From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>
Date: Tue, 11 May 2021 10:21:28 +0000 (+0200)
Subject: IEEE 802.15.4: Add some bounds checks
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/346ea98e51a8d50acbbe010f4b39b098d34caa2f

IEEE 802.15.4: Add some bounds checks

This avoids to have cp (current pointer on packet data) > ndo->ndo_snapend
in hex_and_ascii_print(), via ndo_default_print(), via ND_DEFAULTPRINT(),
in some cases.
---

diff --git a/print-802_15_4.c b/print-802_15_4.c
index d3371641..3d307ffd 100644
--- a/print-802_15_4.c
+++ b/print-802_15_4.c
@@ -28,6 +28,7 @@
 
 #include "netdissect-stdinc.h"
 
+#define ND_LONGJMP_FROM_TCHECK
 #include "netdissect.h"
 #include "addrtoname.h"
 
@@ -2138,6 +2139,7 @@ ieee802_15_4_std_frames(netdissect_options *ndo,
 				if (len < 0) {
 					break;
 				}
+				ND_TCHECK_LEN(p, len);
 				p += len;
 				caplen -= len;
 			}
@@ -2331,6 +2333,7 @@ ieee802_15_4_mp_frame(netdissect_options *ndo,
 		if (len < 0) {
 			return 0;
 		}
+		ND_TCHECK_LEN(p, len);
 		p += len;
 		caplen -= len;
 	} else {