Zephyr: Avoid printing non-ASCII characters

The "%s" format is a risk (no non-ASCII filtering), thus use
the fn_print_str() function via the ZEPHYR_PRINT() macro.

diff --git a/print-zephyr.c b/print-zephyr.c
index 0a2ee337966f186da38b3050baf940f4455941e9..b3d897e0db8a32815655b7158dbb543cf10e6c87 100644 (file)
--- a/print-zephyr.c
+++ b/print-zephyr.c
@@ -139,6 +139,10 @@ str_to_lower(const char *string)
     return z_buf;
 }
 
+#define ZEPHYR_PRINT(str1,str2) \
+ND_PRINT("%s", str1); \
+fn_print_str(ndo, (const u_char *)str2);
+
 void
 zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
 {
@@ -210,7 +214,7 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
 
     ND_PRINT(" zephyr");
     if (strncmp(z.version+4, "0.2", 3)) {
-       ND_PRINT(" v%s", z.version+4);
+       ZEPHYR_PRINT(" v", z.version+4)
        return;
     }
 
@@ -220,9 +224,9 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
        const char *ackdata = NULL;
        PARSE_FIELD_STR(ackdata);
        if (!lose && strcmp(ackdata, "SENT"))
-           ND_PRINT("/%s", str_to_lower(ackdata));
+           ZEPHYR_PRINT("/", str_to_lower(ackdata))
     }
-    if (*z.sender) ND_PRINT(" %s", z.sender);
+    if (*z.sender) ZEPHYR_PRINT(" ", z.sender);
 
     if (!strcmp(z.class, "USER_LOCATE")) {
        if (!strcmp(z.opcode, "USER_HIDE"))
@@ -230,12 +234,12 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
        else if (!strcmp(z.opcode, "USER_UNHIDE"))
            ND_PRINT(" unhide");
        else
-           ND_PRINT(" locate %s", z.inst);
+           ZEPHYR_PRINT(" locate ", z.inst);
        return;
     }
 
     if (!strcmp(z.class, "ZEPHYR_ADMIN")) {
-       ND_PRINT(" zephyr-admin %s", str_to_lower(z.opcode));
+       ZEPHYR_PRINT(" zephyr-admin ", str_to_lower(z.opcode));
        return;
     }
 
@@ -254,7 +258,7 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
                    PARSE_FIELD_STR(c);
                    PARSE_FIELD_STR(i);
                    PARSE_FIELD_STR(r);
-                   if (!lose) ND_PRINT(" %s", z_triple(c, i, r));
+                   if (!lose) ZEPHYR_PRINT(" ", z_triple(c, i, r));
                }
                return;
            }
@@ -274,12 +278,12 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
                return;
            }
 
-           ND_PRINT(" %s", str_to_lower(z.opcode));
+           ZEPHYR_PRINT(" ", str_to_lower(z.opcode));
            return;
        }
 
        if (!strcmp(z.inst, "HM")) {
-           ND_PRINT(" %s", str_to_lower(z.opcode));
+           ZEPHYR_PRINT(" ", str_to_lower(z.opcode));
            return;
        }
 
@@ -297,8 +301,8 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
     }
 
     if (!strcmp(z.class, "HM_CTL")) {
-       ND_PRINT(" hm_ctl %s", str_to_lower(z.inst));
-       ND_PRINT(" %s", str_to_lower(z.opcode));
+       ZEPHYR_PRINT(" hm_ctl ", str_to_lower(z.inst));
+       ZEPHYR_PRINT(" ", str_to_lower(z.opcode));
        return;
     }
 
@@ -310,8 +314,8 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
     }
 
     if (!strcmp(z.class, "WG_CTL")) {
-       ND_PRINT(" wg_ctl %s", str_to_lower(z.inst));
-       ND_PRINT(" %s", str_to_lower(z.opcode));
+       ZEPHYR_PRINT(" wg_ctl ", str_to_lower(z.inst));
+       ZEPHYR_PRINT(" ", str_to_lower(z.opcode));
        return;
     }
 
@@ -327,7 +331,7 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
            !strcmp(z.opcode, "REALM-ANNOUNCED") ||
            !strcmp(z.opcode, "NET-VISIBLE") ||
            !strcmp(z.opcode, "NET-ANNOUNCED")) {
-           ND_PRINT(" set-exposure %s", str_to_lower(z.opcode));
+           ZEPHYR_PRINT(" set-exposure ", str_to_lower(z.opcode));
            return;
        }
     }
@@ -335,9 +339,9 @@ zephyr_print(netdissect_options *ndo, const u_char *cp, u_int length)
     if (!*z.recipient)
        z.recipient = "*";
 
-    ND_PRINT(" to %s", z_triple(z.class, z.inst, z.recipient));
+    ZEPHYR_PRINT(" to ", z_triple(z.class, z.inst, z.recipient));
     if (*z.opcode)
-       ND_PRINT(" op %s", z.opcode);
+       ZEPHYR_PRINT(" op ", z.opcode);
     return;
 
 invalid: