Clean up length checks.

Check only the amount of length that matters at any given point; yes,
this means we do multiple checks, but so it goes.

We don't need to check for LLC+SNAP - llc_print() does that for us.  We
do, however, need to check to make sure we can safely skip the Fore
header.

diff --git a/print-atm.c b/print-atm.c
index 2531880b40efd22f23e08f84bc49f81abcbbf083..9361065937b2951190dd13bc6219db84d24ee2e6 100644 (file)
--- a/print-atm.c
+++ b/print-atm.c
@@ -165,7 +165,7 @@ atm_if_print(netdissect_options *ndo,
        uint32_t llchdr;
        u_int hdrlen = 0;
 
-       if (caplen < 8) {
+       if (caplen < 1 || length < 1) {
                ND_PRINT((ndo, "%s", tstr));
                return (caplen);
        }
@@ -178,6 +178,15 @@ atm_if_print(netdissect_options *ndo,
             return hdrlen;
         }
 
+       /*
+        * Must have at least a DSAP, an SSAP, and the first byte of the
+        * control field.
+        */
+       if (caplen < 3 || length < 3) {
+               ND_PRINT((ndo, "%s", tstr));
+               return (caplen);
+       }
+
        /*
         * Extract the presumed LLC header into a variable, for quick
         * testing.
@@ -205,6 +214,10 @@ atm_if_print(netdissect_options *ndo,
                 * packets?  If so, could it be changed to use a
                 * new DLT_IEEE802_6 value if we added it?
                 */
+               if (caplen < 20 || length < 20) {
+                       ND_PRINT((ndo, "%s", tstr));
+                       return (caplen);
+               }
                if (ndo->ndo_eflag)
                        ND_PRINT((ndo, "%08x%08x %08x%08x ",
                               EXTRACT_32BITS(p),