From: Francois-Xavier Le Bail <fx.lebail@yahoo.com>
Date: Sun, 16 Feb 2014 17:29:37 +0000 (+0100)
Subject: fix partial checksum errors in DCCP decoder, IPv6 case
X-Git-Tag: tcpdump-4.6.0~220^2
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/3625533c9acb33b9a9d57f3d38290b1408a96341?ds=sidebyside

fix partial checksum errors in DCCP decoder, IPv6 case
---

diff --git a/ip6.h b/ip6.h
index c19d7ee4..f1032ec2 100644
--- a/ip6.h
+++ b/ip6.h
@@ -196,6 +196,6 @@ struct ip6_frag {
 #define IP6F_MORE_FRAG		0x0001	/* more-fragments flag */
 
 /* in print-ip6.c */
-extern int nextproto6_cksum(const struct ip6_hdr *, const u_int8_t *, u_int, u_int);
+extern int nextproto6_cksum(const struct ip6_hdr *, const u_int8_t *, u_int, u_int, u_int);
 
 #endif /* not _NETINET_IP6_H_ */
diff --git a/netdissect.h b/netdissect.h
index 37bc59e0..241f585a 100644
--- a/netdissect.h
+++ b/netdissect.h
@@ -527,7 +527,6 @@ extern u_int ieee802_15_4_if_print(netdissect_options *,const struct pcap_pkthdr
 extern void ip6_print(netdissect_options *,const u_char *, u_int);
 #if 0
 extern void ip6_opt_print(netdissect_options *,const u_char *, int);
-extern int nextproto6_cksum(const struct ip6_hdr *, const u_int8_t *, u_int, u_int);
 extern int hbhopt_print(netdissect_options *,const u_char *);
 extern int dstopt_print(netdissect_options *,const u_char *);
 extern int frag6_print(netdissect_options *,const u_char *,
diff --git a/print-dccp.c b/print-dccp.c
index ffadfb66..68d0a978 100644
--- a/print-dccp.c
+++ b/print-dccp.c
@@ -192,8 +192,8 @@ static int dccp_cksum(const struct ip *ip,
 #ifdef INET6
 static int dccp6_cksum(const struct ip6_hdr *ip6, const struct dccp_hdr *dh, u_int len)
 {
-	return nextproto6_cksum(ip6, (const u_int8_t *)(void *)dh,
-	    dccp_csum_coverage(dh, len), IPPROTO_DCCP);
+	return nextproto6_cksum(ip6, (const u_int8_t *)(void *)dh, len,
+				dccp_csum_coverage(dh, len), IPPROTO_DCCP);
 }
 #endif
 
diff --git a/print-icmp6.c b/print-icmp6.c
index 58f49847..ba5cfa62 100644
--- a/print-icmp6.c
+++ b/print-icmp6.c
@@ -625,8 +625,8 @@ print_lladdr(netdissect_options *ndo, const u_int8_t *p, size_t l)
 static int icmp6_cksum(const struct ip6_hdr *ip6, const struct icmp6_hdr *icp,
 	u_int len)
 {
-	return (nextproto6_cksum(ip6, (const u_int8_t *)(void *)icp, len,
-	    IPPROTO_ICMPV6));
+	return nextproto6_cksum(ip6, (const u_int8_t *)(void *)icp, len, len,
+				IPPROTO_ICMPV6);
 }
 
 const struct tok rpl_mop_values[] = {
diff --git a/print-ip6.c b/print-ip6.c
index 908a5dee..484b2f1b 100644
--- a/print-ip6.c
+++ b/print-ip6.c
@@ -44,7 +44,7 @@
  */
 int
 nextproto6_cksum(const struct ip6_hdr *ip6, const u_int8_t *data,
-		 u_int len, u_int next_proto)
+		 u_int len, u_int covlen, u_int next_proto)
 {
         struct {
                 struct in6_addr ph_src;
@@ -65,7 +65,7 @@ nextproto6_cksum(const struct ip6_hdr *ip6, const u_int8_t *data,
         vec[0].ptr = (const u_int8_t *)(void *)&ph;
         vec[0].len = sizeof(ph);
         vec[1].ptr = data;
-        vec[1].len = len;
+        vec[1].len = covlen;
 
         return in_cksum(vec, 2);
 }
@@ -225,7 +225,7 @@ ip6_print(netdissect_options *ndo, const u_char *bp, u_int length)
 		    }
 
