X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/ef5323efe6c03aaa50eac0949bf95999b91fe05b..f64a4a5f49bcbcb996820b566d7ffe9f7cefe4f3:/print-sflow.c

diff --git a/print-sflow.c b/print-sflow.c
index ff50c555..0b6a832e 100644
--- a/print-sflow.c
+++ b/print-sflow.c
@@ -120,22 +120,22 @@ struct sflow_expanded_flow_sample_t {
     nd_uint32_t records;
 };
 
-#define 	SFLOW_FLOW_RAW_PACKET			1
-#define 	SFLOW_FLOW_ETHERNET_FRAME		2
-#define 	SFLOW_FLOW_IPV4_DATA			3
-#define 	SFLOW_FLOW_IPV6_DATA			4
-#define 	SFLOW_FLOW_EXTENDED_SWITCH_DATA		1001
-#define 	SFLOW_FLOW_EXTENDED_ROUTER_DATA		1002
-#define 	SFLOW_FLOW_EXTENDED_GATEWAY_DATA 	1003
-#define 	SFLOW_FLOW_EXTENDED_USER_DATA		1004
-#define 	SFLOW_FLOW_EXTENDED_URL_DATA		1005
-#define 	SFLOW_FLOW_EXTENDED_MPLS_DATA		1006
-#define 	SFLOW_FLOW_EXTENDED_NAT_DATA		1007
-#define 	SFLOW_FLOW_EXTENDED_MPLS_TUNNEL		1008
-#define 	SFLOW_FLOW_EXTENDED_MPLS_VC		1009
-#define 	SFLOW_FLOW_EXTENDED_MPLS_FEC		1010
-#define 	SFLOW_FLOW_EXTENDED_MPLS_LVP_FEC	1011
-#define 	SFLOW_FLOW_EXTENDED_VLAN_TUNNEL		1012
+#define	SFLOW_FLOW_RAW_PACKET			1
+#define	SFLOW_FLOW_ETHERNET_FRAME		2
+#define	SFLOW_FLOW_IPV4_DATA			3
+#define	SFLOW_FLOW_IPV6_DATA			4
+#define	SFLOW_FLOW_EXTENDED_SWITCH_DATA		1001
+#define	SFLOW_FLOW_EXTENDED_ROUTER_DATA		1002
+#define	SFLOW_FLOW_EXTENDED_GATEWAY_DATA	1003
+#define	SFLOW_FLOW_EXTENDED_USER_DATA		1004
+#define	SFLOW_FLOW_EXTENDED_URL_DATA		1005
+#define	SFLOW_FLOW_EXTENDED_MPLS_DATA		1006
+#define	SFLOW_FLOW_EXTENDED_NAT_DATA		1007
+#define	SFLOW_FLOW_EXTENDED_MPLS_TUNNEL		1008
+#define	SFLOW_FLOW_EXTENDED_MPLS_VC		1009
+#define	SFLOW_FLOW_EXTENDED_MPLS_FEC		1010
+#define	SFLOW_FLOW_EXTENDED_MPLS_LVP_FEC	1011
+#define	SFLOW_FLOW_EXTENDED_VLAN_TUNNEL		1012
 
 static const struct tok sflow_flow_type_values[] = {
     { SFLOW_FLOW_RAW_PACKET, "Raw packet"},
@@ -690,7 +690,7 @@ sflow_print_flow_records(netdissect_options *ndo,
 
 	sflow_flow_record = (const struct sflow_flow_record_t *)tptr;
 
-	/* so, the funky encoding means we cannot blythly mask-off
+	/* so, the funky encoding means we cannot blithely mask-off
 	   bits, we must also check the enterprise. */
 
 	enterprise = GET_BE_U_4(sflow_flow_record->format);
@@ -876,6 +876,7 @@ sflow_print(netdissect_options *ndo,
                len);
 
         /* skip Common header */
+        ND_ICHECK_ZU(tlen, <, sizeof(struct sflow_datagram_t));
         tptr += sizeof(struct sflow_datagram_t);
         tlen -= sizeof(struct sflow_datagram_t);
     } else {