In print-openflow-1.0.c and print-openflow-1.3.c replace the remaining
"goto invalid" checks with ND_ICHECK_U() and ND_ICHECKMSG_U(). Redo the
changes from commit
1ce16ea: use the same order of arguments and the
same comparison operators as before the change and lose the unsigned
compensation, which is no longer required. Add another test case using
a malformed packet from Francois-Xavier.
(cherry picked from commit
beddcbb4ea5406ae22818a6cc7da7b315d04eb5e and
.out file backported from commit
26231dad8b681c1b62d16a57aa5a4e28afb04b59)
/* lengths (fixed or minimal) of particular protocol structures */
#define OF_PHY_PORT_FIXLEN 48
/* lengths (fixed or minimal) of particular protocol structures */
#define OF_PHY_PORT_FIXLEN 48
-#define OF_ACTION_MINLEN 8U
+#define OF_ACTION_MINLEN 8
#define OF_MATCH_FIXLEN 40
#define OF_DESC_STATS_REPLY_FIXLEN 1056
#define OF_FLOW_STATS_REQUEST_FIXLEN 44
#define OF_MATCH_FIXLEN 40
#define OF_DESC_STATS_REPLY_FIXLEN 1056
#define OF_FLOW_STATS_REQUEST_FIXLEN 44
- if (len < 4)
- goto invalid;
+ ND_PRINT("\n\t");
+ ND_ICHECK_U(len, <, 4);
/* subtype */
subtype = GET_BE_U_4(cp);
OF_FWD(4);
/* subtype */
subtype = GET_BE_U_4(cp);
OF_FWD(4);
- ND_PRINT("\n\t subtype %s", tok2str(bsn_subtype_str, "unknown (0x%08x)", subtype));
+ ND_PRINT(" subtype %s", tok2str(bsn_subtype_str, "unknown (0x%08x)", subtype));
switch (subtype) {
case BSN_GET_IP_MASK_REQUEST:
/*
switch (subtype) {
case BSN_GET_IP_MASK_REQUEST:
/*
* +---------------+---------------+---------------+---------------+
*
*/
* +---------------+---------------+---------------+---------------+
*
*/
- if (len != 8)
- goto invalid;
+ ND_ICHECK_U(len, !=, 8);
/* index */
ND_PRINT(", index %u", GET_U_1(cp));
OF_FWD(1);
/* index */
ND_PRINT(", index %u", GET_U_1(cp));
OF_FWD(1);
* +---------------+---------------+---------------+---------------+
*
*/
* +---------------+---------------+---------------+---------------+
*
*/
- if (len != 8)
- goto invalid;
+ ND_ICHECK_U(len, !=, 8);
/* index */
ND_PRINT(", index %u", GET_U_1(cp));
OF_FWD(1);
/* index */
ND_PRINT(", index %u", GET_U_1(cp));
OF_FWD(1);
* +---------------+---------------+---------------+---------------+
*
*/
* +---------------+---------------+---------------+---------------+
*
*/
- if (len != 4)
- goto invalid;
+ ND_ICHECK_U(len, !=, 4);
/* report_mirror_ports */
ND_PRINT(", report_mirror_ports %s",
tok2str(bsn_onoff_str, "bogus (%u)", GET_U_1(cp)));
/* report_mirror_ports */
ND_PRINT(", report_mirror_ports %s",
tok2str(bsn_onoff_str, "bogus (%u)", GET_U_1(cp)));
* +---------------+---------------+---------------+---------------+
*
*/
* +---------------+---------------+---------------+---------------+
*
*/
- if (len)
- goto invalid;
+ ND_ICHECK_U(len, !=, 0);
break;
case BSN_VIRTUAL_PORT_REMOVE_REQUEST:
/*
break;
case BSN_VIRTUAL_PORT_REMOVE_REQUEST:
/*
