- Fixed infinite loop when parsing malformed isakmp packets.
+ Fixed infinite loop when parsing invalid isakmp packets.
(reported by iDefense; already fixed in CVS)
- Fixed infinite loop when parsing malformed BGP packets.
- Fixed buffer overflow with certain malformed NFS packets.
+ Fixed infinite loop when parsing invalid BGP packets.
+ Fixed buffer overflow with certain invalid NFS packets.
Pretty-print unprintable network names in 802.11 printer.
Handle truncated nbp (appletalk) packets.
Updated DHCPv6 printer to match draft-ietf-dhc-dhcpv6-22.txt
if (ndo->ndo_vflag)
ND_PRINT((ndo,"seq %02x ", seq));
if (hdrlen == -1) {
- ND_PRINT((ndo,"malformed! "));
+ ND_PRINT((ndo,"invalid! "));
return caplen;
}
#include "addrtoname.h"
static const char tstr[] = " [|ahcp]";
-static const char cstr[] = "(corrupt)";
+static const char cstr[] = "(invalid)";
#define AHCP_MAGIC_NUMBER 43
#define AHCP_VERSION_1 1
char buf[BUFSIZE];
if (cp + 4 != ep)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*cp, 4);
t = EXTRACT_32BITS(cp);
if (NULL == (tm = gmtime(&t)))
ND_PRINT((ndo, ": %s UTC", buf));
return 0;
-corrupt:
+invalid:
ND_PRINT((ndo, ": %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return 0;
ahcp_seconds_print(netdissect_options *ndo, const u_char *cp, const u_char *ep)
{
if (cp + 4 != ep)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*cp, 4);
ND_PRINT((ndo, ": %us", EXTRACT_32BITS(cp)));
return 0;
-corrupt:
+invalid:
ND_PRINT((ndo, ": %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return 0;
while (cp < ep) {
if (cp + 16 > ep)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*cp, 16);
#ifdef INET6
ND_PRINT((ndo, "%s%s", sep, ip6addr_string(ndo, cp)));
}
return 0;
-corrupt:
+invalid:
ND_PRINT((ndo, ": %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return 0;
while (cp < ep) {
if (cp + 4 > ep)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*cp, 4);
ND_PRINT((ndo, "%s%s", sep, ipaddr_string(ndo, cp)));
cp += 4;
}
return 0;
-corrupt:
+invalid:
ND_PRINT((ndo, ": %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return 0;
while (cp < ep) {
if (cp + 17 > ep)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*cp, 17);
#ifdef INET6
ND_PRINT((ndo, "%s%s/%u", sep, ip6addr_string(ndo, cp), *(cp + 16)));
}
return 0;
-corrupt:
+invalid:
ND_PRINT((ndo, ": %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return 0;
while (cp < ep) {
if (cp + 5 > ep)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*cp, 5);
ND_PRINT((ndo, "%s%s/%u", sep, ipaddr_string(ndo, cp), *(cp + 4)));
cp += 5;
}
return 0;
-corrupt:
+invalid:
ND_PRINT((ndo, ": %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return 0;
continue;
/* Length */
if (cp + 1 > ep)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*cp, 1);
option_len = *cp;
cp += 1;
if (cp + option_len > ep)
- goto corrupt;
+ goto invalid;
/* Value */
if (option_no <= AHCP1_OPT_MAX && data_decoders[option_no] != NULL) {
if (data_decoders[option_no](ndo, cp, cp + option_len) < 0)
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, " %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
uint16_t body_len;
if (cp + AHCP1_BODY_MIN_LEN > ep)
- goto corrupt;
+ goto invalid;
/* Type */
ND_TCHECK2(*cp, 1);
type = *cp;
ND_PRINT((ndo, ", Length %u", body_len));
}
if (cp + body_len > ep)
- goto corrupt;
+ goto invalid;
/* Options */
if (ndo->ndo_vflag >= 2)
ND_TCHECK2(*cp, body_len);
return;
-corrupt:
+invalid:
ND_PRINT((ndo, " %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
ND_PRINT((ndo, "AHCP"));
if (len < 2)
- goto corrupt;
+ goto invalid;
/* Magic */
ND_TCHECK2(*cp, 1);
if (*cp != AHCP_MAGIC_NUMBER)
- goto corrupt;
+ goto invalid;
cp += 1;
/* Version */
ND_TCHECK2(*cp, 1);
case AHCP_VERSION_1: {
ND_PRINT((ndo, " Version 1"));
if (len < AHCP1_HEADER_FIX_LEN)
- goto corrupt;
+ goto invalid;
if (!ndo->ndo_vflag) {
ND_TCHECK2(*cp, AHCP1_HEADER_FIX_LEN - 2);
cp += AHCP1_HEADER_FIX_LEN - 2;
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, " %s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
#include "ether.h"
static const char tstr[] = " [|aoe]";
-static const char cstr[] = " (corrupt)";
+static const char cstr[] = " (invalid)";
#define AOE_V1 1
#define ATA_SECTOR_SIZE 512
const u_char *ep = cp + len;
if (len < AOEV1_ISSUE_ARG_LEN)
- goto corrupt;
+ goto invalid;
