From cfa9ab5f80dd9a1024e1a765bc0d24c57652b6bc Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sun, 17 Jan 2021 23:11:19 +0000 Subject: [PATCH] Try the new ND_LCHECK*() macros. [skip ci] --- print-aodv.c | 45 +++++++++------------------------------------ print-atalk.c | 37 ++++++++----------------------------- print-egp.c | 5 +---- print-geneve.c | 10 ++-------- print-l2tp.c | 5 +---- print-olsr.c | 26 ++++++-------------------- print-rip.c | 29 +++++++---------------------- print-rsvp.c | 13 +++---------- print-udp.c | 10 ++-------- 9 files changed, 39 insertions(+), 141 deletions(-) diff --git a/print-aodv.c b/print-aodv.c index 93f52200..da3c37c9 100644 --- a/print-aodv.c +++ b/print-aodv.c @@ -161,10 +161,7 @@ aodv_extension(netdissect_options *ndo, switch (ext_type) { case AODV_EXT_HELLO: ah = (const struct aodv_hello *)(const void *)ep; - if (length < sizeof(struct aodv_hello)) { - ND_PRINT(" (ext data length %u < %zu)", length, sizeof(struct aodv_hello)); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(struct aodv_hello), "ext data length"); if (ext_length < 4) { ND_PRINT("\n\text HELLO - bad length %u", ext_length); goto invalid; @@ -189,10 +186,7 @@ aodv_rreq(netdissect_options *ndo, const u_char *dat, u_int length) u_int i; const struct aodv_rreq *ap = (const struct aodv_rreq *)dat; - if (length < sizeof(*ap)) { - ND_PRINT(" (message length %u)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*ap), "message length"); ND_PRINT(" %u %s%s%s%s%shops %u id 0x%08x\n" "\tdst %s seq %u src %s seq %u", length, GET_U_1(ap->rreq_type) & RREQ_JOIN ? "[J]" : "", @@ -221,10 +215,7 @@ aodv_rrep(netdissect_options *ndo, const u_char *dat, u_int length) u_int i; const struct aodv_rrep *ap = (const struct aodv_rrep *)dat; - if (length < sizeof(*ap)) { - ND_PRINT(" (message length %u)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*ap), "message length"); ND_PRINT(" %u %s%sprefix %u hops %u\n" "\tdst %s dseq %u src %s %u ms", length, GET_U_1(ap->rrep_type) & RREP_REPAIR ? "[R]" : "", @@ -251,20 +242,14 @@ aodv_rerr(netdissect_options *ndo, const u_char *dat, u_int length) const struct aodv_rerr *ap = (const struct aodv_rerr *)dat; const struct rerr_unreach *dp; - if (length < sizeof(*ap)) { - ND_PRINT(" (message length %u)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*ap), "message length"); ND_PRINT(" %s [items %u] [%u]:", GET_U_1(ap->rerr_flags) & RERR_NODELETE ? "[D]" : "", GET_U_1(ap->rerr_dc), length); dp = (const struct rerr_unreach *)(dat + sizeof(*ap)); i = length - sizeof(*ap); for (dc = GET_U_1(ap->rerr_dc); dc != 0; dc--) { - if (i < sizeof(*dp)) { - ND_PRINT(" (remaining length %u)", i); - goto invalid; - } + ND_LCHECKMSG_ZU(i, sizeof(*dp), "remaining length"); ND_PRINT(" {%s}(%u)", GET_IPADDR_STRING(dp->u_da), GET_BE_U_4(dp->u_ds)); dp++; @@ -282,10 +267,7 @@ aodv_v6_rreq(netdissect_options *ndo, const u_char *dat, u_int length) u_int i; const struct aodv_rreq6 *ap = (const struct aodv_rreq6 *)dat; - if (length < sizeof(*ap)) { - ND_PRINT(" (message length %u)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*ap), "message