* +---------------+---------------+---------------+---------------+
*
*/
* +---------------+---------------+---------------+---------------+
*
*/
- if (len != 4)
- goto invalid;
+ ND_ICHECK_U(len, !=, 4);
/* vport_no */
ND_PRINT(", vport_no %u", GET_BE_U_4(cp));
break;
/* vport_no */
ND_PRINT(", vport_no %u", GET_BE_U_4(cp));
break;
* +---------------+---------------+--------
*
*/
* +---------------+---------------+--------
*
*/
- if (len < 4)
- goto invalid;
+ ND_ICHECK_U(len, <, 4);
/* service */
ND_PRINT(", service %u", GET_BE_U_4(cp));
OF_FWD(4);
/* service */
ND_PRINT(", service %u", GET_BE_U_4(cp));
OF_FWD(4);
* +---------------+---------------+---------------+---------------+
*
*/
* +---------------+---------------+---------------+---------------+
*
*/
- if (len != 4)
- goto invalid;
+ ND_ICHECK_U(len, !=, 4);
/* status */
ND_PRINT(", status 0x%08x", GET_BE_U_4(cp));
break;
/* status */
ND_PRINT(", status 0x%08x", GET_BE_U_4(cp));
break;
{
uint32_t subtype, vlan_tag;
{
uint32_t subtype, vlan_tag;
- if (len < 4)
- goto invalid;
+ ND_PRINT("\n\t ");
+ ND_ICHECK_U(len, <, 4);
/* subtype */
subtype = GET_BE_U_4(cp);
OF_FWD(4);
/* subtype */
subtype = GET_BE_U_4(cp);
OF_FWD(4);
- ND_PRINT("\n\t subtype %s", tok2str(bsn_action_subtype_str, "unknown (0x%08x)", subtype));
+ ND_PRINT(" subtype %s", tok2str(bsn_action_subtype_str, "unknown (0x%08x)", subtype));
switch (subtype) {
case BSN_ACTION_MIRROR:
/*
switch (subtype) {
case BSN_ACTION_MIRROR:
/*
* +---------------+---------------+---------------+---------------+
*
*/
* +---------------+---------------+---------------+---------------+
*
*/
- if (len != 12)
- goto invalid;
+ ND_ICHECK_U(len, !=, 12);
/* dest_port */
ND_PRINT(", dest_port %u", GET_BE_U_4(cp));
OF_FWD(4);
/* dest_port */
ND_PRINT(", dest_port %u", GET_BE_U_4(cp));
OF_FWD(4);
uint32_t vendor;
void (*decoder)(netdissect_options *, const u_char *, u_int);
uint32_t vendor;
void (*decoder)(netdissect_options *, const u_char *, u_int);
- if (len < 4)
- goto invalid;
+ ND_ICHECK_U(len, <, 4);
/* vendor */
vendor = GET_BE_U_4(cp);
OF_FWD(4);
/* vendor */
vendor = GET_BE_U_4(cp);
OF_FWD(4);
- if (len < 4)
- goto invalid;
+ ND_ICHECK_U(len, <, 4);
/* vendor */
vendor = GET_BE_U_4(cp);
OF_FWD(4);
/* vendor */
vendor = GET_BE_U_4(cp);
OF_FWD(4);
uint16_t property, plen;
u_char plen_bogus = 0, skip = 0;
uint16_t property, plen;
u_char plen_bogus = 0, skip = 0;
- if (len < OF_QUEUE_PROP_MINLEN)
- goto invalid;
+ ND_PRINT("\n\t ");
+ ND_ICHECKMSG_U("remaining length", len, <, OF_QUEUE_PROP_MINLEN);
/* property */
property = GET_BE_U_2(cp);
OF_FWD(2);
/* property */
property = GET_BE_U_2(cp);
OF_FWD(2);
- ND_PRINT("\n\t property %s", tok2str(ofpqt_str, "invalid (0x%04x)", property));
+ ND_PRINT(" property %s", tok2str(ofpqt_str, "invalid (0x%04x)", property));
/* len */
plen = GET_BE_U_2(cp);
OF_FWD(2);
ND_PRINT(", len %u", plen);