/* AFlags */
ND_TCHECK2(*cp, 1);
ND_PRINT((ndo, "\n\tAFlags: [%s]", bittok2str(aoev1_aflag_str, "none", *cp)));
ND_PRINT((ndo, "\n\tData: %u bytes", len - AOEV1_ISSUE_ARG_LEN));
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
uint16_t cslen;
if (len < AOEV1_QUERY_ARG_LEN)
- goto corrupt;
+ goto invalid;
/* Buffer Count */
ND_TCHECK2(*cp, 2);
ND_PRINT((ndo, "\n\tBuffer Count: %u", EXTRACT_16BITS(cp)));
cslen = EXTRACT_16BITS(cp);
cp += 2;
if (cslen > AOEV1_MAX_CONFSTR_LEN || AOEV1_QUERY_ARG_LEN + cslen > len)
- goto corrupt;
+ goto invalid;
/* Config String */
ND_TCHECK2(*cp, cslen);
if (cslen) {
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
uint8_t dircount, i;
if (len < AOEV1_MAC_ARG_LEN)
- goto corrupt;
+ goto invalid;
/* Reserved */
ND_TCHECK2(*cp, 1);
cp += 1;
cp += 1;
ND_PRINT((ndo, ", Dir Count: %u", dircount));
if (AOEV1_MAC_ARG_LEN + dircount * 8 > len)
- goto corrupt;
+ goto invalid;
/* directives */
for (i = 0; i < dircount; i++) {
/* Reserved */
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
uint8_t nmacs, i;
if (len < AOEV1_RESERVE_ARG_LEN || (len - AOEV1_RESERVE_ARG_LEN) % ETHER_ADDR_LEN)
- goto corrupt;
+ goto invalid;
/* RCmd */
ND_TCHECK2(*cp, 1);
ND_PRINT((ndo, "\n\tRCmd: %s", tok2str(aoev1_rcmd_str, "Unknown (0x%02x)", *cp)));
cp += 1;
ND_PRINT((ndo, ", NMacs: %u", nmacs));
if (AOEV1_RESERVE_ARG_LEN + nmacs * ETHER_ADDR_LEN != len)
- goto corrupt;
+ goto invalid;
/* addresses */
for (i = 0; i < nmacs; i++) {
ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
void (*cmd_decoder)(netdissect_options *, const u_char *, const u_int);
if (len < AOEV1_COMMON_HDR_LEN)
- goto corrupt;
+ goto invalid;
/* Flags */
flags = *cp & 0x0F;
ND_PRINT((ndo, ", Flags: [%s]", bittok2str(aoev1_flag_str, "none", flags)));
cmd_decoder(ndo, cp, len - AOEV1_COMMON_HDR_LEN);
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
ND_PRINT((ndo, "AoE length %u", len));
if (len < 1)
- goto corrupt;
+ goto invalid;
/* Ver/Flags */
ND_TCHECK2(*cp, 1);
ver = (*cp & 0xF0) >> 4;
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
ND_TCHECK2(*cp, 4);
if(cp[0] != 42) {
- ND_PRINT((ndo, " malformed header"));
+ ND_PRINT((ndo, " invalid header"));
return;
} else {
ND_PRINT((ndo, " %d", cp[1]));
continue;
}
if(cp == ep)
- goto corrupt;
+ goto invalid;
sublen = *cp++;
if(cp + sublen > ep)
- goto corrupt;
+ goto invalid;
switch(subtype) {
case MESSAGE_SUB_PADN:
ND_PRINT((ndo, " sub-timestamp"));
if(tlv_type == MESSAGE_HELLO) {
if(sublen < 4)
- goto corrupt;
+ goto invalid;
t1 = EXTRACT_32BITS(cp);
ND_PRINT((ndo, " %s", format_timestamp(t1)));
} else if(tlv_type == MESSAGE_IHU) {
if(sublen < 8)
- goto corrupt;
+ goto invalid;
t1 = EXTRACT_32BITS(cp);
ND_PRINT((ndo, " %s", format_timestamp(t1)));
t2 = EXTRACT_32BITS(cp + 4);
} /* while */
return;
- corrupt:
- ND_PRINT((ndo, " (corrupt)"));
+ invalid:
+ ND_PRINT((ndo, " (invalid)"));
}
#define ICHECK(i, l) \
- if ((i) + (l) > bodylen || (i) + (l) > length) goto corrupt;
+ if ((i) + (l) > bodylen || (i) + (l) > length) goto invalid;
static void
babel_print_v2(netdissect_options *ndo,
ND_TCHECK2(*cp, 4);
if (length < 4)
- goto corrupt;
+ goto invalid;
bodylen = EXTRACT_16BITS(cp + 2);
ND_PRINT((ndo, " (%u)", bodylen));
ND_PRINT((ndo, " ack-req"));
else {
ND_PRINT((ndo, "\n\tAcknowledgment Request "));
- if(len < 6) goto corrupt;
+ if(len < 6) goto invalid;
nonce = EXTRACT_16BITS(message + 4);
interval = EXTRACT_16BITS(message + 6);
ND_PRINT((ndo, "%04x %s", nonce, format_interval(interval)));
ND_PRINT((ndo, " ack"));
else {
ND_PRINT((ndo, "\n\tAcknowledgment "));
- if(len < 2) goto corrupt;
+ if(len < 2) goto invalid;
nonce = EXTRACT_16BITS(message + 2);
ND_PRINT((ndo, "%04x", nonce));
}
ND_PRINT((ndo, " hello"));
else {
ND_PRINT((ndo, "\n\tHello "));
- if(len < 6) goto corrupt;
+ if(len < 6) goto invalid;
seqno = EXTRACT_16BITS(message + 4);
interval = EXTRACT_16BITS(message + 6);
ND_PRINT((ndo, "seqno %u interval %s", seqno, format_interval(interval)));
u_char address[16];
int rc;
ND_PRINT((ndo, "\n\tIHU "));
- if(len < 6) goto corrupt;
+ if(len < 6) goto invalid;
txcost = EXTRACT_16BITS(message + 4);
interval = EXTRACT_16BITS(message + 6);
rc = network_address(message[2], message + 8, len - 6, address);
ND_PRINT((ndo, " router-id"));
else {
ND_PRINT((ndo, "\n\tRouter Id"));
- if(len < 10) goto corrupt;