length"); ND_PRINT(" %u %s%s%s%s%shops %u id 0x%08x\n" "\tdst %s seq %u src %s seq %u", length, GET_U_1(ap->rreq_type) & RREQ_JOIN ? "[J]" : "", @@ -314,10 +296,7 @@ aodv_v6_rrep(netdissect_options *ndo, const u_char *dat, u_int length) u_int i; const struct aodv_rrep6 *ap = (const struct aodv_rrep6 *)dat; - if (length < sizeof(*ap)) { - ND_PRINT(" (message length %u)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*ap), "message length"); ND_PRINT(" %u %s%sprefix %u hops %u\n" "\tdst %s dseq %u src %s %u ms", length, GET_U_1(ap->rrep_type) & RREP_REPAIR ? "[R]" : "", @@ -344,20 +323,14 @@ aodv_v6_rerr(netdissect_options *ndo, const u_char *dat, u_int length) const struct aodv_rerr *ap = (const struct aodv_rerr *)dat; const struct rerr_unreach6 *dp6; - if (length < sizeof(*ap)) { - ND_PRINT(" (message length %u)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*ap), "message length"); ND_PRINT(" %s [items %u] [%u]:", GET_U_1(ap->rerr_flags) & RERR_NODELETE ? "[D]" : "", GET_U_1(ap->rerr_dc), length); dp6 = (const struct rerr_unreach6 *)(const void *)(ap + 1); i = length - sizeof(*ap); for (dc = GET_U_1(ap->rerr_dc); dc != 0; dc--) { - if (i < sizeof(*dp6)) { - ND_PRINT(" (remaining length %u)", i); - goto invalid; - } + ND_LCHECKMSG_ZU(i, sizeof(*dp6), "remaining length"); ND_PRINT(" {%s}(%u)", GET_IP6ADDR_STRING(dp6->u_da), GET_BE_U_4(dp6->u_ds)); dp6++; diff --git a/print-atalk.c b/print-atalk.c index 9cca576e..4e1fa3d2 100644 --- a/print-atalk.c +++ b/print-atalk.c @@ -166,10 +166,7 @@ llap_print(netdissect_options *ndo, u_int hdrlen; ndo->ndo_protocol = "llap"; - if (length < sizeof(*lp)) { - ND_PRINT(" (LLAP length %u is too small)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*lp), "LLAP length"); lp = (const struct LAP *)bp; bp += sizeof(*lp); length -= sizeof(*lp); @@ -178,10 +175,7 @@ llap_print(netdissect_options *ndo, case lapShortDDP: ndo->ndo_protocol = "sddp"; - if (length < ddpSSize) { - ND_PRINT(" (SDDP length %u is too small)", length); - goto invalid; - } + ND_LCHECKMSG_U(length, ddpSSize, "SDDP length"); sdp = (const struct atShortDDP *)bp; ND_PRINT("%s.%s", ataddr_string(ndo, 0, GET_U_1(lp->src)), @@ -198,10 +192,7 @@ llap_print(netdissect_options *ndo, case lapDDP: ndo->ndo_protocol = "ddp"; - if (length < ddpSize) { - ND_PRINT(" (DDP length %u is too small)", length); - goto invalid; - } + ND_LCHECKMSG_U(length, ddpSize, "DDP length"); dp = (const struct atDDP *)bp; snet = GET_BE_U_2(dp->srcNet); ND_PRINT("%s.%s", @@ -245,10 +236,7 @@ atalk_print(netdissect_options *ndo, if(!ndo->ndo_eflag) ND_PRINT("AT "); - if (length < ddpSize) { - ND_PRINT(" (length %u is too small)", length); - goto invalid; - } + ND_LCHECK_U(length, ddpSize); dp = (const struct atDDP *)bp; snet = GET_BE_U_2(dp->srcNet); ND_PRINT("%s.