Guy Harris [Tue, 10 Jul 2018 08:01:15 +0000 (01:01 -0700)]
Clean up handling of different packet types.
Only look at the header for control packets; we don't know what the
payload contains for other packet types.
This fixes some cases where we fail to check whether we have a full
header before fetching from the header - we only need to fetch from the
header for control packets, so we now only need to check that we have it
for control packets; make sure we *don't* look at the header for other
packet types.
Update the v0 code to match draft-ietf-bfd-base-01, which was the last
draft that discussed v0.
Guy Harris [Mon, 9 Jul 2018 16:42:17 +0000 (09:42 -0700)]
Clean up dissection.
Don't use pointers to anything other than octets; there is no guarantee
that the L2TP packet is aligned on a 2-byte or 4-byte boundary, and
there is no need to pretend that we have pointers to aligned values -
we're using the EXTRACT_ macros, which will fetch multi-byte integral
values regardless of the alignment of the pointer.
This also fixes some cases where we were advancing 2 bytes after
processing a 1-byte field - we were incrementing a uint16_t * by 1,
which means advancing it by 2 bytes, and we're now incrementing the
uint8_t * by 1.
Don't cast a 4-byte integer to u_long - EXTRACT_BE_U_4() is guaranteed
to return something printable with %u.
Don't fetch fields dividded into "high" and "low" portions 2 bytes at a
time and reassemble them; the only reason they're divided into "high"
and "low" partitions in the ASCII-art diagrams in RFC 2661 is that those
diagrams tend to show packets in the form of 32-bit words, and those
fields aren't aligned on 32-bit word boundaries, so we can just fetch
those fields with EXTRACT_BE_U_4().
Don't print a sequence of AVPs by recursion; iterate instead.
Found with -Wunreachable-code clang compiler option.
The errors were:
./print-esp.c:263:3: warning: code will never be executed
[-Wunreachable-code]
free(input_buffer);
^~~~
./print-esp.c:246:3: warning: code will never be executed
[-Wunreachable-code]
EVP_CIPHER_CTX_free(ctx);
^~~~~~~~~~~~~~~~~~~
./print-esp.c:843:5: warning: code will never be executed
[-Wunreachable-code]
free(input_buffer);
^~~~
./print-esp.c:826:5: warning: code will never be executed
[-Wunreachable-code]
EVP_CIPHER_CTX_free(ctx);
^~~~~~~~~~~~~~~~~~~
Guy Harris [Fri, 22 Jun 2018 22:28:10 +0000 (15:28 -0700)]
Clean up processing of RPC request header.
Don't just blast through it and do a single check at the end to make
sure we didn't run past the end of the packet; check for the
fixed-length part of the credentials, then check for the variable-length
part of the credentials, and then do the same two steps for the
verifier.
Fix the checks against the on-the-network length while we're at it.
Francois-Xavier Le Bail [Tue, 5 Jun 2018 12:19:33 +0000 (14:19 +0200)]
Include conditionally <config.h> in netdissect-alloc.c
This should suppress the warning reported by Gisle Vanem:
In file included from netdissect-alloc.c:18:
In file included from ./netdissect-alloc.h:22:
./netdissect.h(131,14): warning: '_strdup' redeclared without 'dllimport'
attribute: previous 'dllimport' ignored [-Winconsistent-dllimport]
extern char *strdup (const char *str);
^
./netdissect-stdinc.h(219,18): note: expanded from macro 'strdup'
#define strdup _strdup
^
Guy Harris [Thu, 24 May 2018 19:11:09 +0000 (12:11 -0700)]
Cast dport and sport to u_int before shifting them.
The result of the expression is ultimately going to be put into a u_int;
cast them to u_int so that we'll be shifting unsigned values left rather
than int values, to avoid undefined behavior.
Guy Harris [Wed, 23 May 2018 21:43:47 +0000 (14:43 -0700)]
Declare the NFLOG pseudo-header ourselves.
It's not specified by a libpcap header that might have a different
layout in different pcap releases, it's specified on the list of
link-layer header types and must remain the same forever (except for
getting additional bits defined), so we don't need to pick it up from
libpcap.
This means we get to use tcpdump's nd_ types; do so.
Guy Harris [Wed, 23 May 2018 21:12:45 +0000 (14:12 -0700)]
Declare the Bluetooth pseudo-header ourselves.
It's not specified by a libpcap header that might have a different
layout in different pcap releases, it's specified on the list of
link-layer header types and must remain the same forever (except for
getting additional bits defined), so we don't need to pick it up from
libpcap.
This means we get to use tcpdump's nd_ types; do so.
Francois-Xavier Le Bail [Fri, 18 May 2018 20:18:46 +0000 (22:18 +0200)]
Add the fn_print_str() function
This function print a null-terminated string, filtering out non-printable
characters.
DON'T USE IT with a pointer on the packet buffer because there is no
truncation check. For this use, see the nd_printX() functions.
Guy Harris [Mon, 14 May 2018 08:52:54 +0000 (01:52 -0700)]
Make the hex-dumping routines for addresses take a uint8_t * argument.
Hopefully, that will convince Coverity that the result of dereferencing
those pointers will have a value between 0x00 and 0xff, and therefore
that shifting that result right by 4 bits will yield a value between 0x0
and 0xf, and therefore that this result can safely be used as an index
into the 16-element hex[] array.
I guess Coverity wants us to realize that there really *are* C
implementations out there with non-8-bit char and unsigned char values,
even though getting tcpdump to work on them will probably be a highly
entertaining exercise (not to mention that the only one I know of that's
actually being *used* are the Unisys Clearpath Dorado series, and
they're one's complement, which is yet *another* place where the port
could be entertaining...).
projects / tcpdump / log
