From: Guy Harris <gharris@sonic.net>
Date: Sun, 14 Nov 2021 02:44:57 +0000 (-0800)
Subject: EAP: label length mismatch as a possible EAP fragment.
X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/cac8a3cd041622b06f5a24a6e1524b92a7f2998a

EAP: label length mismatch as a possible EAP fragment.

In some cases, EAP fragmentation/reassembly is done at a layer above
EAP, e.g. when EAP messages are contained within a RADIUS message and
are broken up into multiple TLVs in the message.  In those cases, the
length handed to eap_print() will be different from the length in the
first fragment's header, and the remaining fragments won't *have* a
header, so the "length" will be garbage and thus unlikely to be equal to
the length handed to us.
---

diff --git a/print-eap.c b/print-eap.c
index 8a2411cb..42b22f62 100644
--- a/print-eap.c
+++ b/print-eap.c
@@ -157,7 +157,14 @@ eap_print(netdissect_options *ndo,
     type = GET_U_1(cp);
     len = GET_BE_U_2(cp + 2);
     if(len != length) {
-       goto trunc;
+        /*
+         * Probably a fragment; in some cases the fragmentation might
+         * not put an EAP header on every packet, if reassembly can
+         * be done without that (e.g., fragmentation to make a message
+         * fit in multiple TLVs in a RADIUS packet).
+         */
+        ND_PRINT("EAP fragment?");
+        return;
     }
     ND_PRINT("%s (%u), id %u, len %u",
             tok2str(eap_code_values, "unknown", type),