%s", ataddr_string(ndo, snet, GET_U_1(dp->srcNode)), @@ -279,10 +267,7 @@ aarp_print(netdissect_options *ndo, ndo->ndo_protocol = "aarp"; ND_PRINT("aarp "); ap = (const struct aarp *)bp; - if (length < sizeof(*ap)) { - ND_PRINT(" (length %u is too small)", length); - goto invalid; - } + ND_LCHECK_ZU(length, sizeof(*ap)); ND_TCHECK_SIZE(ap); if (GET_BE_U_2(ap->htype) == 1 && GET_BE_U_2(ap->ptype) == ETHERTYPE_ATALK && @@ -346,10 +331,7 @@ atp_print(netdissect_options *ndo, uint32_t data; ndo->ndo_protocol = "atp"; - if (length < sizeof(*ap)) { - ND_PRINT(" (ATP length %u is too small)", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*ap), "ATP length"); length -= sizeof(*ap); control = GET_U_1(ap->control); switch (control & 0xc0) { @@ -476,11 +458,8 @@ nbp_print(netdissect_options *ndo, uint8_t control; u_int i; - if (length < nbpHeaderSize + 8) { - /* must be room for at least one tuple */ - ND_PRINT(" undersized-nbp %u", length); - goto invalid; - } + /* must be room for at least one tuple */ + ND_LCHECKMSG_U(length, nbpHeaderSize + 8, "undersized-nbp"); length -= nbpHeaderSize; control = GET_U_1(np->control); ND_PRINT(" nbp-%s", tok2str(nbp_str, "0x%x", control & 0xf0)); diff --git a/print-egp.c b/print-egp.c index bb93b025..bf9578db 100644 --- a/print-egp.c +++ b/print-egp.c @@ -265,10 +265,7 @@ egp_print(netdissect_options *ndo, ndo->ndo_protocol = "egp"; egp = (const struct egp_packet *)bp; - if (length < sizeof(*egp)) { - ND_PRINT(" packet length %u < %zu", length, sizeof(*egp)); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(*egp), "packet length"); ND_TCHECK_SIZE(egp); version = GET_U_1(egp->egp_version); diff --git a/print-geneve.c b/print-geneve.c index b58666cc..4d5dda6b 100644 --- a/print-geneve.c +++ b/print-geneve.c @@ -117,10 +117,7 @@ geneve_opts_print(netdissect_options *ndo, const u_char *bp, u_int len) uint8_t opt_type; uint8_t opt_len; - if (len < 4) { - ND_PRINT(" (remaining options length %u < 4)", len); - goto invalid; - } + ND_LCHECKMSG_U(len, 4, "remaining options length"); ND_PRINT("%s", sep); sep = ", "; @@ -172,10 +169,7 @@ geneve_print(netdissect_options *ndo, const u_char *bp, u_int len) ndo->ndo_protocol = "geneve"; ND_PRINT("Geneve"); - if (len < 8) { - ND_PRINT(" [length %u < 8]", len); - goto invalid; - } + ND_LCHECK_U(len, 8); ver_opt = GET_U_1(bp); bp += 1; diff --git a/print-l2tp.c b/print-l2tp.c index 51bb93a0..184ff752 100644 --- a/print-l2tp.c +++ b/print-l2tp.c @@ -577,10 +577,7 @@ l2tp_avp_print(netdissect_options *ndo, const u_char *dat, u_int length) len = GET_BE_U_2(dat) & L2TP_AVP_HDR_LEN_MASK; /* If it is not long enough to contain the header, we'll give up. */ - if (len < 6) { - ND_PRINT(" (AVP length %u < 6)", len); - goto invalid; - } + ND_LCHECKMSG_U(len, 6, "AVP length"); /* If it goes past the end of the remaining length of the packet, we'll give up. */ diff --git a/print-olsr.c b/print-olsr.c index ba1a9f5a..df796d95 100644 --- a/print-olsr.c +++ b/print-olsr.c @@ -325,10 +325,7 @@ olsr_print(netdissect_options *ndo, nd_print_protocol_caps(ndo); ND_PRINT("v%u", (is_ipv6) ? 