From: guy <guy>
Date: Fri, 6 May 2005 02:53:41 +0000 (+0000)
Subject: Use TCHECK2() rather than "if(!TTEST()) goto trunc".
X-Git-Tag: tcpdump-3.9.1~64
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/3ecc7defd5c0b72158037579bc772d976bc958f8

Use TCHECK2() rather than "if(!TTEST()) goto trunc".

Make some length and type values unsigned, as they can't be negative.
Don't check for them being negative.

Check for a TLV length less than the TLV header length.
---

diff --git a/print-eigrp.c b/print-eigrp.c
index b8fccaf2..2378a50e 100644
--- a/print-eigrp.c
+++ b/print-eigrp.c
@@ -16,7 +16,7 @@
 
 #ifndef lint
 static const char rcsid[] _U_ =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-eigrp.c,v 1.5.2.1 2005-04-20 10:19:23 guy Exp $";
+    "@(#) $Header: /tcpdump/master/tcpdump/print-eigrp.c,v 1.5.2.2 2005-05-06 02:53:41 guy Exp $";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -216,7 +216,7 @@ eigrp_print(register const u_char *pptr, register u_int len) {
     const struct eigrp_common_header *eigrp_com_header;
     const struct eigrp_tlv_header *eigrp_tlv_header;
     const u_char *tptr,*tlv_tptr;
-    int tlen,eigrp_tlv_len,eigrp_tlv_type,tlv_tlen,byte_length, bit_length;
+    u_int tlen,eigrp_tlv_len,eigrp_tlv_type,tlv_tlen, byte_length, bit_length;
     u_int8_t prefix[4];
 
     union {
@@ -271,15 +271,15 @@ eigrp_print(register const u_char *pptr, register u_int len) {
 
     while(tlen>0) {
         /* did we capture enough for fully decoding the object header ? */
-        if (!TTEST2(*tptr, sizeof(struct eigrp_tlv_header)))
-            goto trunc;
+        TCHECK2(*tptr, sizeof(struct eigrp_tlv_header));
 
         eigrp_tlv_header = (const struct eigrp_tlv_header *)tptr;
         eigrp_tlv_len=EXTRACT_16BITS(&eigrp_tlv_header->length);
         eigrp_tlv_type=EXTRACT_16BITS(&eigrp_tlv_header->type);
 
 
-        if (eigrp_tlv_len == 0 || eigrp_tlv_len > tlen) {
+        if (eigrp_tlv_len < sizeof(struct eigrp_tlv_header) ||
+            eigrp_tlv_len > tlen) {
             print_unknown_data(tptr+sizeof(sizeof(struct eigrp_tlv_header)),"\n\t    ",tlen);
             return;
         }
@@ -295,8 +295,7 @@ eigrp_print(register const u_char *pptr, register u_int len) {
         tlv_tlen=eigrp_tlv_len-sizeof(struct eigrp_tlv_header);
 
         /* did we capture enough for fully decoding the object ? */
-        if (!TTEST2(*tptr, eigrp_tlv_len))
-            goto trunc;
+        TCHECK2(*tptr, eigrp_tlv_len);
 
         switch(eigrp_tlv_type) {
 
@@ -326,7 +325,7 @@ eigrp_print(register const u_char *pptr, register u_int len) {
             tlv_ptr.eigrp_tlv_ip_int = (const struct eigrp_tlv_ip_int_t *)tlv_tptr;
 
             bit_length = tlv_ptr.eigrp_tlv_ip_int->plen;
-            if (bit_length < 0 || bit_length > 32) {
+            if (bit_length > 32) {
                 printf("\n\t    illegal prefix length %u",bit_length);
                 break;
             }
@@ -355,7 +354,7 @@ eigrp_print(register const u_char *pptr, register u_int len) {
             tlv_ptr.eigrp_tlv_ip_ext = (const struct eigrp_tlv_ip_ext_t *)tlv_tptr;
 
             bit_length = tlv_ptr.eigrp_tlv_ip_ext->plen;
-            if (bit_length < 0 || bit_length > 32) {
+            if (bit_length > 32) {
                 printf("\n\t    illegal prefix length %u",bit_length);
                 break;
             }