 		case IPPROTO_PIM:
-			pim_print(cp, len, nextproto6_cksum(ip6, cp, len,
+			pim_print(cp, len, nextproto6_cksum(ip6, cp, len, len,
 							    IPPROTO_PIM));
 			return;
 
diff --git a/print-tcp.c b/print-tcp.c
index eee98fe9..e5acfa4c 100644
--- a/print-tcp.c
+++ b/print-tcp.c
@@ -386,7 +386,8 @@ tcp_print(register const u_char *bp, register u_int length,
 #ifdef INET6
                 else if (IP_V(ip) == 6 && ip6->ip6_plen) {
                         if (TTEST2(tp->th_sport, length)) {
-                                sum = nextproto6_cksum(ip6, (const u_int8_t *)tp, length, IPPROTO_TCP);
+                                sum = nextproto6_cksum(ip6, (const u_int8_t *)tp,
+							length, length, IPPROTO_TCP);
                                 tcp_sum = EXTRACT_16BITS(&tp->th_sum);
 
                                 (void)printf(", cksum 0x%04x", tcp_sum);
diff --git a/print-udp.c b/print-udp.c
index a8566d04..cd41e323 100644
--- a/print-udp.c
+++ b/print-udp.c
@@ -289,8 +289,8 @@ static int udp_cksum(register const struct ip *ip,
 static int udp6_cksum(const struct ip6_hdr *ip6, const struct udphdr *up,
 	u_int len)
 {
-	return (nextproto6_cksum(ip6, (const u_int8_t *)(void *)up, len,
-	    IPPROTO_UDP));
+	return nextproto6_cksum(ip6, (const u_int8_t *)(void *)up, len, len,
+	    IPPROTO_UDP);
 }
 #endif
 
