From: Guy Harris Date: Thu, 23 Oct 2014 07:06:32 +0000 (-0700) Subject: Don't run past the snapshot length when doing hex/ASCII dumps. X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/8079e28185d34d3bb4d195e21cb87d5fa8598601 Don't run past the snapshot length when doing hex/ASCII dumps. --- diff --git a/print-ascii.c b/print-ascii.c index fa8793cb..65815bde 100644 --- a/print-ascii.c +++ b/print-ascii.c @@ -59,8 +59,12 @@ static const char rcsid[] _U_ = void ascii_print(register const u_char *cp, register u_int length) { + u_int caplength; register int s; + caplength = (snapend >= cp) ? snapend - cp : 0; + if (length > caplength) + length = caplength; putchar('\n'); while (length > 0) { s = *cp++; @@ -77,12 +81,16 @@ void hex_and_ascii_print_with_offset(register const char *ident, register const u_char *cp, register u_int length, register u_int oset) { + u_int caplength; register u_int i; register int s1, s2; register int nshorts; char hexstuff[HEXDUMP_SHORTS_PER_LINE*HEXDUMP_HEXSTUFF_PER_SHORT+1], *hsp; char asciistuff[ASCII_LINELENGTH+1], *asp; + caplength = (snapend >= cp) ? snapend - cp : 0; + if (length > caplength) + length = caplength; nshorts = length / sizeof(u_short); i = 0; hsp = hexstuff; asp = asciistuff; @@ -134,9 +142,13 @@ void hex_print_with_offset(register const char *ident, register const u_char *cp, register u_int length, register u_int oset) { + u_int caplength; register u_int i, s; register int nshorts; + caplength = (snapend >= cp) ? snapend - cp : 0; + if (length > caplength) + length = caplength; nshorts = (u_int) length / sizeof(u_short); i = 0; while (--nshorts >= 0) { diff --git a/tcpdump.c b/tcpdump.c index cdfba892..88295d84 100644 --- a/tcpdump.c +++ b/tcpdump.c @@ -1720,6 +1720,11 @@ print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) hdrlen = (*print_info->p.printer)(h, sp); } + /* + * Restore the original snapend, as a printer might have + * changed it. + */ + snapend = sp + h->caplen; if (Xflag) { /* * Print the raw packet data in hex and ASCII.