From: Guy Harris Date: Fri, 1 Apr 2022 22:28:33 +0000 (-0700) Subject: Fail if nd_push_buffer() or nd_push_snaplen() fails. X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/e84f58700fe17ee5c4680247fcdcf506ff38587d Fail if nd_push_buffer() or nd_push_snaplen() fails. Always call ndo->ndo_error with a memory-allocation error if they fail. Add WARN_UNUSED_RESULT for compilers that support it, and use it for those routines, so that any future code that doesn't check for failure gets a warning. --- diff --git a/funcattrs.h b/funcattrs.h index 02a0a74f..21f3cc1d 100644 --- a/funcattrs.h +++ b/funcattrs.h @@ -87,6 +87,19 @@ #define NORETURN_FUNCPTR #endif +/* + * WARN_UNUSED_RESULT, before a function declaration, means "the caller + * should use the result of this function" (even if it's just a success/ + * failure indication). + */ +#if __has_attribute(warn_unused_result) \ + || ND_IS_AT_LEAST_GNUC_VERSION(3,4) \ + || ND_IS_AT_LEAST_HP_C_VERSION(6,25) + #define WARN_UNUSED_RESULT __attribute((warn_unused_result)) +#else + #define WARN_UNUSED_RESULT +#endif + /* * PRINTFLIKE(x,y), after a function declaration, means "this function * does printf-style formatting, with the xth argument being the format diff --git a/netdissect.h b/netdissect.h index f53499e9..909b7c87 100644 --- a/netdissect.h +++ b/netdissect.h @@ -262,9 +262,10 @@ struct netdissect_options { PRINTFLIKE_FUNCPTR(2, 3); }; -extern int nd_push_buffer(netdissect_options *, u_char *, const u_char *, - u_int); -extern int nd_push_snaplen(netdissect_options *, const u_char *, u_int); +extern WARN_UNUSED_RESULT int nd_push_buffer(netdissect_options *, u_char *, + const u_char *, u_int); +extern WARN_UNUSED_RESULT int nd_push_snaplen(netdissect_options *, + const u_char *, u_int); extern void nd_change_snaplen(netdissect_options *, const u_char *, u_int); extern void nd_pop_packet_info(netdissect_options *); extern void nd_pop_all_packet_info(netdissect_options *); diff --git a/print-esp.c b/print-esp.c index 22af35b3..fb94a60a 100644 --- a/print-esp.c +++ b/print-esp.c @@ -331,7 +331,8 @@ int esp_decrypt_buffer_by_ikev2_print(netdissect_options *ndo, */ if (!nd_push_buffer(ndo, pt, pt, ctlen)) { free(pt); - return 0; + (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, + "%s: can't push buffer on buffer stack", __func__); } return 1; @@ -907,7 +908,10 @@ esp_print(netdissect_options *ndo, * Don't put padding + padding length(1 byte) + next header(1 byte) * in the buffer because they are not part of the plaintext to decode. */ - nd_push_snaplen(ndo, pt, payloadlen - (padlen + 2)); + if (!nd_push_snaplen(ndo, pt, payloadlen - (padlen + 2))) { + (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, + "%s: can't push snaplen on buffer stack", __func__); + } /* Now dissect the plaintext. */ ip_demux_print(ndo, pt, payloadlen - (padlen + 2), ver, fragmented, diff --git a/print-ether.c b/print-ether.c index 1b273e16..b1865d17 100644 --- a/print-ether.c +++ b/print-ether.c @@ -306,7 +306,10 @@ recurse: * Cut off the snapshot length to the end of the * payload. */ - nd_push_snaplen(ndo, p, length); + if (!nd_push_snaplen(ndo, p, length)) { + (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, + "%s: can't push snaplen on buffer stack", __func__); + } if (ndo->ndo_eflag) { ND_PRINT("802.3"); diff --git a/print-ip.c b/print-ip.c index 4f9617a3..23ba99c9 100644 --- a/print-ip.c +++ b/print-ip.c @@ -377,7 +377,10 @@ ip_print(netdissect_options *ndo, /* * Cut off the snapshot length to the end of the IP payload. */ - nd_push_snaplen(ndo, bp, len); + if (!nd_push_snaplen(ndo, bp, len)) { + (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, + "%s: can't push snaplen on buffer stack", __func__); + } len -= hlen; diff --git a/print-ip6.c b/print-ip6.c index 15b30630..82948334 100644 --- a/print-ip6.c +++ b/print-ip6.c @@ -305,7 +305,10 @@ ip6_print(netdissect_options *ndo, const u_char *bp, u_int length) /* * Cut off the snapshot length to the end of the IP payload. */ - nd_push_snaplen(ndo, bp, len); + if (!nd_push_snaplen(ndo, bp, len)) { + (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, + "%s: can't push snaplen on buffer stack", __func__); + } cp = (const u_char *)ip6; advance = sizeof(struct ip6_hdr);