+ if(len < 10) goto invalid;
ND_PRINT((ndo, " %s", format_id(message + 4)));
}
}
int rc;
u_char nh[16];
ND_PRINT((ndo, "\n\tNext Hop"));
- if(len < 2) goto corrupt;
+ if(len < 2) goto invalid;
rc = network_address(message[2], message + 4, len - 2, nh);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
ND_PRINT((ndo, " %s", format_address(ndo, nh)));
}
}
int rc;
u_char prefix[16];
ND_PRINT((ndo, "\n\tUpdate"));
- if(len < 10) goto corrupt;
+ if(len < 10) goto invalid;
plen = message[4] + (message[2] == 1 ? 96 : 0);
rc = network_prefix(message[2], message[4], message[5],
message + 12,
message[2] == 1 ? v4_prefix : v6_prefix,
len - 10, prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
interval = EXTRACT_16BITS(message + 6);
seqno = EXTRACT_16BITS(message + 8);
metric = EXTRACT_16BITS(message + 10);
int rc;
u_char prefix[16], plen;
ND_PRINT((ndo, "\n\tRequest "));
- if(len < 2) goto corrupt;
+ if(len < 2) goto invalid;
plen = message[3] + (message[2] == 1 ? 96 : 0);
rc = network_prefix(message[2], message[3], 0,
message + 4, NULL, len - 2, prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
ND_PRINT((ndo, "for %s",
message[2] == 0 ? "any" : format_prefix(ndo, prefix, plen)));
}
u_short seqno;
u_char prefix[16], plen;
ND_PRINT((ndo, "\n\tMH-Request "));
- if(len < 14) goto corrupt;
+ if(len < 14) goto invalid;
seqno = EXTRACT_16BITS(message + 4);
rc = network_prefix(message[2], message[3], 0,
message + 16, NULL, len - 14, prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
plen = message[3] + (message[2] == 1 ? 96 : 0);
ND_PRINT((ndo, "(%u hops) for %s seqno %u id %s",
message[6], format_prefix(ndo, prefix, plen),
ND_PRINT((ndo, " tspc"));
else {
ND_PRINT((ndo, "\n\tTS/PC "));
- if(len < 6) goto corrupt;
+ if(len < 6) goto invalid;
ND_PRINT((ndo, "timestamp %u packetcounter %u", EXTRACT_32BITS (message + 4),
EXTRACT_16BITS(message + 2)));
}
else {
unsigned j;
ND_PRINT((ndo, "\n\tHMAC "));
- if(len < 18) goto corrupt;
+ if(len < 18) goto invalid;
ND_PRINT((ndo, "key-id %u digest-%u ", EXTRACT_16BITS(message + 2), len - 2));
for (j = 0; j < len - 2; j++)
ND_PRINT((ndo, "%02X", message[4 + j]));
int rc;
int parsed_len = 10;
ND_PRINT((ndo, "\n\tSS-Update"));
- if(len < 10) goto corrupt;
+ if(len < 10) goto invalid;
ae = message[2];
src_plen = message[3];
plen = message[4];
rc = network_prefix(ae, plen, omitted, message + 2 + parsed_len,
ae == 1 ? v4_prefix : v6_prefix,
len - parsed_len, prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
if(ae == 1)
plen += 96;
parsed_len += rc;
rc = network_prefix(ae, src_plen, 0, message + 2 + parsed_len,
NULL, len - parsed_len, src_prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
if(ae == 1)
src_plen += 96;
parsed_len += rc;
int rc, parsed_len = 3;
u_char ae, plen, src_plen, prefix[16], src_prefix[16];
ND_PRINT((ndo, "\n\tSS-Request "));
- if(len < 3) goto corrupt;
+ if(len < 3) goto invalid;
ae = message[2];
plen = message[3];
src_plen = message[4];
rc = network_prefix(ae, plen, 0, message + 2 + parsed_len,
NULL, len - parsed_len, prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
if(ae == 1)
plen += 96;
parsed_len += rc;
rc = network_prefix(ae, src_plen, 0, message + 2 + parsed_len,
NULL, len - parsed_len, src_prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
if(ae == 1)
src_plen += 96;
parsed_len += rc;
u_char ae, plen, src_plen, prefix[16], src_prefix[16], hopc;
const u_char *router_id = NULL;
ND_PRINT((ndo, "\n\tSS-MH-Request "));
- if(len < 14) goto corrupt;
+ if(len < 14) goto invalid;
ae = message[2];
plen = message[3];
seqno = EXTRACT_16BITS(message + 4);
router_id = message + 8;
rc = network_prefix(ae, plen, 0, message + 2 + parsed_len,
NULL, len - parsed_len, prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
if(ae == 1)
plen += 96;
parsed_len += rc;
rc = network_prefix(ae, src_plen, 0, message + 2 + parsed_len,
NULL, len - parsed_len, src_prefix);
- if(rc < 0) goto corrupt;
+ if(rc < 0) goto invalid;
if(ae == 1)
src_plen += 96;
ND_PRINT((ndo, "(%u hops) for (%s, ",
ND_PRINT((ndo, " %s", tstr));
return;
- corrupt:
- ND_PRINT((ndo, " (corrupt)"));
+ invalid:
+ ND_PRINT((ndo, " (invalid)"));
return;
}
}
while (tcap_len > 0) {
if (tcap_len < 4) {
- ND_PRINT((ndo, "\n\t\t(malformed)"));
+ ND_PRINT((ndo, "\n\t\t(invalid)"));
break;
}