6 : 4); - if (length < sizeof(struct olsr_common)) { - ND_PRINT(" (packet length < %zu)", sizeof(struct olsr_common)); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(struct olsr_common), "packet length"); ptr.common = (const struct olsr_common *)tptr; length = ND_MIN(length, GET_BE_U_2(ptr.common->packet_len)); @@ -420,10 +417,7 @@ olsr_print(netdissect_options *ndo, switch (msg_type) { case OLSR_HELLO_MSG: case OLSR_HELLO_LQ_MSG: - if (msg_tlen < sizeof(struct olsr_hello)) { - ND_PRINT(" (message length < %zu)", sizeof(struct olsr_hello)); - goto invalid; - } + ND_LCHECKMSG_ZU(msg_tlen, sizeof(struct olsr_hello), "message length"); ptr.hello = (const struct olsr_hello *)msg_data; ND_PRINT("\n\t hello-time %.3fs, MPR willingness %u", @@ -481,10 +475,7 @@ olsr_print(netdissect_options *ndo, case OLSR_TC_MSG: case OLSR_TC_LQ_MSG: - if (msg_tlen < sizeof(struct olsr_tc)) { - ND_PRINT(" (message length < %zu)", sizeof(struct olsr_tc)); - goto invalid; - } + ND_LCHECKMSG_ZU(msg_tlen, sizeof(struct olsr_tc), "message length"); ND_TCHECK_LEN(msg_data, sizeof(struct olsr_tc)); ptr.tc = (const struct olsr_tc *)msg_data; @@ -614,10 +605,7 @@ olsr_print(netdissect_options *ndo, int name_entries_valid; u_int i; - if (msg_tlen < 4) { - ND_PRINT(" (message length < 4)"); - goto invalid; - } + ND_LCHECKMSG_U(msg_tlen, 4, "message length"); name_entries = GET_BE_U_2(msg_data + 2); addr_size = 4; @@ -666,10 +654,8 @@ olsr_print(netdissect_options *ndo, if (name_entry_len%4 != 0) name_entry_padding = 4-(name_entry_len%4); - if (msg_tlen < addr_size + name_entry_len + name_entry_padding) { - ND_PRINT(" (oversized name entry)"); - goto invalid; - } + ND_LCHECKMSG_U(msg_tlen, addr_size + name_entry_len + name_entry_padding, + "name entry length"); ND_TCHECK_LEN(msg_data, addr_size + name_entry_len + name_entry_padding); diff --git a/print-rip.c b/print-rip.c index e9262e10..8aea1f8a 100644 --- a/print-rip.c +++ b/print-rip.c @@ -195,8 +195,7 @@ rip_entry_print_v1(netdissect_options *ndo, const u_char *p, const struct rip_netinfo_v1 *ni = (const struct rip_netinfo_v1 *)p; /* RFC 1058 */ - if (remaining < RIP_ROUTELEN) - goto invalid; + ND_LCHECKMSG_U(remaining, RIP_ROUTELEN, "remaining data length"); ND_TCHECK_SIZE(ni); family = GET_BE_U_2(ni->rip_family); if (family != BSD_AFNUM_INET && family != 0) { @@ -233,8 +232,7 @@ rip_entry_print_v2(netdissect_options *ndo, const u_char *p, u_short family; const struct rip_netinfo_v2 *ni; - if (remaining < sizeof(*eh)) - goto invalid; + ND_LCHECKMSG_ZU(remaining, sizeof(*eh), "remaining data length"); ND_TCHECK_SIZE(eh); family = GET_BE_U_2(eh->rip_family); if (family == 0xFFFF) { /* variable-sized authentication structures */ @@ -249,8 +247,7 @@ rip_entry_print_v2(netdissect_options *ndo, const u_char *p, const struct rip_auth_crypto_v2 *ch; ch = (const struct rip_auth_crypto_v2 *)p; - if (remaining < sizeof(*ch)) - goto invalid; + ND_LCHECKMSG_ZU(remaining, sizeof(*ch), "remaining data length"); ND_PRINT("\n\t Auth header:"); ND_PRINT(" Packet Len %u,", GET_BE_U_2(ch->rip_packet_len)); @@ -275,8 +272,7 @@ rip_entry_print_v2(netdissect_options *ndo, const u_char *p, print_unknown_data(ndo, p + sizeof(*eh), "\n\t ", RIP_ROUTELEN - sizeof(*eh)); } else { /* BSD_AFNUM_INET or AFI 0 */ ni = (const struct rip_netinfo_v2 *)p; - if (remaining < sizeof(*ni)) - goto invalid; + ND_LCHECKMSG_ZU(remaining, sizeof(*ni), "remaining