Introduce new ND_LCHECK*() macros to deduplicate more code.
IEEE 802.11: Simplify handle_action().
OpenFlow 1.0: Get snapend right for nested frames.
+ ICMP: Update the snapend for some nested IP packets.
Monthday, Month DD, YYYY by gharris
Summary for 4.99.1 tcpdump release (so far!)
const struct udphdr *ouh;
const uint8_t *obj_tptr;
uint32_t raw_label;
- const u_char *snapend_save;
const struct icmp_mpls_ext_object_header_t *icmp_mpls_ext_object_header;
u_int hlen, mtu, obj_tlen, obj_class_num, obj_ctype;
uint16_t dport;
* save the snaplength as this may get overridden in the IP printer.
*/
if (ndo->ndo_vflag >= 1 && ICMP_ERRTYPE(icmp_type)) {
+ const u_char *snapend_save;
+
bp += 8;
ND_PRINT("\n\t");
ip = (const struct ip *)bp;
- snapend_save = ndo->ndo_snapend;
+ snapend_save = ndo->ndo_snapend;
+ /*
+ * Update the snapend because extensions (MPLS, ...) may be
+ * present after the IP packet. In this case the current
+ * (outer) packet's snapend is not what ip_print() needs to
+ * decode an IP packet nested in the middle of an ICMP payload.
+ *
+ * This prevents that, in ip_print(), for the nested IP packet,
+ * the remaining length < remaining caplen.
+ */
+ ndo->ndo_snapend = ND_MIN(bp + GET_BE_U_2(ip->ip_len),
+ ndo->ndo_snapend);
ip_print(ndo, bp, GET_BE_U_2(ip->ip_len));
- ndo->ndo_snapend = snapend_save;
+ ndo->ndo_snapend = snapend_save;
}
/* ndo_protocol reassignment after ip_print() call */
projects / tcpdump / commitdiff