ND_PRINT((ndo, "\n\t\tAFI %s (%u), SAFI %s (%u), Send/Receive: %s",
break;
}
if (len < suboptlen) {
- ND_PRINT((ndo, "ERROR: malformed option"));
+ ND_PRINT((ndo, "ERROR: invalid option"));
bp += len;
len = 0;
break;
/* Process Common Header */
if (length < 36)
- goto malformed;
+ goto invalid;
ND_TCHECK2(*bp, 7);
version = bp[0] >> 4;
/* Skip Extended headers */
if (hdr_size >= 0) {
if (length < (u_int)hdr_size)
- goto malformed;
+ goto invalid;
ND_TCHECK2(*bp, hdr_size);
length -= hdr_size;
bp += hdr_size;
case 1:
case 2: /* BTP A/B */
if (length < 4)
- goto malformed;
+ goto invalid;
ND_TCHECK2(*bp, 4);
print_btp(ndo, bp);
length -= 4;
ND_DEFAULTPRINT(bp, length);
return;
-malformed:
+invalid:
ND_PRINT((ndo, " Malformed (small) "));
/* XXX - print the remaining data as hex? */
return;
tlv_type,
tlv_len));
- if (tlv_len == 0) /* something is malformed */
+ if (tlv_len == 0) /* something is invalid */
continue;
/* now check if we have a decoder otherwise do a hexdump at the end*/
ND_PRINT((ndo, "%02x", *(tptr + i)));
}
if (tlv_len != ISIS_SUBTLV_AUTH_MD5_LEN+1)
- ND_PRINT((ndo, ", (malformed subTLV) "));
+ ND_PRINT((ndo, ", (invalid subTLV) "));
#ifdef HAVE_LIBCRYPTO
sigcheck = signature_verify(ndo, optr, length,
tptr+=mt_len;
tmp-=mt_len;
} else {
- ND_PRINT((ndo, "\n\t malformed MT-ID"));
+ ND_PRINT((ndo, "\n\t invalid MT-ID"));
break;
}
}
#include "addrtoname.h"
static const char tstr[] = " [|loopback]";
-static const char cstr[] = " (corrupt)";
+static const char cstr[] = " (invalid)";
#define LOOPBACK_REPLY 1
#define LOOPBACK_FWDDATA 2
uint16_t function;
if (len < 2)
- goto corrupt;
+ goto invalid;
/* function */
ND_TCHECK2(*cp, 2);
function = EXTRACT_LE_16BITS(cp);
switch (function) {
case LOOPBACK_REPLY:
if (len < 4)
- goto corrupt;
+ goto invalid;
/* receipt number */
ND_TCHECK2(*cp, 2);
ND_PRINT((ndo, ", receipt number %u", EXTRACT_LE_16BITS(cp)));
break;
case LOOPBACK_FWDDATA:
if (len < 8)
- goto corrupt;
+ goto invalid;
/* forwarding address */
ND_TCHECK2(*cp, ETHER_ADDR_LEN);
ND_PRINT((ndo, ", forwarding address %s", etheraddr_string(ndo, cp)));
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
ND_PRINT((ndo, "Loopback"));
if (len < 2)
- goto corrupt;
+ goto invalid;
/* skipCount */
ND_TCHECK2(*cp, 2);
skipCount = EXTRACT_LE_16BITS(cp);
if (skipCount % 8)
ND_PRINT((ndo, " (bogus)"));
if (skipCount > len - 2)
- goto corrupt;
+ goto invalid;
loopback_message_print(ndo, cp + skipCount, len - 2 - skipCount);
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return;
#include "extract.h"
static const char tstr[] = " [|m3ua]";
-static const char cstr[] = " (corrupt)";
+static const char cstr[] = " (invalid)";
/* RFC 4666 */
case M3UA_PARAM_CORR_ID:
/* buf and size don't include the header */
if (size < 4)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*buf, size);
ND_PRINT((ndo, "0x%08x", EXTRACT_32BITS(buf)));
break;
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*buf, size);
return;
while (p < buf + size) {
if (p + sizeof(struct m3ua_param_header) > buf + size)
- goto corrupt;
+ goto invalid;
ND_TCHECK2(*p, sizeof(struct m3ua_param_header));
/* Parameter Tag */
hdr_tag = EXTRACT_16BITS(p);
/* Parameter Length */
hdr_len = EXTRACT_16BITS(p + 2);
if (hdr_len < sizeof(struct m3ua_param_header))
- goto corrupt;
+ goto invalid;
/* Parameter Value */
align = (p + hdr_len - buf) % 4;
align = align ? 4 - align : 0;
}
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*buf, size);
return;
/* size includes the header */
if (size < sizeof(struct m3ua_common_header))
- goto corrupt;
+ goto invalid;
ND_TCHECK(*hdr);
if (hdr->v != M3UA_REL_1_0)
return;
m3ua_tags_print(ndo, buf + sizeof(struct m3ua_common_header), EXTRACT_32BITS(&hdr->len) - sizeof(struct m3ua_common_header));
return;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*buf, size);
return;
* * ep -- the pointer to the end of the captured frame
* They return either the pointer to the next not-yet-decoded part of the frame
* or the value of ep, which means the current frame processing is over as it
- * has been fully decoded or is malformed or truncated. This way it is possible
+ * has been fully decoded or is invalid or truncated. This way it is possible
* to chain and nest such functions uniformly to decode an OF1.0 message, which
* consists of several layers of nested structures.
