int
nd_push_buffer(netdissect_options *ndo, u_char *new_buffer,
- const u_char *new_packetp, const u_char *new_snapend)
+ const u_char *new_packetp, u_int newlen)
{
struct netdissect_saved_packet_info *ndspi;
ndspi->ndspi_prev = ndo->ndo_packet_info_stack;
ndo->ndo_packetp = new_packetp;
- ndo->ndo_snapend = new_snapend;
+ ndo->ndo_snapend = new_packetp + newlen;
ndo->ndo_packet_info_stack = ndspi;
return (1); /* success */
}
+
/*
- * Set a new snapshot end to the minimum of the existing snapshot end
- * and the new snapshot end.
+ * In a given netdissect_options structure:
+ *
+ *, push the current packet information onto the packet informaton
+ * stack;
+ *
+ * given a pointer into the packet and a length past that point in
+ * the packet, calculate a new snapshot end that's at the lower
+ * of the current snapshot end and that point in the packet;
+ *
+ * set the snapshot end to that new value.
*/
int
-nd_push_snapend(netdissect_options *ndo, const u_char *new_snapend)
+nd_push_snaplen(netdissect_options *ndo, const u_char *bp, u_int newlen)
{
struct netdissect_saved_packet_info *ndspi;
+ u_int snaplen_remaining;
ndspi = (struct netdissect_saved_packet_info *)malloc(sizeof(struct netdissect_saved_packet_info));
if (ndspi == NULL)
ndspi->ndspi_prev = ndo->ndo_packet_info_stack;
/*
- * Make sure the new snapend is sane.
- *
- * If it's after the current snapend, it's not valid. We
- * silently ignore the new setting; that means that our callers
- * don't have to do this check themselves, and also means that
- * if the new length is used when dissecting, we'll go past the
- * snapend and report an error.
+ * Push the saved previous data onto the stack.
+ */
+ ndo->ndo_packet_info_stack = ndspi;
+
+ /*
+ * Find out how many bytes remain after the current snapend.
*
- * If it's before the beginning of the packet, it's not valid.
- * That "should not happen", but might happen with a *very*
- * large adjustment to the snapend; our callers *should* check
- * for that, so we fail if they haven't done so.
+ * We're restricted to packets with at most UINT_MAX bytes;
+ * cast the result to u_int, so that we don't get truncation
+ * warnings on LP64 and LLP64 platforms. (ptrdiff_t is
+ * signed and we want an unsigned difference; the pointer
+ * should at most be equal to snapend, and must *never*
+ * be past snapend.)
*/
- if (new_snapend <= ndo->ndo_snapend) {
+ snaplen_remaining = (u_int)(ndo->ndo_snapend - bp);
+
+ /*
+ * If the new snapend is smaller than the one calculated
+ * above, set the snapend to that value, otherwise leave
+ * it unchanged.
+ */
+ if (newlen <= snaplen_remaining) {
/* Snapend isn't past the previous snapend */
- if (new_snapend >= ndo->ndo_packetp) {
- /* And it isn't before the beginning of the packet */
- ndo->ndo_snapend = new_snapend;
- } else {
- /* But it's before the beginning of the packet */
- ND_PRINT(" [new snapend before beginning of packet in nd_push_snapend]");
- nd_bug_longjmp(ndo);
- }
+ ndo->ndo_snapend = bp + newlen;
}
- ndo->ndo_packet_info_stack = ndspi;
return (1); /* success */
}
/*
- * Change an already-pushed snapshot end. This may increase the
+ * In a given netdissect_options structure:
+ *
+ * given a pointer into the packet and a length past that point in
+ * the packet, calculate a new snapshot end that's at the lower
+ * of the previous snapshot end - or, if there is no previous
+ * snapshot end, the current snapshot end - and that point in the
+ * packet;
+ *
+ * set the snapshot end to that new value.
+ *
+ * This is to change the current snapshot end. This may increase the
* snapshot end, as it may be used, for example, for a Jumbo Payload
* option in IPv6. It must not increase it past the snapshot length
* atop which the current one was pushed, however.
*/
void
-nd_change_snapend(netdissect_options *ndo, const u_char *new_snapend)
+nd_change_snaplen(netdissect_options *ndo, const u_char *bp, u_int newlen)
{
struct netdissect_saved_packet_info *ndspi;
const u_char *previous_snapend;
+ u_int snaplen_remaining;
ndspi = ndo->ndo_packet_info_stack;
if (ndspi->ndspi_prev != NULL)
previous_snapend = ndspi->ndspi_prev->ndspi_snapend;
else
previous_snapend = ndo->ndo_snapend;
+
/*
- * Make sure the new snapend is sane.
- *
- * If it's after the current snapend, it's not valid. We
- * silently ignore the new setting; that means that our callers
- * don't have to do this check themselves, and also means that
- * if the new length is used when dissecting, we'll go past the
- * snapend and report an error.
