Fail if nd_push_buffer() or nd_push_snaplen() fails.

Always call ndo->ndo_error with a memory-allocation error if they fail.

Add WARN_UNUSED_RESULT for compilers that support it, and use it for
those routines, so that any future code that doesn't check for failure
gets a warning.

diff --git a/funcattrs.h b/funcattrs.h
index 02a0a74f1c518310325884b6206229006251f8b7..21f3cc1dafd0e83a5485e3b2e4f5edca048db368 100644 (file)
--- a/funcattrs.h
+++ b/funcattrs.h
@@ -87,6 +87,19 @@
   #define NORETURN_FUNCPTR
 #endif
 
+/*
+ * WARN_UNUSED_RESULT, before a function declaration, means "the caller
+ * should use the result of this function" (even if it's just a success/
+ * failure indication).
+ */
+#if __has_attribute(warn_unused_result) \
+    || ND_IS_AT_LEAST_GNUC_VERSION(3,4) \
+    || ND_IS_AT_LEAST_HP_C_VERSION(6,25)
+  #define WARN_UNUSED_RESULT __attribute((warn_unused_result))
+#else
+  #define WARN_UNUSED_RESULT
+#endif
+
 /*
  * PRINTFLIKE(x,y), after a function declaration, means "this function
  * does printf-style formatting, with the xth argument being the format

diff --git a/netdissect.h b/netdissect.h
index f53499e9bc49fb8eabe03f992aa06c2bb9afa300..909b7c874326d8428848c6376a5b22a21c792920 100644 (file)
--- a/netdissect.h
+++ b/netdissect.h
@@ -262,9 +262,10 @@ struct netdissect_options {
                      PRINTFLIKE_FUNCPTR(2, 3);
 };
 
-extern int nd_push_buffer(netdissect_options *, u_char *, const u_char *,
-    u_int);
-extern int nd_push_snaplen(netdissect_options *, const u_char *, u_int);
+extern WARN_UNUSED_RESULT int nd_push_buffer(netdissect_options *, u_char *,
+    const u_char *, u_int);
+extern WARN_UNUSED_RESULT int nd_push_snaplen(netdissect_options *,
+    const u_char *, u_int);
 extern void nd_change_snaplen(netdissect_options *, const u_char *, u_int);
 extern void nd_pop_packet_info(netdissect_options *);
 extern void nd_pop_all_packet_info(netdissect_options *);

diff --git a/print-esp.c b/print-esp.c
index 22af35b372813862a19e80e6a6e98ec56f260f51..fb94a60a5c438536e3f718704ed47919f7dcd7be 100644 (file)
--- a/print-esp.c
+++ b/print-esp.c
@@ -331,7 +331,8 @@ int esp_decrypt_buffer_by_ikev2_print(netdissect_options *ndo,
         */
        if (!nd_push_buffer(ndo, pt, pt, ctlen)) {
                free(pt);
-               return 0;
+               (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+                       "%s: can't push buffer on buffer stack", __func__);
        }
 
        return 1;
@@ -907,7 +908,10 @@ esp_print(netdissect_options *ndo,
         * Don't put padding + padding length(1 byte) + next header(1 byte)
         * in the buffer because they are not part of the plaintext to decode.
         */
-       nd_push_snaplen(ndo, pt, payloadlen - (padlen + 2));
+       if (!nd_push_snaplen(ndo, pt, payloadlen - (padlen + 2))) {
+               (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+                       "%s: can't push snaplen on buffer stack", __func__);
+       }
 
        /* Now dissect the plaintext. */
        ip_demux_print(ndo, pt, payloadlen - (padlen + 2), ver, fragmented,

diff --git a/print-ether.c b/print-ether.c
index 1b273e16d0c5e41a6a72759dc8838fa5161631b7..b1865d17914d4517dee021cb4f11a7fa8ce585b0 100644 (file)
--- a/print-ether.c
+++ b/print-ether.c
@@ -306,7 +306,10 @@ recurse:
                 * Cut off the snapshot length to the end of the
                 * payload.
                 */
-               nd_push_snaplen(ndo, p, length);
+               if (!nd_push_snaplen(ndo, p, length)) {
+                       (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+                               "%s: can't push snaplen on buffer stack", __func__);
+               }
 
                if (ndo->ndo_eflag) {
                        ND_PRINT("802.3");

diff --git a/print-ip.c b/print-ip.c
index 4f9617a3c6a8b205225ffffda44131c5c3afef04..23ba99c970075099b9e5a80a598967e2c4081b6e 100644 (file)
--- a/print-ip.c
+++ b/print-ip.c
@@ -377,7 +377,10 @@ ip_print(netdissect_options *ndo,
        /*
         * Cut off the snapshot length to the end of the IP payload.
         */
-       nd_push_snaplen(ndo, bp, len);
+       if (!nd_push_snaplen(ndo, bp, len)) {
+               (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+                       "%s: can't push snaplen on buffer stack", __func__);
+       }
 
        len -= hlen;
 

diff --git a/print-ip6.c b/print-ip6.c
index 15b30630fb2418330246f3c6770439b540cce168..829483345925c6d20c8b24ff789048aaa0b66873 100644 (file)
--- a/print-ip6.c
+++ b/print-ip6.c
@@ -305,7 +305,10 @@ ip6_print(netdissect_options *ndo, const u_char *bp, u_int length)
        /*
         * Cut off the snapshot length to the end of the IP payload.
         */
-       nd_push_snaplen(ndo, bp, len);
+       if (!nd_push_snaplen(ndo, bp, len)) {
+               (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
+                       "%s: can't push snaplen on buffer stack", __func__);
+       }
 
        cp = (const u_char *)ip6;
        advance = sizeof(struct ip6_hdr);