As struct pkt_id informally notes it, the site name string follows
"seqptr's", which is a sequence of zero or more (as encoded in the "nid"
field) struct id_off items. Try to print the string after trying to
print the sequence, so the output makes as much sense as possible for
truncated packets. Also remove one ND_TTEST_LEN() before a nd_print() so
the latter prints as much data as is available and deals with the
snapshot end.
While at it, rename and retype a pointer for clarity and lose two excess
type casts, also add a length sanity check.
const struct pkt_id *id, u_int len)
{
u_int i;
const struct pkt_id *id, u_int len)
{
u_int i;
+ const u_char *sitename;
const struct id_off *io;
char c;
u_int nid;
const struct id_off *io;
char c;
u_int nid;
GET_BE_U_4(id->pi_mpage.p_uid));
nid = GET_BE_U_2(id->pi_ps.nid);
GET_BE_U_4(id->pi_mpage.p_uid));
nid = GET_BE_U_2(id->pi_ps.nid);
+ if (len < sizeof(*io) * nid)
+ return (-1);
len -= sizeof(*io) * nid;
io = (const struct id_off *)(id + 1);
len -= sizeof(*io) * nid;
io = (const struct id_off *)(id + 1);
- cp = (const char *)(io + nid);
- if (ND_TTEST_LEN(cp, len)) {
- ND_PRINT("\"");
- nd_print(ndo, (const u_char *)cp, (const u_char *)cp + len);
- ND_PRINT("\"");
- }
+ sitename = (const u_char *)(io + nid);
c = '<';
for (i = 0; i < nid && ND_TTEST_SIZE(io); ++io, ++i) {
c = '<';
for (i = 0; i < nid && ND_TTEST_SIZE(io); ++io, ++i) {
c = ',';
}
if (i >= nid) {
c = ',';
}
if (i >= nid) {
+ ND_PRINT("> \"");
+ (void)nd_print(ndo, sitename, sitename + len);
+ ND_PRINT("\"");
return (0);
}
return (-1);
return (0);
}
return (-1);
projects / tcpdump / commitdiff