data length"); ND_PRINT("\n\t AFI %s, %15s/%-2d, tag 0x%04x, metric: %u, next-hop: ", tok2str(bsd_af_values, "%u", family), GET_IPADDR_STRING(ni->rip_dest), @@ -302,10 +298,7 @@ rip_print(netdissect_options *ndo, unsigned entry_size; ndo->ndo_protocol = "rip"; - if (len < sizeof(*rp)) { - ND_PRINT(" (packet length %u)", len); - goto invalid; - } + ND_LCHECKMSG_ZU(len, sizeof(*rp), "packet length"); rp = (const struct rip *)p; @@ -340,11 +333,7 @@ rip_print(netdissect_options *ndo, /* Error */ goto invalid; } - if (len < entry_size) { - ND_PRINT(" [remaining entries length %u < %u]", - len, entry_size); - goto invalid; - } + ND_LCHECKMSG_U(len, entry_size, "remaining entries length"); p += entry_size; len -= entry_size; } @@ -358,11 +347,7 @@ rip_print(netdissect_options *ndo, /* Error */ goto invalid; } - if (len < entry_size) { - ND_PRINT(" [remaining entries length %u < %u]", - len, entry_size); - goto invalid; - } + ND_LCHECKMSG_U(len, entry_size, "remaining entries length"); p += entry_size; len -= entry_size; } diff --git a/print-rsvp.c b/print-rsvp.c index 29deb44d..86744e06 100644 --- a/print-rsvp.c +++ b/print-rsvp.c @@ -519,10 +519,7 @@ rsvp_intserv_print(netdissect_options *ndo, uint32_t i; } bw; - if (obj_tlen < 4) { - ND_PRINT(" (obj_tlen %u < 4)", obj_tlen); - goto invalid; - } + ND_LCHECK_U(obj_tlen, 4); parameter_id = GET_U_1(tptr); parameter_length = GET_BE_U_2(tptr + 2)<<2; /* convert wordcount to bytecount */ @@ -532,10 +529,7 @@ rsvp_intserv_print(netdissect_options *ndo, parameter_length, GET_U_1(tptr + 1)); - if (obj_tlen < parameter_length + 4) { - ND_PRINT(" (obj_tlen %u < %u)", obj_tlen, parameter_length + 4); - goto invalid; - } + ND_LCHECK_U(obj_tlen, parameter_length + 4); switch(parameter_id) { /* parameter_id */ case 4: @@ -1258,8 +1252,7 @@ rsvp_obj_print(netdissect_options *ndo, * each iteration subobj_len may happen to be a multiple of 1 * and test it and total_subobj_len respectively. */ - if (total_subobj_len < 4) - goto invalid; + ND_LCHECK_U(total_subobj_len, 4); subobj_len = GET_BE_U_2(obj_tptr); subobj_type = (GET_BE_U_2(obj_tptr + 2))>>8; af = (GET_BE_U_2(obj_tptr + 2))&0x00FF; diff --git a/print-udp.c b/print-udp.c index b315f1e7..fc0710d6 100644 --- a/print-udp.c +++ b/print-udp.c @@ -369,10 +369,7 @@ udp_print(netdissect_options *ndo, const u_char *bp, u_int length, if (ndo->ndo_packettype != PT_RPC) udpipaddr_print(ndo, ip, sport, dport); - if (length < sizeof(struct udphdr)) { - ND_PRINT("undersized-udp %u", length); - goto invalid; - } + ND_LCHECKMSG_ZU(length, sizeof(struct udphdr), "undersized-udp"); ulen = GET_BE_U_2(up->uh_ulen); udp_sum = GET_BE_U_2(up->uh_sum); /* @@ -382,10 +379,7 @@ udp_print(netdissect_options *ndo, const u_char *bp, u_int length, */ if (ulen == 0 && length > 65535) ulen = length; - if (ulen < sizeof(struct udphdr)) { - ND_PRINT("undersized-udplength %u", ulen); - goto invalid; - } + ND_LCHECKMSG_ZU(ulen, sizeof(struct udphdr), "undersized-udplength"); ulen -= sizeof(struct udphdr); length -= sizeof(struct udphdr); if (ulen < length) -- 2.39.5