*
#include "openflow.h"
static const char tstr[] = " [|openflow]";
-static const char cstr[] = " (corrupt)";
+static const char cstr[] = " (invalid)";
#define OFPT_HELLO 0x00
#define OFPT_ERROR 0x01
uint32_t subtype;
if (len < 4)
- goto corrupt;
+ goto invalid;
/* subtype */
ND_TCHECK2(*cp, 4);
subtype = EXTRACT_32BITS(cp);
*
*/
if (len != 12)
- goto corrupt;
+ goto invalid;
/* index */
ND_TCHECK2(*cp, 1);
ND_PRINT((ndo, ", index %u", *cp));
*
*/
if (len != 12)
- goto corrupt;
+ goto invalid;
/* index */
ND_TCHECK2(*cp, 1);
ND_PRINT((ndo, ", index %u", *cp));
*
*/
if (len != 8)
- goto corrupt;
+ goto invalid;
/* report_mirror_ports */
ND_TCHECK2(*cp, 1);
ND_PRINT((ndo, ", report_mirror_ports %s", tok2str(bsn_onoff_str, "bogus (%u)", *cp)));
*
*/
if (len != 4)
- goto corrupt;
+ goto invalid;
break;
case BSN_VIRTUAL_PORT_REMOVE_REQUEST:
/*
*
*/
if (len != 8)
- goto corrupt;
+ goto invalid;
/* vport_no */
ND_TCHECK2(*cp, 4);
ND_PRINT((ndo, ", vport_no %u", EXTRACT_32BITS(cp)));
*
*/
if (len < 8)
- goto corrupt;
+ goto invalid;
/* service */
ND_TCHECK2(*cp, 4);
ND_PRINT((ndo, ", service %u", EXTRACT_32BITS(cp)));
*
*/
if (len != 8)
- goto corrupt;
+ goto invalid;
/* status */
ND_TCHECK2(*cp, 4);
ND_PRINT((ndo, ", status 0x%08x", EXTRACT_32BITS(cp)));
}
return cp;
-corrupt: /* skip the undersized data */
+invalid: /* skip the undersized data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len);
return cp0 + len;
uint32_t subtype, vlan_tag;
if (len < 4)
- goto corrupt;
+ goto invalid;
/* subtype */
ND_TCHECK2(*cp, 4);
subtype = EXTRACT_32BITS(cp);
*
*/
if (len != 16)
- goto corrupt;
+ goto invalid;
/* dest_port */
ND_TCHECK2(*cp, 4);
ND_PRINT((ndo, ", dest_port %u", EXTRACT_32BITS(cp)));
return cp;
-corrupt:
+invalid:
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len);
return cp0 + len;
const u_char *(*decoder)(netdissect_options *, const u_char *, const u_char *, const u_int);
if (len < 4)
- goto corrupt;
+ goto invalid;
/* vendor */
ND_TCHECK2(*cp, 4);
vendor = EXTRACT_32BITS(cp);
of10_data_print;
return decoder(ndo, cp, ep, len - 4);
-corrupt: /* skip the undersized data */
+invalid: /* skip the undersized data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, len);
return cp + len;
const u_char *(*decoder)(netdissect_options *, const u_char *, const u_char *, u_int);
if (len < 4)
- goto corrupt;
+ goto invalid;
/* vendor */
ND_TCHECK2(*cp, 4);
vendor = EXTRACT_32BITS(cp);
of10_data_print;
return decoder(ndo, cp, ep, len - 4);
-corrupt: /* skip the undersized data */
+invalid: /* skip the undersized data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, len);
return cp + len;
uint32_t vendor;
if (len < 4)
- goto corrupt;
+ goto invalid;
/* vendor */
ND_TCHECK2(*cp, 4);
vendor = EXTRACT_32BITS(cp);
/* data */
return of10_data_print(ndo, cp, ep, len - 4);
-corrupt: /* skip the undersized data */
+invalid: /* skip the undersized data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, len);
return cp + len;
while (len) {
if (len < OF_PHY_PORT_LEN)
- goto corrupt;
+ goto invalid;
/* port_no */
ND_TCHECK2(*cp, 2);
ND_PRINT((ndo, "\n\t port_no %s", tok2str(ofpp_str, "%u", EXTRACT_16BITS(cp))));
} /* while */
return cp;
-corrupt: /* skip the undersized trailing data */
+invalid: /* skip the undersized trailing data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
u_char plen_bogus = 0, skip = 0;
if (len < OF_QUEUE_PROP_HEADER_LEN)
- goto corrupt;
+ goto invalid;
/* property */
ND_TCHECK2(*cp, 2);
property = EXTRACT_16BITS(cp);
cp += 2;
ND_PRINT((ndo, ", len %u", plen));
if (plen < OF_QUEUE_PROP_HEADER_LEN || plen > len)
- goto corrupt;
+ goto invalid;
/* pad */
ND_TCHECK2(*cp, 4);
cp += 4;
} /* while */
return cp;
-corrupt: /* skip the rest of queue properties */
+invalid: /* skip the rest of queue properties */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
while (len) {
if (len < OF_PACKET_QUEUE_LEN)
- goto corrupt;
+ goto invalid;
/* queue_id */
ND_TCHECK2(*cp, 4);
ND_PRINT((ndo, "\n\t queue_id %u", EXTRACT_32BITS(cp)));
cp += 2;
ND_PRINT((ndo, ", len %u", desclen));
if (desclen < OF_PACKET_QUEUE_LEN || desclen > len)
- goto corrupt;
+ goto invalid;
/* pad */
ND_TCHECK2(*cp, 2);
cp += 2;
} /* while */
return cp;