/* len */
plen = GET_BE_U_2(cp);
OF_FWD(2);
ND_PRINT(", len %u", plen);
- if (plen < OF_QUEUE_PROP_MINLEN || plen > len + 4)
- goto invalid;
+ ND_ICHECKMSG_U("property length", plen, <, OF_QUEUE_PROP_MINLEN);
+ ND_ICHECKMSG_U("property length", plen, >, len + 4);
/* pad */
/* Sometimes the last field, check bounds. */
OF_CHK_FWD(4);
/* pad */
/* Sometimes the last field, check bounds. */
OF_CHK_FWD(4);
while (len) {
uint16_t desclen;
while (len) {
uint16_t desclen;
- if (len < OF_PACKET_QUEUE_MINLEN)
- goto invalid;
+ ND_PRINT("\n\t ");
+ ND_ICHECKMSG_U("remaining length", len, <, OF_PACKET_QUEUE_MINLEN);
- ND_PRINT("\n\t queue_id %u", GET_BE_U_4(cp));
+ ND_PRINT(" queue_id %u", GET_BE_U_4(cp));
OF_FWD(4);
/* len */
desclen = GET_BE_U_2(cp);
OF_FWD(2);
ND_PRINT(", len %u", desclen);
OF_FWD(4);
/* len */
desclen = GET_BE_U_2(cp);
OF_FWD(2);
ND_PRINT(", len %u", desclen);
- if (desclen < OF_PACKET_QUEUE_MINLEN || desclen > len + 6)
- goto invalid;
+ ND_ICHECKMSG_U("prop. desc. length", desclen, <, OF_PACKET_QUEUE_MINLEN);
+ ND_ICHECKMSG_U("prop. desc. length", desclen, >, len + 6);
/* pad */
/* Sometimes the last field, check bounds. */
OF_CHK_FWD(2);
/* pad */
/* Sometimes the last field, check bounds. */
OF_CHK_FWD(2);
/* On action size underrun/overrun skip the rest of the action list. */
ND_ICHECK_U(alen, <, OF_ACTION_MINLEN);
/* On action size underrun/overrun skip the rest of the action list. */
ND_ICHECK_U(alen, <, OF_ACTION_MINLEN);
- ND_ICHECK_U(len, <, alen - 4U);
+ ND_ICHECK_U(alen, >, len + 4);
/*
* After validating the basic length constraint it will be safe
* to skip the current action if the action size is not valid
/*
* After validating the basic length constraint it will be safe
* to skip the current action if the action size is not valid
OF_FWD(4);
/* ports */
while (len) {
OF_FWD(4);
/* ports */
while (len) {
- if (len < OF_PHY_PORT_FIXLEN)
- goto invalid;
+ ND_ICHECKMSG_U("\n\t port def. length", len, <, OF_PHY_PORT_FIXLEN);
of10_phy_port_print(ndo, cp);
OF_FWD(OF_PHY_PORT_FIXLEN);
}
of10_phy_port_print(ndo, cp);
OF_FWD(OF_PHY_PORT_FIXLEN);
}
switch(type) {
case OFPST_DESC:
case OFPST_TABLE:
switch(type) {
case OFPST_DESC:
case OFPST_TABLE:
- if (len)
- goto invalid;
+ ND_ICHECK_U(len, !=, 0);
return;
case OFPST_FLOW:
case OFPST_AGGREGATE:
return;
case OFPST_FLOW:
case OFPST_AGGREGATE:
- if (len != OF_FLOW_STATS_REQUEST_FIXLEN)
- goto invalid;
+ ND_ICHECK_U(len, !=, OF_FLOW_STATS_REQUEST_FIXLEN);
/* match */
of10_match_print(ndo, "\n\t ", cp);
OF_FWD(OF_MATCH_FIXLEN);
/* match */
of10_match_print(ndo, "\n\t ", cp);
OF_FWD(OF_MATCH_FIXLEN);
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
return;
case OFPST_PORT:
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
return;
case OFPST_PORT:
- if (len != OF_PORT_STATS_REQUEST_FIXLEN)
- goto invalid;
