Ethernet: Add a length check

This fix some undefined behaviors at runtime.

The errors were like:

print-ether.c:241:11: runtime error: unsigned integer overflow:
  1 - 2 cannot be represented in type 'unsigned int'
print-ether.c:242:11: runtime error: unsigned integer overflow:
  1 - 2 cannot be represented in type 'unsigned int'

Moreover:
Fix indentation.

(cherry picked from commit c72751f8cdc8bf0f87d26531d24d74aaddf377f2)

diff --git a/print-ether.c b/print-ether.c
index e1d5db21dddb0134681af6265f2c3913fd1a76c0..a6c55c1cd33e73fdae69e590402c9503b92161ad 100644 (file)
--- a/print-ether.c
+++ b/print-ether.c
@@ -222,7 +222,7 @@ recurse:
                }
 
                int ret = macsec_print(ndo, &p, &length, &caplen, &hdrlen,
-                   &src, &dst);
+                                      &src, &dst);
 
                if (ret == 0) {
                        /* Payload is encrypted; print it as raw data. */
@@ -238,6 +238,7 @@ recurse:
                         */
                        length_type = GET_BE_U_2(p);
 
+                       ND_LCHECK_U(caplen, 2);
                        length -= 2;
                        caplen -= 2;
                        p += 2;
@@ -403,6 +404,7 @@ recurse:
                                ND_DEFAULTPRINT(p, caplen);
                }
        }
+invalid:
        return hdrlen;
 }