-corrupt: /* skip the rest of queues */
+invalid: /* skip the rest of queues */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
u_char alen_bogus = 0, skip = 0;
if (len < OF_ACTION_HEADER_LEN)
- goto corrupt;
+ goto invalid;
/* type */
ND_TCHECK2(*cp, 2);
type = EXTRACT_16BITS(cp);
ND_PRINT((ndo, ", len %u", alen));
/* On action size underrun/overrun skip the rest of the action list. */
if (alen < OF_ACTION_HEADER_LEN || alen > len)
- goto corrupt;
+ goto invalid;
/* On action size inappropriate for the given type or invalid type just skip
* the current action, as the basic length constraint has been met. */
switch (type) {
} /* while */
return cp;
-corrupt: /* skip the rest of actions */
+invalid: /* skip the rest of actions */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
case OFPST_DESC:
case OFPST_TABLE:
if (len)
- goto corrupt;
+ goto invalid;
return cp;
case OFPST_FLOW:
case OFPST_AGGREGATE:
if (len != OF_FLOW_STATS_REQUEST_LEN)
- goto corrupt;
+ goto invalid;
/* match */
if (ep == (cp = of10_match_print(ndo, "\n\t ", cp, ep)))
return ep; /* end of snapshot */
return cp + 2;
case OFPST_PORT:
if (len != OF_PORT_STATS_REQUEST_LEN)
- goto corrupt;
+ goto invalid;
/* port_no */
ND_TCHECK2(*cp, 2);
ND_PRINT((ndo, "\n\t port_no %s", tok2str(ofpp_str, "%u", EXTRACT_16BITS(cp))));
return cp + 6;
case OFPST_QUEUE:
if (len != OF_QUEUE_STATS_REQUEST_LEN)
- goto corrupt;
+ goto invalid;
/* port_no */
ND_TCHECK2(*cp, 2);
ND_PRINT((ndo, "\n\t port_no %s", tok2str(ofpp_str, "%u", EXTRACT_16BITS(cp))));
}
return cp;
-corrupt: /* skip the message body */
+invalid: /* skip the message body */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
const u_char *cp, const u_char *ep, const u_int len)
{
if (len != OF_DESC_STATS_LEN)
- goto corrupt;
+ goto invalid;
/* mfr_desc */
ND_TCHECK2(*cp, DESC_STR_LEN);
ND_PRINT((ndo, "\n\t mfr_desc '"));
ND_PRINT((ndo, "'"));
return cp + DESC_STR_LEN;
-corrupt: /* skip the message body */
+invalid: /* skip the message body */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, len);
return cp + len;
while (len) {
if (len < OF_FLOW_STATS_LEN)
- goto corrupt;
+ goto invalid;
/* length */
ND_TCHECK2(*cp, 2);
entry_len = EXTRACT_16BITS(cp);
ND_PRINT((ndo, "\n\t length %u", entry_len));
if (entry_len < OF_FLOW_STATS_LEN || entry_len > len)
- goto corrupt;
+ goto invalid;
cp += 2;
/* table_id */
ND_TCHECK2(*cp, 1);
} /* while */
return cp;
-corrupt: /* skip the rest of flow statistics entries */
+invalid: /* skip the rest of flow statistics entries */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
const u_int len)
{
if (len != OF_AGGREGATE_STATS_REPLY_LEN)
- goto corrupt;
+ goto invalid;
/* packet_count */
ND_TCHECK2(*cp, 8);
ND_PRINT((ndo, "\n\t packet_count %" PRIu64, EXTRACT_64BITS(cp)));
ND_TCHECK2(*cp, 4);
return cp + 4;
-corrupt: /* skip the message body */
+invalid: /* skip the message body */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, len);
return cp + len;
while (len) {
if (len < OF_TABLE_STATS_LEN)
- goto corrupt;
+ goto invalid;
/* table_id */
ND_TCHECK2(*cp, 1);
ND_PRINT((ndo, "\n\t table_id %s", tok2str(tableid_str, "%u", *cp)));
} /* while */
return cp;
-corrupt: /* skip the undersized trailing data */
+invalid: /* skip the undersized trailing data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
while (len) {
if (len < OF_PORT_STATS_LEN)
- goto corrupt;
+ goto invalid;
/* port_no */
ND_TCHECK2(*cp, 2);
ND_PRINT((ndo, "\n\t port_no %s", tok2str(ofpp_str, "%u", EXTRACT_16BITS(cp))));
} /* while */
return cp;
-corrupt: /* skip the undersized trailing data */
+invalid: /* skip the undersized trailing data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
while (len) {
if (len < OF_QUEUE_STATS_LEN)
- goto corrupt;
+ goto invalid;
/* port_no */
ND_TCHECK2(*cp, 2);
ND_PRINT((ndo, "\n\t port_no %s", tok2str(ofpp_str, "%u", EXTRACT_16BITS(cp))));
} /* while */
return cp;
-corrupt: /* skip the undersized trailing data */
+invalid: /* skip the undersized trailing data */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
actions_len = EXTRACT_16BITS(cp);
cp += 2;
if (actions_len > len - OF_PACKET_OUT_LEN)
- goto corrupt;
+ goto invalid;
/* actions */
if (ep == (cp = of10_actions_print(ndo, "\n\t ", cp, ep, actions_len)))
