); nrecords = GET_BE_U_4(sflow_flow_sample->records); @@ -819,9 +771,6 @@ sflow_print_flow_sample(netdissect_options *ndo, return sflow_print_flow_records(ndo, pointer + sizeof(struct sflow_flow_sample_t), len - sizeof(struct sflow_flow_sample_t), nrecords); - -trunc: - return 1; } static int @@ -835,7 +784,6 @@ sflow_print_expanded_flow_sample(netdissect_options *ndo, return 1; sflow_expanded_flow_sample = (const struct sflow_expanded_flow_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_expanded_flow_sample); nrecords = GET_BE_U_4(sflow_expanded_flow_sample->records); @@ -846,14 +794,11 @@ sflow_print_expanded_flow_sample(netdissect_options *ndo, GET_BE_U_4(sflow_expanded_flow_sample->rate), GET_BE_U_4(sflow_expanded_flow_sample->pool), GET_BE_U_4(sflow_expanded_flow_sample->drops), - GET_BE_U_4(sflow_expanded_flow_sample->records)); + nrecords); return sflow_print_flow_records(ndo, pointer + sizeof(struct sflow_expanded_flow_sample_t), len - sizeof(struct sflow_expanded_flow_sample_t), nrecords); - -trunc: - return 1; } void @@ -872,6 +817,12 @@ sflow_print(netdissect_options *ndo, tptr = pptr; tlen = len; sflow_datagram = (const struct sflow_datagram_t *)pptr; + if (len < sizeof(struct sflow_datagram_t)) { + ND_PRINT("sFlowv%u", GET_BE_U_4(sflow_datagram->version)); + ND_PRINT(" [length %u < %zu]", len, sizeof(struct sflow_datagram_t)); + nd_print_invalid(ndo); + return; + } ND_TCHECK_SIZE(sflow_datagram); /* @@ -887,7 +838,7 @@ sflow_print(netdissect_options *ndo, ND_PRINT("sFlowv%u, %s agent %s, agent-id %u, length %u", GET_BE_U_4(sflow_datagram->version), GET_BE_U_4(sflow_datagram->ip_version) == 1 ? "IPv4" : "IPv6", - ipaddr_string(ndo, sflow_datagram->agent), + GET_IPADDR_STRING(sflow_datagram->agent), GET_BE_U_4(sflow_datagram->agent_id), len); return; @@ -898,7 +849,7 @@ sflow_print(netdissect_options *ndo, ND_PRINT("sFlowv%u, %s agent %s, agent-id %u, seqnum %u, uptime %u, samples %u, length %u", GET_BE_U_4(sflow_datagram->version), GET_BE_U_4(sflow_datagram->ip_version) == 1 ? "IPv4" : "IPv6", - ipaddr_string(ndo, sflow_datagram->agent), + GET_IPADDR_STRING(sflow_datagram->agent), GET_BE_U_4(sflow_datagram->agent_id), GET_BE_U_4(sflow_datagram->seqnum), GET_BE_U_4(sflow_datagram->uptime), @@ -911,13 +862,12 @@ sflow_print(netdissect_options *ndo, while (nsamples > 0 && tlen > 0) { sflow_sample = (const struct sflow_sample_header *)tptr; - ND_TCHECK_SIZE(sflow_sample); sflow_sample_type = (GET_BE_U_4(sflow_sample->format)&0x0FFF); sflow_sample_len = GET_BE_U_4(sflow_sample->len); if (tlen < sizeof(struct sflow_sample_header)) - goto trunc; + goto invalid; tptr += sizeof(struct sflow_sample_header); tlen -= sizeof(struct sflow_sample_header); @@ -933,7 +883,7 @@ sflow_print(netdissect_options *ndo, } if (tlen < sflow_sample_len) - goto trunc; + goto invalid; /* did we capture enough for fully decoding the sample ? */ ND_TCHECK_LEN(tptr, sflow_sample_len); @@ -941,22 +891,22 @@ sflow_print(netdissect_options *ndo, switch(sflow_sample_type) { case SFLOW_FLOW_SAMPLE: if (sflow_print_flow_sample(ndo, tptr, tlen)) - goto trunc; + goto invalid; break; case SFLOW_COUNTER_SAMPLE: if (sflow_print_counter_sample(ndo, tptr,tlen)) - goto trunc; + goto invalid; break; case SFLOW_EXPANDED_FLOW_SAMPLE: if (sflow_print_expanded_flow_sample(ndo, tptr, tlen)) - goto trunc; + goto invalid; break; case SFLOW_EXPANDED_COUNTER_SAMPLE: if (sflow_print_expanded_counter_sample(ndo, tptr,tlen)) - goto trunc; + goto invalid; break; default: @@ -970,6 +920,7 @@ sflow_print(netdissect_options *ndo, } return; - trunc: - nd_print_trunc(ndo); +invalid: + nd_print_invalid(ndo); + ND_TCHECK_LEN(tptr, tlen); }