X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/ef5323efe6c03aaa50eac0949bf95999b91fe05b..refs/heads/coverity_scan:/print-sflow.c

diff --git a/print-sflow.c b/print-sflow.c
index ff50c555..ca444213 100644
--- a/print-sflow.c
+++ b/print-sflow.c
@@ -21,9 +21,7 @@
 
 /* specification: https://sflow.org/developers/specifications.php */
 
-#ifdef HAVE_CONFIG_H
 #include <config.h>
-#endif
 
 #include "netdissect-stdinc.h"
 
@@ -120,22 +118,22 @@ struct sflow_expanded_flow_sample_t {
     nd_uint32_t records;
 };
 
-#define 	SFLOW_FLOW_RAW_PACKET			1
-#define 	SFLOW_FLOW_ETHERNET_FRAME		2
-#define 	SFLOW_FLOW_IPV4_DATA			3
-#define 	SFLOW_FLOW_IPV6_DATA			4
-#define 	SFLOW_FLOW_EXTENDED_SWITCH_DATA		1001
-#define 	SFLOW_FLOW_EXTENDED_ROUTER_DATA		1002
-#define 	SFLOW_FLOW_EXTENDED_GATEWAY_DATA 	1003
-#define 	SFLOW_FLOW_EXTENDED_USER_DATA		1004
-#define 	SFLOW_FLOW_EXTENDED_URL_DATA		1005
-#define 	SFLOW_FLOW_EXTENDED_MPLS_DATA		1006
-#define 	SFLOW_FLOW_EXTENDED_NAT_DATA		1007
-#define 	SFLOW_FLOW_EXTENDED_MPLS_TUNNEL		1008
-#define 	SFLOW_FLOW_EXTENDED_MPLS_VC		1009
-#define 	SFLOW_FLOW_EXTENDED_MPLS_FEC		1010
-#define 	SFLOW_FLOW_EXTENDED_MPLS_LVP_FEC	1011
-#define 	SFLOW_FLOW_EXTENDED_VLAN_TUNNEL		1012
+#define	SFLOW_FLOW_RAW_PACKET			1
+#define	SFLOW_FLOW_ETHERNET_FRAME		2
+#define	SFLOW_FLOW_IPV4_DATA			3
+#define	SFLOW_FLOW_IPV6_DATA			4
+#define	SFLOW_FLOW_EXTENDED_SWITCH_DATA		1001
+#define	SFLOW_FLOW_EXTENDED_ROUTER_DATA		1002
+#define	SFLOW_FLOW_EXTENDED_GATEWAY_DATA	1003
+#define	SFLOW_FLOW_EXTENDED_USER_DATA		1004
+#define	SFLOW_FLOW_EXTENDED_URL_DATA		1005
+#define	SFLOW_FLOW_EXTENDED_MPLS_DATA		1006
+#define	SFLOW_FLOW_EXTENDED_NAT_DATA		1007
+#define	SFLOW_FLOW_EXTENDED_MPLS_TUNNEL		1008
+#define	SFLOW_FLOW_EXTENDED_MPLS_VC		1009
+#define	SFLOW_FLOW_EXTENDED_MPLS_FEC		1010
+#define	SFLOW_FLOW_EXTENDED_MPLS_LVP_FEC	1011
+#define	SFLOW_FLOW_EXTENDED_VLAN_TUNNEL		1012
 
 static const struct tok sflow_flow_type_values[] = {
     { SFLOW_FLOW_RAW_PACKET, "Raw packet"},
@@ -494,7 +492,7 @@ sflow_print_counter_records(netdissect_options *ndo,
     tptr = pointer;
     tlen = len;
 
-    while (nrecords > 0) {
+    while (nrecords != 0) {
 	/* do we have the "header?" */
 	if (tlen < sizeof(struct sflow_counter_record_t))
 	    return 1;
@@ -683,14 +681,14 @@ sflow_print_flow_records(netdissect_options *ndo,
     tptr = pointer;
     tlen = len;
 
-    while (nrecords > 0) {
+    while (nrecords != 0) {
 	/* do we have the "header?" */
 	if (tlen < sizeof(struct sflow_flow_record_t))
 	    return 1;
 
 	sflow_flow_record = (const struct sflow_flow_record_t *)tptr;
 
-	/* so, the funky encoding means we cannot blythly mask-off
+	/* so, the funky encoding means we cannot blithely mask-off
 	   bits, we must also check the enterprise. */
 
 	enterprise = GET_BE_U_4(sflow_flow_record->format);
@@ -876,6 +874,7 @@ sflow_print(netdissect_options *ndo,
                len);
 
         /* skip Common header */
+        ND_ICHECK_ZU(tlen, <, sizeof(struct sflow_datagram_t));
         tptr += sizeof(struct sflow_datagram_t);
         tlen -= sizeof(struct sflow_datagram_t);
     } else {
@@ -895,7 +894,7 @@ sflow_print(netdissect_options *ndo,
         tptr += sizeof(struct sflow_v6_datagram_t);
         tlen -= sizeof(struct sflow_v6_datagram_t);
     }
-    while (nsamples > 0 && tlen > 0) {
+    while (nsamples != 0 && tlen != 0) {
         sflow_sample = (const struct sflow_sample_header *)tptr;
 
         sflow_sample_type = (GET_BE_U_4(sflow_sample->format)&0x0FFF);