*/
struct lwapp_transport_header {
- uint8_t version;
- uint8_t frag_id;
- uint8_t length[2];
- uint16_t status;
+ nd_uint8_t version;
+ nd_uint8_t frag_id;
+ nd_uint16_t length;
+ nd_uint16_t status;
};
/*
*/
struct lwapp_control_header {
- uint8_t msg_type;
- uint8_t seq_num;
- uint8_t len[2];
- uint8_t session_id[4];
+ nd_uint8_t msg_type;
+ nd_uint8_t seq_num;
+ nd_uint16_t len;
+ nd_uint32_t session_id;
};
#define LWAPP_VERSION 0
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
struct lwapp_message_header {
- uint8_t type;
- uint8_t length[2];
+ nd_uint8_t type;
+ nd_uint16_t length;
};
void
const struct lwapp_transport_header *lwapp_trans_header;
const struct lwapp_control_header *lwapp_control_header;
const u_char *tptr;
- int tlen;
- int msg_tlen;
+ uint8_t version;
+ u_int tlen;
+ u_int msg_type, msg_tlen;
tptr=pptr;
lwapp_trans_header = (const struct lwapp_transport_header *)pptr;
}
ND_TCHECK(*lwapp_trans_header);
+ version = EXTRACT_U_1(lwapp_trans_header->version);
/*
* Sanity checking of the header.
*/
- if (LWAPP_EXTRACT_VERSION(lwapp_trans_header->version) != LWAPP_VERSION) {
+ if (LWAPP_EXTRACT_VERSION(version) != LWAPP_VERSION) {
ND_PRINT((ndo, "LWAPP version %u packet not supported",
- LWAPP_EXTRACT_VERSION(lwapp_trans_header->version)));
+ LWAPP_EXTRACT_VERSION(version)));
return;
}
/* non-verbose */
if (ndo->ndo_vflag < 1) {
ND_PRINT((ndo, "LWAPPv%u, %s frame, Flags [%s], length %u",
- LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
- LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
- bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
+ LWAPP_EXTRACT_VERSION(version),
+ LWAPP_EXTRACT_CONTROL_BIT(version) ? "Control" : "Data",
+ bittok2str(lwapp_header_bits_values,"none",version&0x07),
len));
return;
}
tlen=EXTRACT_BE_U_2(lwapp_trans_header->length);
ND_PRINT((ndo, "LWAPPv%u, %s frame, Radio-id %u, Flags [%s], Frag-id %u, length %u",
- LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
- LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
- LWAPP_EXTRACT_RID(lwapp_trans_header->version),
- bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
- lwapp_trans_header->frag_id,
+ LWAPP_EXTRACT_VERSION(version),
+ LWAPP_EXTRACT_CONTROL_BIT(version) ? "Control" : "Data",
+ LWAPP_EXTRACT_RID(version),
+ bittok2str(lwapp_header_bits_values,"none",version&0x07),
+ EXTRACT_U_1(lwapp_trans_header->frag_id),
tlen));
if (has_ap_ident) {
tptr+=sizeof(struct lwapp_transport_header);
}
- while(tlen>0) {
+ while(tlen!=0) {
/* did we capture enough for fully decoding the object header ? */
ND_TCHECK_LEN(tptr, sizeof(struct lwapp_control_header));
+ if (tlen < sizeof(struct lwapp_control_header)) {
+ ND_PRINT((ndo, "\n\t Msg goes past end of PDU"));
+ break;
+ }
lwapp_control_header = (const struct lwapp_control_header *)tptr;
msg_tlen = EXTRACT_BE_U_2(lwapp_control_header->len);
+ if (tlen < sizeof(struct lwapp_control_header) + msg_tlen) {
+ ND_PRINT((ndo, "\n\t Msg goes past end of PDU"));
+ break;
+ }
/* print message header */