+ ND_ICHECK_U(len, !=, OF_PORT_STATS_REQUEST_FIXLEN);
/* port_no */
ND_PRINT("\n\t port_no %s",
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
/* port_no */
ND_PRINT("\n\t port_no %s",
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
OF_CHK_FWD(6);
return;
case OFPST_QUEUE:
OF_CHK_FWD(6);
return;
case OFPST_QUEUE:
- if (len != OF_QUEUE_STATS_REQUEST_FIXLEN)
- goto invalid;
+ ND_ICHECK_U(len, !=, OF_QUEUE_STATS_REQUEST_FIXLEN);
/* port_no */
ND_PRINT("\n\t port_no %s",
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
/* port_no */
ND_PRINT("\n\t port_no %s",
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
of10_desc_stats_reply_print(netdissect_options *ndo,
const u_char *cp, u_int len)
{
of10_desc_stats_reply_print(netdissect_options *ndo,
const u_char *cp, u_int len)
{
- if (len != OF_DESC_STATS_REPLY_FIXLEN)
- goto invalid;
+ ND_PRINT("\n\t ");
+ ND_ICHECK_U(len, !=, OF_DESC_STATS_REPLY_FIXLEN);
- ND_PRINT("\n\t mfr_desc '");
+ ND_PRINT(" mfr_desc '");
nd_printjnp(ndo, cp, DESC_STR_LEN);
ND_PRINT("'");
OF_FWD(DESC_STR_LEN);
nd_printjnp(ndo, cp, DESC_STR_LEN);
ND_PRINT("'");
OF_FWD(DESC_STR_LEN);
entry_len = GET_BE_U_2(cp);
ND_PRINT(" length %u", entry_len);
ND_ICHECK_U(entry_len, <, OF_FLOW_STATS_REPLY_MINLEN);
entry_len = GET_BE_U_2(cp);
ND_PRINT(" length %u", entry_len);
ND_ICHECK_U(entry_len, <, OF_FLOW_STATS_REPLY_MINLEN);
- ND_ICHECK_U(len, <, entry_len);
+ ND_ICHECK_U(entry_len, >, len);
OF_FWD(2);
/* table_id */
ND_PRINT(", table_id %s",
OF_FWD(2);
/* table_id */
ND_PRINT(", table_id %s",
of10_aggregate_stats_reply_print(netdissect_options *ndo,
const u_char *cp, u_int len)
{
of10_aggregate_stats_reply_print(netdissect_options *ndo,
const u_char *cp, u_int len)
{
- if (len != OF_AGGREGATE_STATS_REPLY_FIXLEN)
- goto invalid;
+ ND_PRINT("\n\t");
+ ND_ICHECKMSG_U("remaining length", len, !=, OF_AGGREGATE_STATS_REPLY_FIXLEN);
- ND_PRINT("\n\t packet_count %" PRIu64, GET_BE_U_8(cp));
+ ND_PRINT(" packet_count %" PRIu64, GET_BE_U_8(cp));
OF_FWD(8);
/* byte_count */
ND_PRINT(", byte_count %" PRIu64, GET_BE_U_8(cp));
OF_FWD(8);
/* byte_count */
ND_PRINT(", byte_count %" PRIu64, GET_BE_U_8(cp));
const u_char *cp, u_int len)
{
while (len) {
const u_char *cp, u_int len)
{
while (len) {
- if (len < OF_TABLE_STATS_REPLY_FIXLEN)
- goto invalid;
+ ND_PRINT("\n\t");
+ ND_ICHECKMSG_U("remaining length", len, <, OF_TABLE_STATS_REPLY_FIXLEN);
- ND_PRINT("\n\t table_id %s",
+ ND_PRINT(" table_id %s",
tok2str(tableid_str, "%u", GET_U_1(cp)));
OF_FWD(1);
/* pad */
tok2str(tableid_str, "%u", GET_U_1(cp)));
OF_FWD(1);
/* pad */
const u_char *cp, u_int len)
{
while (len) {
const u_char *cp, u_int len)
{
while (len) {
- if (len < OF_PORT_STATS_REPLY_FIXLEN)
- goto invalid;
+ ND_PRINT("\n\t ");
+ ND_ICHECKMSG_U("remaining length", len, <, OF_PORT_STATS_REPLY_FIXLEN);
- ND_PRINT("\n\t port_no %s",
+ ND_PRINT(" port_no %s",
