]> The Tcpdump Group git mirrors - tcpdump/commitdiff
projects / tcpdump / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 96026bd)
gre: clean up GRE "version 1" (PPTP) parsing of "key" field.
authorGuy Harris <[email protected]>
Sat, 10 Jun 2023 07:52:23 +0000 (00:52 -0700)
committerGuy Harris <[email protected]>
Sat, 10 Jun 2023 07:52:23 +0000 (00:52 -0700)
In the PPTP (RFC 2637) version of the PPTP header, the "key" field,
which must be present, consists of a 2-byte big-endian payload length
followed by a 2-byte big-endian call ID.  Dissect it as such, and report
an error if the K bit *isn't* set.

print-gre.c patch | blob | history

diff --git a/print-gre.c b/print-gre.c
index 04b030f85310b645dec202c12f896cfa46c020ca..3355005acd30d9dbe6e2a17e9cc7cd4df6289a84 100644 (file)
--- a/print-gre.c
+++ b/print-gre.c
@@ -348,16 +348,19 @@ gre_print_1(netdissect_options *ndo, const u_char *bp, u_int length)
        len -= 2;
        bp += 2;
 
-
        if (flags & GRE_KP) {
-               uint32_t k;
+               /* Skip payload length? */
+               ND_ICHECK_U(len, <, 2);
+               ND_TCHECK_LEN(bp, 2);
+               len -= 2;
+               bp += 2;
 
-               ND_ICHECK_U(len, <, 4);
-               k = GET_BE_U_4(bp);
-               ND_PRINT(", call %u", k & 0xffff);
-               len -= 4;
-               bp += 4;
-       }
+               ND_ICHECK_U(len, <, 2);
+               ND_PRINT(", call %u", GET_BE_U_2(bp));
+               len -= 2;
+               bp += 2;
+       } else
+               ND_PRINT(", (ERROR: K flag not set)");
 
        if (flags & GRE_SP) {
                ND_ICHECK_U(len, <, 4);
[mirror] the TCPdump network dissector