- ND_PRINT((ndo, "\n\t Msg type: %s (%u), Seqnum: %u, Msg len: %d, Session: 0x%08x",
- tok2str(lwapp_msg_type_values,"Unknown",lwapp_control_header->msg_type),
- lwapp_control_header->msg_type,
- lwapp_control_header->seq_num,
+ msg_type = EXTRACT_U_1(lwapp_control_header->msg_type);
+ ND_PRINT((ndo, "\n\t Msg type: %s (%u), Seqnum: %u, Msg len: %u, Session: 0x%08x",
+ tok2str(lwapp_msg_type_values,"Unknown",msg_type),
+ msg_type,
+ EXTRACT_U_1(lwapp_control_header->seq_num),
msg_tlen,
EXTRACT_BE_U_4(lwapp_control_header->session_id)));
ND_TCHECK_LEN(tptr, msg_tlen);
/* XXX - Decode sub messages for each message */
- switch(lwapp_control_header->msg_type) {
+ switch(msg_type) {
case LWAPP_MSGTYPE_DISCOVERY_REQUEST:
case LWAPP_MSGTYPE_DISCOVERY_RESPONSE:
case LWAPP_MSGTYPE_JOIN_REQUEST:
{
const struct lwapp_transport_header *lwapp_trans_header;
const u_char *tptr;
- int tlen;
+ u_int tlen;
+ u_int version;
tptr=pptr;
ND_TCHECK_6(tptr);
lwapp_trans_header = (const struct lwapp_transport_header *)pptr;
ND_TCHECK(*lwapp_trans_header);
+ version = EXTRACT_U_1(lwapp_trans_header->version);
/*
* Sanity checking of the header.
*/
- if (LWAPP_EXTRACT_VERSION(lwapp_trans_header->version) != LWAPP_VERSION) {
+ if (LWAPP_EXTRACT_VERSION(version) != LWAPP_VERSION) {
ND_PRINT((ndo, "LWAPP version %u packet not supported",
- LWAPP_EXTRACT_VERSION(lwapp_trans_header->version)));
+ LWAPP_EXTRACT_VERSION(version)));
return;
}
/* non-verbose */
if (ndo->ndo_vflag < 1) {
ND_PRINT((ndo, "LWAPPv%u, %s frame, Flags [%s], length %u",
- LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
- LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
- bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
+ LWAPP_EXTRACT_VERSION(version),
+ LWAPP_EXTRACT_CONTROL_BIT(version) ? "Control" : "Data",
+ bittok2str(lwapp_header_bits_values,"none",version&0x07),
len));
return;
}
/* ok they seem to want to know everything - lets fully decode it */
tlen=EXTRACT_BE_U_2(lwapp_trans_header->length);
+ if (tlen < sizeof(struct lwapp_transport_header)) {
+ ND_PRINT((ndo, "LWAPPv%u, %s frame, Radio-id %u, Flags [%s], length %u < transport header length",
+ LWAPP_EXTRACT_VERSION(version),
+ LWAPP_EXTRACT_CONTROL_BIT(version) ? "Control" : "Data",
+ LWAPP_EXTRACT_RID(version),
+ bittok2str(lwapp_header_bits_values,"none",version&0x07),
+ tlen));
+ return;
+ }
ND_PRINT((ndo, "LWAPPv%u, %s frame, Radio-id %u, Flags [%s], Frag-id %u, length %u",
- LWAPP_EXTRACT_VERSION(lwapp_trans_header->version),
- LWAPP_EXTRACT_CONTROL_BIT(lwapp_trans_header->version) ? "Control" : "Data",
- LWAPP_EXTRACT_RID(lwapp_trans_header->version),
- bittok2str(lwapp_header_bits_values,"none",(lwapp_trans_header->version)&0x07),
- lwapp_trans_header->frag_id,
+ LWAPP_EXTRACT_VERSION(version),
+ LWAPP_EXTRACT_CONTROL_BIT(version) ? "Control" : "Data",
+ LWAPP_EXTRACT_RID(version),
+ bittok2str(lwapp_header_bits_values,"none",version&0x07),
+ EXTRACT_U_1(lwapp_trans_header->frag_id),
tlen));
tptr+=sizeof(struct lwapp_transport_header);