]> The Tcpdump Group git mirrors - tcpdump/commitdiff
PKTAP: Modernize packet parsing style.
authorDenis Ovsienko <[email protected]>
Mon, 12 Oct 2020 21:55:41 +0000 (22:55 +0100)
committerDenis Ovsienko <[email protected]>
Tue, 13 Oct 2020 11:17:42 +0000 (12:17 +0100)
Enable ND_LONGJMP_FROM_TCHECK. Remove one redundant custom bounds check
and replace another with an ND_TCHECK_LEN(). Add two length checks and
convert one. Report invalid packets appropriately. Update a test.

print-pktap.c
tests/pktap-heap-overflow.out

index 7ae10f0fd0e4714a3bf1d2caae9a3dfcb68ba44e..b9cfdab0b871bf0fb743120285084731ae7c5665 100644 (file)
@@ -27,6 +27,7 @@
 
 #include "netdissect-stdinc.h"
 
+#define ND_LONGJMP_FROM_TCHECK
 #include "netdissect.h"
 #include "extract.h"
 
@@ -107,10 +108,10 @@ pktap_if_print(netdissect_options *ndo,
        struct pcap_pkthdr nhdr;
 
        ndo->ndo_protocol = "pktap";
-       if (caplen < sizeof(pktap_header_t)) {
-               nd_print_trunc(ndo);
-               ndo->ndo_ll_hdr_len += caplen;
-               return;
+       if (length < sizeof(pktap_header_t)) {
+               ND_PRINT(" (packet too short, %u < %u)",
+                        length, (unsigned)sizeof(pktap_header_t));
+               goto invalid;
        }
        hdr = (const pktap_header_t *)p;
        dlt = GET_LE_U_4(hdr->pkt_dlt);
@@ -123,15 +124,16 @@ pktap_if_print(netdissect_options *ndo,
                 * is the length supplied so that the header can
                 * be expanded in the future)?
                 */
-               nd_print_trunc(ndo);
-               ndo->ndo_ll_hdr_len += caplen;
-               return;
+               ND_PRINT(" (pkt_len too small, %u < %u)",
+                        hdrlen, (unsigned)sizeof(pktap_header_t));
+               goto invalid;
        }
-       if (caplen < hdrlen) {
-               nd_print_trunc(ndo);
-               ndo->ndo_ll_hdr_len += caplen;
-               return;
+       if (hdrlen > length) {
+               ND_PRINT(" (pkt_len too big, %u > %u)",
+                        hdrlen, length);
+               goto invalid;
        }
+       ND_TCHECK_LEN(p, hdrlen);
 
        if (ndo->ndo_eflag)
                pktap_header_print(ndo, p, length);
@@ -167,5 +169,9 @@ pktap_if_print(netdissect_options *ndo,
        }
 
        ndo->ndo_ll_hdr_len += hdrlen;
+       return;
+
+invalid:
+       nd_print_invalid(ndo);
 }
 #endif /* DLT_PKTAP */
index 78c1687a868fc3f26c1f114bb76a2ade0aee09f3..00440a28324b5dea2956c568fe4ffab812694780 100644 (file)
@@ -1,2 +1,2 @@
-    1  05:27:35.808464432  [|pktap]
+    1  05:27:35.808464432  (pkt_len too small, 0 < 108) (invalid)
     2  05:27:12.808595504  [|ppp_hdlc]