X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/efe8a2be5a82de3dc25b197a4d7c05987ec6dd3b..a890c4489fa1bcee9f455ee28d772bb1ccf590bf:/print-isoclns.c diff --git a/print-isoclns.c b/print-isoclns.c index e990a91d..f8de7bce 100644 --- a/print-isoclns.c +++ b/print-isoclns.c @@ -1055,7 +1055,7 @@ esis_print(netdissect_options *ndo, if (li < sizeof(struct esis_header_t) + 2) { ND_PRINT((ndo, " length indicator < min PDU size %d:", li)); - while (--length != 0) + while (pptr < ndo->ndo_snapend) ND_PRINT((ndo, "%02X", *pptr++)); return; } @@ -1658,8 +1658,8 @@ isis_print_tlv_ip_reach(netdissect_options *ndo, static int isis_print_ip_reach_subtlv(netdissect_options *ndo, const uint8_t *tptr, int subt, int subl, - const char *ident) { - + const char *ident) +{ /* first lets see if we know the subTLVs name*/ ND_PRINT((ndo, "%s%s subTLV #%u, length: %u", ident, tok2str(isis_ext_ip_reach_subtlv_values, "unknown", subt), @@ -1708,8 +1708,8 @@ trunctlv: static int isis_print_is_reach_subtlv(netdissect_options *ndo, const uint8_t *tptr, u_int subt, u_int subl, - const char *ident) { - + const char *ident) +{ u_int te_class,priority_level,gmpls_switch_cap; union { /* int to float conversion buffer for several subTLVs */ float f; @@ -1868,8 +1868,8 @@ trunctlv: static int isis_print_ext_is_reach(netdissect_options *ndo, - const uint8_t *tptr, const char *ident, int tlv_type) { - + const uint8_t *tptr, const char *ident, int tlv_type) +{ char ident_buffer[20]; int subtlv_type,subtlv_len,subtlv_sum_len; int proc_bytes = 0; /* how many bytes did we process ? */ @@ -1918,8 +1918,8 @@ isis_print_ext_is_reach(netdissect_options *ndo, static int isis_print_mtid(netdissect_options *ndo, - const uint8_t *tptr, const char *ident) { - + const uint8_t *tptr, const char *ident) +{ if (!ND_TTEST2(*tptr, 2)) return(0); @@ -1945,8 +1945,8 @@ isis_print_mtid(netdissect_options *ndo, static int isis_print_extd_ip_reach(netdissect_options *ndo, - const uint8_t *tptr, const char *ident, uint16_t afi) { - + const uint8_t *tptr, const char *ident, uint16_t afi) +{ char ident_buffer[20]; #ifdef INET6 uint8_t prefix[sizeof(struct in6_addr)]; /* shared copy buffer for IPv4 and IPv6 prefixes */ @@ -3081,15 +3081,31 @@ osi_print_cksum(netdissect_options *ndo, { uint16_t calculated_checksum; - /* do not attempt to verify the checksum if it is zero */ - if (!checksum) { + /* do not attempt to verify the checksum if it is zero, + * if the total length is nonsense, + * if the offset is nonsense, + * or the base pointer is not sane + */ + if (!checksum + || length > ndo->ndo_snaplen + || checksum_offset > ndo->ndo_snaplen + || checksum_offset > length) { ND_PRINT((ndo, "(unverified)")); } else { + unsigned char *truncated = "trunc"; +#if 0 + printf("\nosi_print_cksum: %p %u %u %u\n", pptr, checksum_offset, length, ndo->ndo_snaplen); + ND_TCHECK2(pptr, checksum_offset+length); +#endif calculated_checksum = create_osi_cksum(pptr, checksum_offset, length); if (checksum == calculated_checksum) { ND_PRINT((ndo, " (correct)")); } else { - ND_PRINT((ndo, " (incorrect should be 0x%04x)", calculated_checksum)); + truncated = "incorrect"; +#if 0 + trunc: +#endif + ND_PRINT((ndo, " (%s should be 0x%04x)", truncated, calculated_checksum)); } } }