With this change the number of bytes available in the captured data
given by the macro is 0 when the argument is greater than or equal
to ndo_snapend or less than ndo_packetp (e.g. pointer underflow).
i.e.:
If p is like p3, the macro gives 0.
If p is like p1, the macro gives 0.
|------------------|-----------------------|-----------------|
p1 < ndo_packetp <= p2 < ndo_snapend <= p3
Update the ascii_print(), hex_and_ascii_print_with_offset() and
hex_print_with_offset() functions accordingly.
This is a follow-up to
07a7f33ba3ff346b9ce31772645a06980baca907.
(cherry picked from commit
0d4083ee8687a9f6578e26a1407bd9f2a9d27885)
* Number of bytes remaining in the captured data, starting at the
* byte pointed to by the argument.
*/
-#define ND_BYTES_AVAILABLE_AFTER(p) ND_BYTES_BETWEEN((p), ndo->ndo_snapend)
+#define ND_BYTES_AVAILABLE_AFTER(p) ((const u_char *)(p) < ndo->ndo_packetp ? 0 : ND_BYTES_BETWEEN((p), ndo->ndo_snapend))
/* Check length < minimum for invalid packet with a custom message, format %u */
#define ND_LCHECKMSG_U(length, minimum, what) \
int truncated = FALSE;
ndo->ndo_protocol = "ascii";
- caplength = (ndo->ndo_snapend > cp) ? ND_BYTES_AVAILABLE_AFTER(cp) : 0;
+ caplength = ND_BYTES_AVAILABLE_AFTER(cp);
if (length > caplength) {
length = caplength;
truncated = TRUE;
char hexstuff[HEXDUMP_SHORTS_PER_LINE*HEXDUMP_HEXSTUFF_PER_SHORT+1], *hsp;
char asciistuff[ASCII_LINELENGTH+1], *asp;
- caplength = (ndo->ndo_snapend > cp) ? ND_BYTES_AVAILABLE_AFTER(cp) : 0;
+ caplength = ND_BYTES_AVAILABLE_AFTER(cp);
if (length > caplength) {
length = caplength;
truncated = TRUE;
u_int nshorts;
int truncated = FALSE;
- caplength = (ndo->ndo_snapend > cp) ? ND_BYTES_AVAILABLE_AFTER(cp) : 0;
+ caplength = ND_BYTES_AVAILABLE_AFTER(cp);
if (length > caplength) {
length = caplength;
truncated = TRUE;