From: Guy Harris <gharris@sonic.net>
Date: Mon, 4 Nov 2024 17:36:12 +0000 (-0800)
Subject: ipv6: set the snapshot length for the payload correctly.
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/1018ad1acfdc9f0034d749930e11ebddfc5e621b

ipv6: set the snapshot length for the payload correctly.

Cut off the snapshot length to the end of the IP payload or the end of
the data in which it's contained, whichever comes first.

(cherry picked from commit 6bc9e72adcb9acd46720b9e8f0e1d41bbde1bdb9)
---

diff --git a/print-ip6.c b/print-ip6.c
index aaf31b4e..269b41fb 100644
--- a/print-ip6.c
+++ b/print-ip6.c
@@ -301,9 +301,11 @@ ip6_print(netdissect_options *ndo, const u_char *bp, u_int length)
 	ND_TCHECK_SIZE(ip6);
 
 	/*
-	 * Cut off the snapshot length to the end of the IP payload.
+	 * Cut off the snapshot length to the end of the IP payload
+	 * or the end of the data in which it's contained, whichever
+	 * comes first.
 	 */
-	if (!nd_push_snaplen(ndo, bp, len)) {
+	if (!nd_push_snaplen(ndo, bp, ND_MIN(length, len))) {
 		(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
 			"%s: can't push snaplen on buffer stack", __func__);
 	}