From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr>
Date: Fri, 5 Nov 2021 20:48:31 +0000 (+0100)
Subject: Ethernet: Add a length check
X-Git-Tag: tcpdump-4.99.2~200
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/ad645a712d076c5759b7c1da33876d3f46cbc68f

Ethernet: Add a length check

This fix some undefined behaviors at runtime.

The errors were like:

print-ether.c:241:11: runtime error: unsigned integer overflow:
  1 - 2 cannot be represented in type 'unsigned int'
print-ether.c:242:11: runtime error: unsigned integer overflow:
  1 - 2 cannot be represented in type 'unsigned int'

Moreover:
Fix indentation.

(cherry picked from commit c72751f8cdc8bf0f87d26531d24d74aaddf377f2)
---

diff --git a/print-ether.c b/print-ether.c
index e1d5db21..a6c55c1c 100644
--- a/print-ether.c
+++ b/print-ether.c
@@ -222,7 +222,7 @@ recurse:
 		}
 
 		int ret = macsec_print(ndo, &p, &length, &caplen, &hdrlen,
-		    &src, &dst);
+				       &src, &dst);
 
 		if (ret == 0) {
 			/* Payload is encrypted; print it as raw data. */
@@ -238,6 +238,7 @@ recurse:
 			 */
 			length_type = GET_BE_U_2(p);
 
+			ND_LCHECK_U(caplen, 2);
 			length -= 2;
 			caplen -= 2;
 			p += 2;
@@ -403,6 +404,7 @@ recurse:
 				ND_DEFAULTPRINT(p, caplen);
 		}
 	}
+invalid:
 	return hdrlen;
 }