]> The Tcpdump Group git mirrors - tcpdump/commitdiff
projects / tcpdump / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 806a7ca)
But the PDU length checks back, so "tmp" doesn't go negative.
authorguy <guy>
Mon, 5 Sep 2005 18:20:15 +0000 (18:20 +0000)
committerguy <guy>
Mon, 5 Sep 2005 18:20:15 +0000 (18:20 +0000)
At least as I read RFC 3847, you won't get a system ID without the
remaining hold time field; after printing the flags field, check whether
there's anything else after the flag field and, if not, quit, otherwise
print the remaining hold time field and, if present, the system ID field.

print-isoclns.c patch | blob | history

diff --git a/print-isoclns.c b/print-isoclns.c
index d52c655300992e755407030359fdba71356c44b3..2f66d40c9826354e5a4cd426c8d5b79d719cdcee 100644 (file)
--- a/print-isoclns.c
+++ b/print-isoclns.c
@@ -26,7 +26,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
 
 #ifndef lint
 static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-isoclns.c,v 1.150 2005-09-05 11:12:33 hannes Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/print-isoclns.c,v 1.151 2005-09-05 18:20:15 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -2493,22 +2493,27 @@ static int isis_print (const u_int8_t *p, u_int length)
 
        case ISIS_TLV_RESTART_SIGNALING:
             /* first attempt to decode the flags */
 
        case ISIS_TLV_RESTART_SIGNALING:
             /* first attempt to decode the flags */
+            if (tmp < ISIS_TLV_RESTART_SIGNALING_FLAGLEN)
+                break;
             if (!TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_FLAGLEN))
                 goto trunctlv;
             printf("\n\t      Flags [%s]",
                    bittok2str(isis_restart_flag_values, "none", *tptr));
             if (!TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_FLAGLEN))
                 goto trunctlv;
             printf("\n\t      Flags [%s]",
                    bittok2str(isis_restart_flag_values, "none", *tptr));
-           tptr+=1;
-            tmp-=1;
+            tptr+=ISIS_TLV_RESTART_SIGNALING_FLAGLEN;
+            tmp-=ISIS_TLV_RESTART_SIGNALING_FLAGLEN;
 
 
-            /* is there an additional remaining holdtime */
-            if (tmp >= ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN) {
-                    if (!TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN))
-                            goto trunctlv;
+            /* is there anything other than the flags field? */
+            if (tmp == 0)
+                break;
 
 
-                    printf(", Remaining holding time %us", EXTRACT_16BITS(tptr+1));
-                    tptr+=2;
-                    tmp-=2;
-            }
+            if (tmp < ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN)
+                break;
+            if (!TTEST2(*tptr, ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN))
+                goto trunctlv;
+
+            printf(", Remaining holding time %us", EXTRACT_16BITS(tptr+1));
+            tptr+=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN;
+            tmp-=ISIS_TLV_RESTART_SIGNALING_HOLDTIMELEN;
 
             /* is there an additional sysid field present ?*/
             if (tmp == SYSTEM_ID_LEN) {
 
             /* is there an additional sysid field present ?*/
             if (tmp == SYSTEM_ID_LEN) {
[mirror] the TCPdump network dissector