]> The Tcpdump Group git mirrors - tcpdump/commitdiff
projects / tcpdump / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ac2471d)
pflog: Modernize packet parsing
authorFrancois-Xavier Le Bail <[email protected]>
Fri, 16 Feb 2024 15:49:02 +0000 (16:49 +0100)
committerfxlb <[email protected]>
Sat, 17 Feb 2024 06:17:17 +0000 (06:17 +0000)
Enable ND_LONGJMP_FROM_TCHECK and remove a 'trunc' label.
Add MAX_PFLOG_HDRLEN and use it for a test.
Use ND_ICHECK_U() in length tests and add an 'invalid' label.

Don't check the truncation with ND_TCHECK_SIZE(hdr), because the
sizeof(hdr) depend on the OS. Use ND_TCHECK_LEN(hdr, hdrlen).
Increment ndo_ll_hdr_len only in non-truncation case.

print-pflog.c patch | blob | history

diff --git a/print-pflog.c b/print-pflog.c
index edfeaaedc5bcde32645f2e8628325d91a38ae33e..142777005bae171c2238f6de5247b49aae78e0de 100644 (file)
--- a/print-pflog.c
+++ b/print-pflog.c
@@ -27,6 +27,7 @@
 
 #include "netdissect-stdinc.h"
 
+#define ND_LONGJMP_FROM_TCHECK
 #include "netdissect.h"
 #include "extract.h"
 #include "af.h"
@@ -80,6 +81,7 @@ struct pfloghdr {
        nd_uint16_t     dport;
 #endif
 };
+#define MAX_PFLOG_HDRLEN 100   /* 61 + 3 + 16 + 16 + 2 + 2 */
 
 /*
  * Reason values.
@@ -252,29 +254,17 @@ pflog_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h,
 
        ndo->ndo_protocol = "pflog";
        /* check length */
-       if (caplen < sizeof(uint8_t)) {
-               nd_print_trunc(ndo);
-               ndo->ndo_ll_hdr_len += h->caplen;
-               return;
-       }
+       ND_ICHECK_U(length, <, MIN_PFLOG_HDRLEN);
 
        hdr = (const struct pfloghdr *)p;
        hdrlen = GET_U_1(hdr->length);
-       if (hdrlen < MIN_PFLOG_HDRLEN) {
-               ND_PRINT("[pflog: invalid header length!]");
-               ndo->ndo_ll_hdr_len += hdrlen;  /* XXX: not really */
-               return;
-       }
+       ND_ICHECK_U(hdrlen, <, MIN_PFLOG_HDRLEN);
        hdrlen = roundup2(hdrlen, 4);
-
-       if (caplen < hdrlen) {
-               nd_print_trunc(ndo);
-               ndo->ndo_ll_hdr_len += hdrlen;  /* XXX: true? */
-               return;
-       }
+       ND_ICHECK_U(hdrlen, >, MAX_PFLOG_HDRLEN);
 
        /* print what we know */
-       ND_TCHECK_SIZE(hdr);
+       ND_TCHECK_LEN(hdr, hdrlen);
+       ndo->ndo_ll_hdr_len += hdrlen;
        if (ndo->ndo_eflag)
                pflog_print(ndo, hdr);
 
@@ -314,9 +304,8 @@ pflog_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h,
                        ND_DEFAULTPRINT(p, caplen);
        }
 
-       ndo->ndo_ll_hdr_len += hdrlen;
        return;
-trunc:
-       nd_print_trunc(ndo);
-       ndo->ndo_ll_hdr_len += hdrlen;
+
+invalid:
+       nd_print_invalid(ndo);
 }
[mirror] the TCPdump network dissector