diff --git a/tests/TESTLIST b/tests/TESTLIST
index 30abaeda..6e54b8d8 100644
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -177,3 +177,5 @@ loopback	loopback.pcap		loopback.out		-t
 # DCCP partial checksums tests
 dccp_partial_csum_v4_simple	dccp_partial_csum_v4_simple.pcap	dccp_partial_csum_v4_simple.out -t -vv
 dccp_partial_csum_v4_longer	dccp_partial_csum_v4_longer.pcap	dccp_partial_csum_v4_longer.out -t -vv
+dccp_partial_csum_v6_simple	dccp_partial_csum_v6_simple.pcap	dccp_partial_csum_v6_simple.out -t -vv
+dccp_partial_csum_v6_longer	dccp_partial_csum_v6_longer.pcap	dccp_partial_csum_v6_longer.out -t -vv
diff --git a/tests/dccp_partial_csum_v6_longer.out b/tests/dccp_partial_csum_v6_longer.out
new file mode 100644
index 00000000..adee6c3a
--- /dev/null
+++ b/tests/dccp_partial_csum_v6_longer.out
@@ -0,0 +1,9 @@
+IP6 (hlim 64, next-header DCCP (33) payload length: 32) 3ffe::1.55024 > 3ffe::2.5001: CCVal 0, CsCov 0, cksum 0xd538 (correct), request (service=0) seq 1559687427 <change_l ack_ratio 2, change_r ccid 2, change_l ccid 2>
+IP6 (hlim 64, next-header DCCP (33) payload length: 48) 3ffe::2.5001 > 3ffe::1.55024: CCVal 0, CsCov 0, cksum 0x81a3 (correct), response (service=0) (ack=1559687427) seq 1585962456 <nop, nop, change_l ack_ratio 2, confirm_r ccid 2 2, confirm_l ccid 2 2, confirm_r ack_ratio 2>
+IP6 (hlim 64, next-header DCCP (33) payload length: 36) 3ffe::1.55024 > 3ffe::2.5001: CCVal 0, CsCov 0, cksum 0xc692 (correct), ack (ack=1585962456) seq 1559687428 <nop, confirm_r ack_ratio 2, ack_vector0 0x00, elapsed_time 1>
+IP6 (hlim 64, next-header DCCP (33) payload length: 164) 3ffe::1.55024 > 3ffe::2.5001: CCVal 0, CsCov 10, cksum 0xe362 (correct), dataack (ack=1585962456) seq 1559687429 <nop, nop, ack_vector0 0x00, elapsed_time 7282, ndp_count 1>
+IP6 (hlim 64, next-header DCCP (33) payload length: 32) 3ffe::2.5001 > 3ffe::1.55024: CCVal 0, CsCov 0, cksum 0xcdbb (correct), ack (ack=1559687429) seq 1585962457 <nop, ack_vector0 0x01, elapsed_time 1>
+IP6 (hlim 64, next-header DCCP (33) payload length: 160) 3ffe::1.55024 > 3ffe::2.5001: CCVal 0, CsCov 10, cksum 0x5574 (correct), dataack (ack=1585962457) seq 1559687430 <nop, ack_vector0 0x00, elapsed_time 55>
+IP6 (hlim 64, next-header DCCP (33) payload length: 32) 3ffe::1.55024 > 3ffe::2.5001: CCVal 0, CsCov 0, cksum 0xc778 (correct), close (ack=1585962457) seq 1559687431 <nop, ack_vector0 0x00, elapsed_time 67>
+IP6 (hlim 64, next-header DCCP (33) payload length: 32) 3ffe::2.5001 > 3ffe::1.55024: CCVal 0, CsCov 0, cksum 0xd2bc (correct), ack (ack=1559687430) seq 1585962458 <nop, nop, ack_vector0 0x00, ndp_count 1>
+IP6 (hlim 64, next-header DCCP (33) payload length: 40) 3ffe::2.5001 > 3ffe::1.55024: CCVal 0, CsCov 0, cksum 0xc186 (correct), reset (code=closed) (ack=1559687431) seq 1585962459 <nop, nop, ack_vector0 0x01, elapsed_time 1, ndp_count 2>
diff --git a/tests/dccp_partial_csum_v6_longer.pcap b/tests/dccp_partial_csum_v6_longer.pcap
new file mode 100644
index 00000000..644379d8
Binary files /dev/null and b/tests/dccp_partial_csum_v6_longer.pcap differ
diff --git a/tests/dccp_partial_csum_v6_simple.out b/tests/dccp_partial_csum_v6_simple.out
new file mode 100644
index 00000000..55136770
--- /dev/null
+++ b/tests/dccp_partial_csum_v6_simple.out
@@ -0,0 +1,7 @@
+IP6 (hlim 64, next-header DCCP (33) payload length: 32) 3ffe::1.52921 > 3ffe::2.5001: CCVal 0, CsCov 0, cksum 0xef1a (correct), request (service=0) seq 1337846929 <change_l ack_ratio 2, change_r ccid 2, change_l ccid 2>
+IP6 (hlim 64, next-header DCCP (33) payload length: 48) 3ffe::2.5001 > 3ffe::1.52921: CCVal 0, CsCov 0, cksum 0x0b73 (correct), response (service=0) (ack=1337846929) seq 1385331168 <nop, nop, change_l ack_ratio 2, confirm_r ccid 2 2, confirm_l ccid 2 2, confirm_r ack_ratio 2>
+IP6 (hlim 64, next-header DCCP (33) payload length: 36) 3ffe::1.52921 > 3ffe::2.5001: CCVal 0, CsCov 0, cksum 0x5062 (correct), ack (ack=1385331168) seq 1337846930 <nop, confirm_r ack_ratio 2, ack_vector0 0x00, elapsed_time 1>
+IP6 (hlim 64, next-header DCCP (33) payload length: 48) 3ffe::1.52921 > 3ffe::2.5001: CCVal 0, CsCov 1, cksum 0x8792 (correct), dataack (ack=1385331168) seq 1337846931 <nop, nop, ack_vector0 0x00, elapsed_time 49357, ndp_count 1>
+IP6 (hlim 64, next-header DCCP (33) payload length: 32) 3ffe::2.5001 > 3ffe::1.52921: CCVal 0, CsCov 0, cksum 0x578b (correct), ack (ack=1337846931) seq 1385331169 <nop, ack_vector0 0x01, elapsed_time 1>
+IP6 (hlim 64, next-header DCCP (33) payload length: 32) 3ffe::1.52921 > 3ffe::2.5001: CCVal 0, CsCov 0, cksum 0x61e0 (correct), close (ack=1385331169) seq 1337846932 <nop, ack_vector0 0x00, elapsed_time 61355>
+IP6 (hlim 64, next-header DCCP (33) payload length: 40) 3ffe::2.5001 > 3ffe::1.52921: CCVal 0, CsCov 0, cksum 0x4b59 (correct), reset (code=closed) (ack=1337846932) seq 1385331170 <nop, nop, ack_vector0 0x00, elapsed_time 2, ndp_count 1>
diff --git a/tests/dccp_partial_csum_v6_simple.pcap b/tests/dccp_partial_csum_v6_simple.pcap
new file mode 100644
index 00000000..c343d906
Binary files /dev/null and b/tests/dccp_partial_csum_v6_simple.pcap differ