X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/f67e46a634dd3bdcefa9fc09dbef6baae1b1d1ed..4c683712d4b483b43f16d41d09ec6232cbc917ca:/print-ip.c

diff --git a/print-ip.c b/print-ip.c
index 5edc6221..9621dada 100644
--- a/print-ip.c
+++ b/print-ip.c
@@ -358,9 +358,11 @@ ip_print(netdissect_options *ndo,
 
 	ND_TCHECK_SIZE(ip);
 	/*
-	 * Cut off the snapshot length to the end of the IP payload.
+	 * Cut off the snapshot length to the end of the IP payload
+	 * or the end of the data in which it's contained, whichever
+	 * comes first.
 	 */
-	if (!nd_push_snaplen(ndo, bp, len)) {
+	if (!nd_push_snaplen(ndo, bp, ND_MIN(length, len))) {
 		(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
 			"%s: can't push snaplen on buffer stack", __func__);
 	}
@@ -414,7 +416,7 @@ ip_print(netdissect_options *ndo,
 	    else
                 ND_PRINT(", length %u", GET_BE_U_2(ip->ip_len));
 
-            if ((hlen - sizeof(struct ip)) > 0) {
+            if ((hlen > sizeof(struct ip))) {
                 ND_PRINT(", options (");
                 if (ip_optprint(ndo, (const u_char *)(ip + 1),
                     hlen - sizeof(struct ip)) == -1) {
@@ -424,7 +426,7 @@ ip_print(netdissect_options *ndo,
                 ND_PRINT(")");
             }
 
-	    if (!ndo->ndo_Kflag && (const u_char *)ip + hlen <= ndo->ndo_snapend) {
+	    if (!ndo->ndo_Kflag && ND_TTEST_LEN((const u_char *)ip, hlen)) {
 	        vec[0].ptr = (const uint8_t *)(const void *)ip;
 	        vec[0].len = hlen;
 	        sum = in_cksum(vec, 1);