From: Denis Ovsienko <denis@ovsienko.info>
Date: Mon, 12 Oct 2020 21:55:41 +0000 (+0100)
Subject: PKTAP: Modernize packet parsing style.
X-Git-Tag: tcpdump-4.99-bp~108
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/9d7cc12ee913c3805c6516fdf4cbe4cd496fee55

PKTAP: Modernize packet parsing style.

Enable ND_LONGJMP_FROM_TCHECK. Remove one redundant custom bounds check
and replace another with an ND_TCHECK_LEN(). Add two length checks and
convert one. Report invalid packets appropriately. Update a test.
---

diff --git a/print-pktap.c b/print-pktap.c
index 7ae10f0f..b9cfdab0 100644
--- a/print-pktap.c
+++ b/print-pktap.c
@@ -27,6 +27,7 @@
 
 #include "netdissect-stdinc.h"
 
+#define ND_LONGJMP_FROM_TCHECK
 #include "netdissect.h"
 #include "extract.h"
 
@@ -107,10 +108,10 @@ pktap_if_print(netdissect_options *ndo,
 	struct pcap_pkthdr nhdr;
 
 	ndo->ndo_protocol = "pktap";
-	if (caplen < sizeof(pktap_header_t)) {
-		nd_print_trunc(ndo);
-		ndo->ndo_ll_hdr_len += caplen;
-		return;
+	if (length < sizeof(pktap_header_t)) {
+		ND_PRINT(" (packet too short, %u < %u)",
+		         length, (unsigned)sizeof(pktap_header_t));
+		goto invalid;
 	}
 	hdr = (const pktap_header_t *)p;
 	dlt = GET_LE_U_4(hdr->pkt_dlt);
@@ -123,15 +124,16 @@ pktap_if_print(netdissect_options *ndo,
 		 * is the length supplied so that the header can
 		 * be expanded in the future)?
 		 */
-		nd_print_trunc(ndo);
-		ndo->ndo_ll_hdr_len += caplen;
-		return;
+		ND_PRINT(" (pkt_len too small, %u < %u)",
+		         hdrlen, (unsigned)sizeof(pktap_header_t));
+		goto invalid;
 	}
-	if (caplen < hdrlen) {
-		nd_print_trunc(ndo);
-		ndo->ndo_ll_hdr_len += caplen;
-		return;
+	if (hdrlen > length) {
+		ND_PRINT(" (pkt_len too big, %u > %u)",
+		         hdrlen, length);
+		goto invalid;
 	}
+	ND_TCHECK_LEN(p, hdrlen);
 
 	if (ndo->ndo_eflag)
 		pktap_header_print(ndo, p, length);
@@ -167,5 +169,9 @@ pktap_if_print(netdissect_options *ndo,
 	}
 
 	ndo->ndo_ll_hdr_len += hdrlen;
+	return;
+
+invalid:
+	nd_print_invalid(ndo);
 }
 #endif /* DLT_PKTAP */
diff --git a/tests/pktap-heap-overflow.out b/tests/pktap-heap-overflow.out
index 78c1687a..00440a28 100644
--- a/tests/pktap-heap-overflow.out
+++ b/tests/pktap-heap-overflow.out
@@ -1,2 +1,2 @@
-    1  05:27:35.808464432  [|pktap]
+    1  05:27:35.808464432  (pkt_len too small, 0 < 108) (invalid)
     2  05:27:12.808595504  [|ppp_hdlc]