+ * Find out how many bytes remain after the previous
+ * snapend - or, if there is no previous snapend, after
+ * the current snapend.
*
- * If it's before the beginning of the packet, it's not valid.
- * That "should not happen", but might happen with a *very*
- * large adjustment to the snapend; our callers *should* check
- * for that, so we fail if they haven't done so.
+ * We're restricted to packets with at most UINT_MAX bytes;
+ * cast the result to u_int, so that we don't get truncation
+ * warnings on LP64 and LLP64 platforms. (ptrdiff_t is
+ * signed and we want an unsigned difference; the pointer
+ * should at most be equal to snapend, and must *never*
+ * be past snapend.)
+ */
+ snaplen_remaining = (u_int)(previous_snapend - bp);
+
+ /*
+ * If the new snapend is smaller than the one calculated
+ * above, set the snapend to that value, otherwise leave
+ * it unchanged.
*/
- if (new_snapend <= previous_snapend) {
+ if (newlen <= snaplen_remaining) {
/* Snapend isn't past the previous snapend */
- if (new_snapend >= ndo->ndo_packetp) {
- /* And it isn't before the beginning of the packet */
- ndo->ndo_snapend = new_snapend;
- } else {
- /* But it's before the beginning of the packet */
- ND_PRINT(" [new snapend before beginning of packet in nd_push_snapend]");
- nd_bug_longjmp(ndo);
- }
+ ndo->ndo_snapend = bp + newlen;
}
}
};
/* 'val' value(s) for longjmp */
-#define ND_TRUNCATED 1 /* packet data too short */
-#define ND_BUG 2 /* bug of some sort */
+#define ND_TRUNCATED 1
struct netdissect_options {
int ndo_bflag; /* print 4 byte ASes in ASDOT notation */
};
extern int nd_push_buffer(netdissect_options *, u_char *, const u_char *,
- const u_char *);
-extern int nd_push_snapend(netdissect_options *, const u_char *);
-extern void nd_change_snapend(netdissect_options *, const u_char *);
+ u_int);
+extern int nd_push_snaplen(netdissect_options *, const u_char *, u_int);
+extern void nd_change_snaplen(netdissect_options *, const u_char *, u_int);
extern void nd_pop_packet_info(netdissect_options *);
extern void nd_pop_all_packet_info(netdissect_options *);
#endif /* _AIX */
}
-static inline NORETURN void
-nd_bug_longjmp(netdissect_options *ndo)
-{
- longjmp(ndo->ndo_early_end, ND_BUG);
-#ifdef _AIX
- /*
- * In AIX <setjmp.h> decorates longjmp() with "#pragma leaves", which tells
- * XL C that the function is noreturn, but GCC remains unaware of that and
- * yields a "'noreturn' function does return" warning.
- */
- ND_UNREACHABLE
-#endif /* _AIX */
-}
-
#define PT_VAT 1 /* Visual Audio Tool */
#define PT_WB 2 /* distributed White Board */
#define PT_RPC 3 /* Remote Procedure Call */
* on the buffer stack so it can be freed; our caller must
* pop it when done.
*/
- if (!nd_push_buffer(ndo, pt, pt, pt + ctlen)) {
+ if (!nd_push_buffer(ndo, pt, pt, ctlen)) {
free(pt);
return 0;
}
* Switch to the output buffer for dissection, and
* save it on the buffer stack so it can be freed.
*/
- ep = pt + payloadlen;
- if (!nd_push_buffer(ndo, pt, pt, ep)) {
+ if (!nd_push_buffer(ndo, pt, pt, payloadlen)) {
free(pt);
(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
"%s: can't push buffer on buffer stack", __func__);
* it was not decrypted with the correct key, so that the
* "plaintext" is not what was being sent.
*/
- padlen = GET_U_1(ep - 2);
+ padlen = GET_U_1(pt + payloadlen - 2);
if (padlen + 2 > payloadlen) {
nd_print_trunc(ndo);
return;
}
/* Get the next header */
- nh = GET_U_1(ep - 1);
+ nh = GET_U_1(pt + payloadlen - 1);
ND_PRINT(": ");
* Don't put padding + padding length(1 byte) + next header(1 byte)
* in the buffer because they are not part of the plaintext to decode.
*/
- nd_push_snapend(ndo, ep - (padlen + 2));
+ nd_push_snaplen(ndo, pt, payloadlen - (padlen + 2));
/* Now dissect the plaintext. */
ip_demux_print(ndo, pt, payloadlen - (padlen + 2), ver, fragmented,
/* Pop the buffer, freeing it. */
nd_pop_packet_info(ndo);
- /* Pop the nd_push_snapend */
+ /* Pop the nd_push_snaplen */
nd_pop_packet_info(ndo);
#endif
}
projects / tcpdump / commitdiff