return ep; /* end of snapshot */
/* data */
return of10_packet_data_print(ndo, cp, ep, len - OF_PACKET_OUT_LEN - actions_len);
-corrupt: /* skip the rest of the message body */
+invalid: /* skip the rest of the message body */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp0, len0);
return cp0 + len0;
* possible, check that message length meets the constraint, in remaining
* cases check that the length is OK to begin decoding and leave any final
* verification up to a lower-layer function. When the current message is
- * corrupt, proceed to the next message. */
+ * invalid, proceed to the next message. */
/* [OF10] Section 5.1 */
ND_PRINT((ndo, "\n\tversion 1.0, type %s, length %u, xid 0x%08x",
case OFPT_BARRIER_REQUEST: /* [OF10] Section 5.3.7 */
case OFPT_BARRIER_REPLY: /* ibid */
if (len != OF_HEADER_LEN)
- goto corrupt;
+ goto invalid;
break;
/* OpenFlow header and fixed-size message body. */
case OFPT_SET_CONFIG: /* [OF10] Section 5.3.2 */
case OFPT_GET_CONFIG_REPLY: /* ibid */
if (len != OF_SWITCH_CONFIG_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
/* flags */
return cp + 2;
case OFPT_PORT_MOD:
if (len != OF_PORT_MOD_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_port_mod_print(ndo, cp, ep);
case OFPT_QUEUE_GET_CONFIG_REQUEST: /* [OF10] Section 5.3.4 */
if (len != OF_QUEUE_GET_CONFIG_REQUEST_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
/* port */
return cp + 2;
case OFPT_FLOW_REMOVED:
if (len != OF_FLOW_REMOVED_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_flow_removed_print(ndo, cp, ep);
case OFPT_PORT_STATUS: /* [OF10] Section 5.4.3 */
if (len != OF_PORT_STATUS_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
/* reason */
/* OpenFlow header, fixed-size message body and n * fixed-size data units. */
case OFPT_FEATURES_REPLY:
if (len < OF_SWITCH_FEATURES_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_features_reply_print(ndo, cp, ep, len);
/* OpenFlow header, fixed-size message body and variable-size data. */
case OFPT_ERROR:
if (len < OF_ERROR_MSG_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_error_print(ndo, cp, ep, len);
case OFPT_VENDOR:
/* [OF10] Section 5.5.4 */
if (len < OF_VENDOR_HEADER_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_vendor_message_print(ndo, cp, ep, len - OF_HEADER_LEN);
case OFPT_PACKET_IN:
/* 2 mock octets count in OF_PACKET_IN_LEN but not in len */
if (len < OF_PACKET_IN_LEN - 2)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_packet_in_print(ndo, cp, ep, len);
/* c. OpenFlow header, fixed-size message body and variable-size data. */
case OFPT_STATS_REQUEST:
if (len < OF_STATS_REQUEST_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_stats_request_print(ndo, cp, ep, len);
/* d. OpenFlow header, fixed-size message body and variable-size data. */
case OFPT_STATS_REPLY:
if (len < OF_STATS_REPLY_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_stats_reply_print(ndo, cp, ep, len);
/* OpenFlow header and n * variable-size data units and variable-size data. */
case OFPT_PACKET_OUT:
if (len < OF_PACKET_OUT_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_packet_out_print(ndo, cp, ep, len);
/* OpenFlow header, fixed-size message body and n * variable-size data units. */
case OFPT_FLOW_MOD:
if (len < OF_FLOW_MOD_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
return of10_flow_mod_print(ndo, cp, ep, len);
/* OpenFlow header, fixed-size message body and n * variable-size data units. */
case OFPT_QUEUE_GET_CONFIG_REPLY: /* [OF10] Section 5.3.4 */
if (len < OF_QUEUE_GET_CONFIG_REPLY_LEN)
- goto corrupt;
+ goto invalid;
if (ndo->ndo_vflag < 1)
goto next_message;
/* port */
} /* switch (type) */
goto next_message;
-corrupt: /* skip the message body */
+invalid: /* skip the message body */
ND_PRINT((ndo, "%s", cstr));
next_message:
ND_TCHECK2(*cp0, len0 - OF_HEADER_LEN);
#include "oui.h"
static const char tstr[] = " [|openflow]";
-static const char cstr[] = " (corrupt)";
+static const char cstr[] = " (invalid)";
#define OF_VER_1_0 0x01
uint32_t xid;
if (ep < cp + OF_HEADER_LEN)
- goto corrupt;
+ goto invalid;
/* version */
ND_TCHECK2(*cp, 1);
version = *cp;
* segment. */
if (length < OF_HEADER_LEN) {
of_header_print(ndo, version, type, length, xid);
