IPv6: Report another invalid case as invalid, not truncated

author Francois-Xavier Le Bail <[email protected]>

Sat, 26 Aug 2023 19:36:09 +0000 (21:36 +0200)

committer Francois-Xavier Le Bail <[email protected]>

Sat, 26 Aug 2023 19:36:09 +0000 (21:36 +0200)
author Francois-Xavier Le Bail <[email protected]>
Sat, 26 Aug 2023 19:36:09 +0000 (21:36 +0200)
committer Francois-Xavier Le Bail <[email protected]>
Sat, 26 Aug 2023 19:36:09 +0000 (21:36 +0200)
diff --git a/print-ip6.c b/print-ip6.c

index ba086bc5dfe9b507f3d2979ff7f39f30f7fd9b0a..827151eb3d068dd6dcfb4bde41a31ea76bee7b55 100644 (file)
--- a/print-ip6.c
+++ b/print-ip6.c
@@ -434,9 +434,12 @@ ip6_print(netdissect_options *ndo, const u_char *bp, u_int length)
                                 len = payload_len + sizeof(struct ip6_hdr);
                                 if (len < total_advance)
                                         goto trunc;
-                               if (length < len)
-                                       ND_PRINT("truncated-ip6 - %u bytes missing!",
-                                               len - length);
+                               if (len > length) {
+                                       ND_PRINT("[payload+header length %u > length %u]",
+                                                len, length);
+                                       nd_print_invalid(ndo);
+                                       ND_PRINT(" ");
+                               }
                                 nd_change_snaplen(ndo, bp, len);
  
                                 /*
diff --git a/tests/TESTLIST b/tests/TESTLIST

index a6698fcaed4d8a285c7cf72eacb29c0137355a03..8cfd344273d01466427662ef1e1d15312c26f0b3 100644 (file)
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -361,6 +361,7 @@ ipv6-srh-tlv-pad1-padn-5 ipv6-srh-tlv-pad1-padn-5.pcap ipv6-srh-tlv-pad1-padn-5.
  ipv6-srh-tlv-pad1-padn-5-v ipv6-srh-tlv-pad1-padn-5.pcap ipv6-srh-tlv-pad1-padn-5-v.out -v
  ipv6_invalid_length ipv6_invalid_length.pcap ipv6_invalid_length.out
  ipv6_invalid_length_2 ipv6_invalid_length_2.pcap ipv6_invalid_length_2.out -v
+ipv6_jumbogram_invalid_length ipv6_jumbogram_invalid_length.pcap ipv6_jumbogram_invalid_length.out -v
  
  # Loopback/CTP test case
  loopback       loopback.pcap           loopback.out
diff --git a/tests/ipv6-too-long-jumbo.out b/tests/ipv6-too-long-jumbo.out

index c5ccb838d5138db9bb659a09364b8d13448c2476..d40d66018bea46cd3ca1f5548d5c03f78193c3a8 100644 (file)
--- a/tests/ipv6-too-long-jumbo.out
+++ b/tests/ipv6-too-long-jumbo.out
@@ -1 +1 @@
-    1  12:40:23.226395 IP6 (class 0xc0, hlim 0, next-header Options (0) payload length: 0) 1:6:1a28:312:d7cb:b318:34e5:d3ea > 2b7f:cd1f:ec3c:fb9c:e731:d16b:a8fe:ba8c: HBH (opt_type 0x1a: len=0)(padn)(opt_type 0x16: len=0)(opt_type 0x64: len=114)(jumbo: 3858694210) (opt_type 0x42: len=3)(opt_type 0xfe: len=6)(pad1)(jumbo: 248 - already seen) (opt_type 0x0e: len=8)(opt_type 0x07: len=4)(opt_type 0xf1: len=60) truncated-ip6 - 3858693774 bytes missing! ip-proto-12 3858693802
+    1  12:40:23.226395 IP6 (class 0xc0, hlim 0, next-header Options (0) payload length: 0) 1:6:1a28:312:d7cb:b318:34e5:d3ea > 2b7f:cd1f:ec3c:fb9c:e731:d16b:a8fe:ba8c: HBH (opt_type 0x1a: len=0)(padn)(opt_type 0x16: len=0)(opt_type 0x64: len=114)(jumbo: 3858694210) (opt_type 0x42: len=3)(opt_type 0xfe: len=6)(pad1)(jumbo: 248 - already seen) (opt_type 0x0e: len=8)(opt_type 0x07: len=4)(opt_type 0xf1: len=60) [payload+header length 3858694250 > length 476] (invalid)  ip-proto-12 3858693802
diff --git a/tests/ipv6_jumbogram_invalid_length.out b/tests/ipv6_jumbogram_invalid_length.out

new file mode 100644 (file)

index 0000000..6bb08a0
--- /dev/null
+++ b/tests/ipv6_jumbogram_invalid_length.out
@@ -0,0 +1 @@
+    1  09:09:55.627421 IP6 (hlim 227, next-header Options (0) payload length: 0) 2200::244:212:3fff:feae:22f7 > 2200::240:2:0:0:4: HBH (jumbo: 65537)  [payload+header length 65577 > length 65576] (invalid) ICMP6, echo request, id 4576, seq 51486
diff --git a/tests/ipv6_jumbogram_invalid_length.pcap b/tests/ipv6_jumbogram_invalid_length.pcap

new file mode 100644 (file)

index 0000000..97c4b2e

Binary files /dev/null and b/tests/ipv6_jumbogram_invalid_length.pcap differ
diff --git a/tests/quic_32_bit_pointer_overflow.out b/tests/quic_32_bit_pointer_overflow.out

index bb0aae429d5bb46a71c47377d7573c173f6b05f2..f456b6a29bbb16f3d9038b9638059e1166e2e894 100644 (file)
--- a/tests/quic_32_bit_pointer_overflow.out
+++ b/tests/quic_32_bit_pointer_overflow.out
@@ -1 +1 @@
-    1  14:32:46.453540455 IP6 ::8:46:ee:102:202:202 > 202:200:0:fe7e:b65f:677a:82b:601: HBH truncated-ip6 - 201252743 bytes missing!0 > 443: quic, initial, vb2a10200, dcid 00000100, length 1 [|quic]
+    1  14:32:46.453540455 IP6 ::8:46:ee:102:202:202 > 202:200:0:fe7e:b65f:677a:82b:601: HBH [payload+header length 201311194 > length 58451] (invalid) 0 > 443: quic, initial, vb2a10200, dcid 00000100, length 1 [|quic]
author	Francois-Xavier Le Bail <[email protected]>
	Sat, 26 Aug 2023 19:36:09 +0000 (21:36 +0200)
committer	Francois-Xavier Le Bail <[email protected]>
	Sat, 26 Aug 2023 19:36:09 +0000 (21:36 +0200)
print-ip6.c		patch \| blob \| history
tests/TESTLIST		patch \| blob \| history
tests/ipv6-too-long-jumbo.out		patch \| blob \| history
tests/ipv6_jumbogram_invalid_length.out	[new file with mode: 0644]	patch \| blob
tests/ipv6_jumbogram_invalid_length.pcap	[new file with mode: 0644]	patch \| blob
tests/quic_32_bit_pointer_overflow.out		patch \| blob \| history