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
OF_FWD(2);
if (ndo->ndo_vflag < 2) {
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
OF_FWD(2);
if (ndo->ndo_vflag < 2) {
const u_char *cp, u_int len)
{
while (len) {
const u_char *cp, u_int len)
{
while (len) {
- if (len < OF_QUEUE_STATS_REPLY_FIXLEN)
- goto invalid;
+ ND_PRINT("\n\t ");
+ ND_ICHECKMSG_U("remaining length", len, <, OF_QUEUE_STATS_REPLY_FIXLEN);
- ND_PRINT("\n\t port_no %s",
+ ND_PRINT(" port_no %s",
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
OF_FWD(2);
/* pad */
tok2str(ofpp_str, "%u", GET_BE_U_2(cp)));
OF_FWD(2);
/* pad */
actions_len = GET_BE_U_2(cp);
ND_PRINT(", actions_len %u", actions_len);
OF_FWD(2);
actions_len = GET_BE_U_2(cp);
ND_PRINT(", actions_len %u", actions_len);
OF_FWD(2);
- ND_ICHECK_U(len, <, actions_len);
+ ND_ICHECK_U(actions_len, >, len);
/* actions */
of10_actions_print(ndo, "\n\t ", cp, actions_len);
OF_FWD(actions_len);
/* actions */
of10_actions_print(ndo, "\n\t ", cp, actions_len);
OF_FWD(actions_len);
while (len) {
uint16_t type, bmlen;
while (len) {
uint16_t type, bmlen;
- if (len < OF_HELLO_ELEM_MINSIZE)
- goto invalid;
+ ND_PRINT("\n\t");
+ ND_ICHECKMSG_U("remaining length", len, <, OF_HELLO_ELEM_MINSIZE);
/* type */
type = GET_BE_U_2(cp);
OF_FWD(2);
/* type */
type = GET_BE_U_2(cp);
OF_FWD(2);
- ND_PRINT("\n\t type %s",
tok2str(ofphet_str, "unknown (0x%04x)", type));
/* length */
bmlen = GET_BE_U_2(cp);
OF_FWD(2);
ND_PRINT(", length %u", bmlen);
/* cp is OF_HELLO_ELEM_MINSIZE bytes in */
tok2str(ofphet_str, "unknown (0x%04x)", type));
/* length */
bmlen = GET_BE_U_2(cp);
OF_FWD(2);
ND_PRINT(", length %u", bmlen);
/* cp is OF_HELLO_ELEM_MINSIZE bytes in */
- if (bmlen < OF_HELLO_ELEM_MINSIZE ||
- bmlen > OF_HELLO_ELEM_MINSIZE + len)
- goto invalid;
+ ND_ICHECKMSG_U("bitmap length", bmlen, <, OF_HELLO_ELEM_MINSIZE);
+ ND_ICHECKMSG_U("bitmap length", bmlen, >, OF_HELLO_ELEM_MINSIZE + len);
switch (type) {
case OFPHET_VERSIONBITMAP:
/*
switch (type) {
case OFPHET_VERSIONBITMAP:
/*
of13_ericsson-v of13_ericsson.pcapng of13_ericsson-v.out -v
of13_ericsson-vv of13_ericsson.pcapng of13_ericsson-vv.out -vv
of10_inv_OFPST_FLOW-v of10_inv_OFPST_FLOW.pcap of10_inv_OFPST_FLOW-v.out -v
of13_ericsson-v of13_ericsson.pcapng of13_ericsson-v.out -v
of13_ericsson-vv of13_ericsson.pcapng of13_ericsson-vv.out -vv
of10_inv_OFPST_FLOW-v of10_inv_OFPST_FLOW.pcap of10_inv_OFPST_FLOW-v.out -v
+of10_inv_QUEUE_GET_CONFIG_REPLY-vv of10_inv_QUEUE_GET_CONFIG_REPLY.pcap of10_inv_QUEUE_GET_CONFIG_REPLY-vv.out -vv
# GeoNetworking and CALM FAST tests
geonet-calm-fast geonet_and_calm_fast.pcap geonet_and_calm_fast.out -vv
# GeoNetworking and CALM FAST tests
geonet-calm-fast geonet_and_calm_fast.pcap geonet_and_calm_fast.out -vv
--- /dev/null
+ 1 06:10:40.134396994 : (protocol 0x7e7e invalid)
projects / tcpdump / commitdiff