- goto corrupt;
+ goto invalid;
}
/* Decode known protocol versions further without printing the header (the
* type decoding is version-specific. */
return cp + length - OF_HEADER_LEN; /* done with current message */
}
-corrupt: /* fail current packet */
+invalid: /* fail current packet */
ND_PRINT((ndo, "%s", cstr));
ND_TCHECK2(*cp, ep - cp);
return ep;
case TCPOPT_SACK:
datalen = len - 2;
if (datalen % 8 != 0) {
- ND_PRINT((ndo, "malformed sack"));
+ ND_PRINT((ndo, "invalid sack"));
} else {
uint32_t s, e;
} else {
/* Fast Open Cookie */
if (datalen % 2 != 0 || datalen < 4 || datalen > 16) {
- ND_PRINT((ndo, " malformed"));
+ ND_PRINT((ndo, " invalid"));
} else {
ND_PRINT((ndo, " cookie "));
for (i = 0; i < datalen; ++i)
usec = EXTRACT_32BITS(&tsp->tsp_time.tv_usec);
/* XXX The comparison below is always false? */
if (usec < 0)
- /* corrupt, skip the rest of the packet */
+ /* invalid, skip the rest of the packet */
return;
ND_PRINT((ndo, " time "));
if (sec < 0 && usec != 0) {
match nw_proto 1 [|openflow]
IP (tos 0x0, ttl 64, id 784, offset 0, flags [DF], proto TCP (6), length 740)
10.0.0.20.6633 > 10.0.0.50.35256: Flags [P.], cksum 0x171c (incorrect -> 0xdfee), seq 1549:2237, ack 2585, win 154, options [nop,nop,TS val 220958532 ecr 194889014], length 688: OpenFlow
- version unknown (0x00), type 0x00, length 0, xid 0x0003000d (corrupt)
+ version unknown (0x00), type 0x00, length 0, xid 0x0003000d (invalid)
IP (tos 0x0, ttl 64, id 55503, offset 0, flags [DF], proto TCP (6), length 52)
10.0.0.50.35256 > 10.0.0.20.6633: Flags [.], cksum 0x9386 (correct), seq 2585, ack 1549, win 273, options [nop,nop,TS val 194889016 ecr 220958532], length 0
IP (tos 0x0, ttl 64, id 55504, offset 0, flags [DF], proto TCP (6), length 52)
10.0.0.20.6633 > 10.0.0.50.35256: Flags [.], cksum 0x146c (incorrect -> 0x733a), seq 2237, ack 9953, win 248, options [nop,nop,TS val 220958722 ecr 194889063], length 0
IP (tos 0x0, ttl 64, id 55532, offset 0, flags [DF], proto TCP (6), length 2680)
10.0.0.50.35256 > 10.0.0.20.6633: Flags [P.], cksum 0x1eb0 (incorrect -> 0x561b), seq 9953:12581, ack 2237, win 364, options [nop,nop,TS val 194889063 ecr 220958721], length 2628: OpenFlow
- version unknown (0x00), type 0x00, length 0, xid 0x00000000 (corrupt)
+ version unknown (0x00), type 0x00, length 0, xid 0x00000000 (invalid)
IP (tos 0x0, ttl 64, id 796, offset 0, flags [DF], proto TCP (6), length 52)
10.0.0.20.6633 > 10.0.0.50.35256: Flags [.], cksum 0x146c (incorrect -> 0x68cd), seq 2237, ack 12581, win 289, options [nop,nop,TS val 220958722 ecr 194889063], length 0
IP (tos 0x0, ttl 64, id 55534, offset 0, flags [DF], proto TCP (6), length 64)
match dl_dst 00:11:22:33:00:15 [|openflow]
IP (tos 0x0, ttl 64, id 53104, offset 0, flags [DF], proto TCP (6), length 180)
10.0.0.20.6633 > 10.0.0.81.56068: Flags [P.], cksum 0x150b (incorrect -> 0x8ec7), seq 4241:4369, ack 677, win 139, options [nop,nop,TS val 47836527 ecr 1], length 128: OpenFlow
- version unknown (0x00), type 0x00, length 0, xid 0x00000000 (corrupt)
+ version unknown (0x00), type 0x00, length 0, xid 0x00000000 (invalid)
IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.0.0.81.56068 > 10.0.0.20.6633: Flags [.], cksum 0xfaa7 (correct), seq 677, ack 2873, win 952, options [nop,nop,TS val 1 ecr 47836527], length 0
IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
duration_sec 0, duration_nsec 0, priority 65535, idle_timeout 0, hard_timeout 0, cookie 0x0000000000000025, packet_count 0 [|openflow]
IP (tos 0x0, ttl 64, id 53582, offset 0, flags [DF], proto TCP (6), length 1040)
10.0.0.81.56068 > 10.0.0.20.6633: Flags [P.], cksum 0x395e (correct), seq 8113:9101, ack 4545, win 1035, options [nop,nop,TS val 2 ecr 47837000], length 988: OpenFlow
- version unknown (0x00), type 0x00, length 0, xid 0x00000000 (corrupt)
+ version unknown (0x00), type 0x00, length 0, xid 0x00000000 (invalid)
IP (tos 0x0, ttl 64, id 53111, offset 0, flags [DF], proto TCP (6), length 52)
10.0.0.20.6633 > 10.0.0.81.56068: Flags [.], cksum 0x148b (incorrect -> 0xd387), seq 4641, ack 9101, win 302, options [nop,nop,TS val 47837000 ecr 2], length 0
IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
projects / tcpdump / commitdiff
