diff options
| author | Guy Harris <gharris@sonic.net> | 2021-01-05 18:01:26 -0800 |
|---|---|---|
| committer | Guy Harris <gharris@sonic.net> | 2021-01-05 18:08:50 -0800 |
| commit | f853e73acf39658125ce42861e49ce4a181611d3 (patch) | |
| tree | 726d5d178648599e9abb246f7554eb08f1444b83 | |
| parent | 6e816702d95742b18cbeb38a65958e531e48240a (diff) | |
| download | tcpdump-f853e73acf39658125ce42861e49ce4a181611d3.tar.gz | |
Replace ND_TCHECK_/memcpy() pairs with GET_CPY_BYTES().
For BGP, this eliminates some cases where routines return -1 on
truncation; clean up after that.
This also means that some memcpy()s get replaced by UNALIGNED_MEMCPY(),
which may fix some issues on processors that don't support unaligned
accesses.
| -rw-r--r-- | print-bgp.c | 69 | ||||
| -rw-r--r-- | print-domain.c | 4 | ||||
| -rw-r--r-- | print-icmp6.c | 6 | ||||
| -rw-r--r-- | print-isoclns.c | 5 | ||||
| -rw-r--r-- | print-ospf6.c | 3 |
5 files changed, 16 insertions, 71 deletions
diff --git a/print-bgp.c b/print-bgp.c index 5de10032..9688a4ed 100644 --- a/print-bgp.c +++ b/print-bgp.c @@ -598,20 +598,16 @@ decode_prefix4(netdissect_options *ndo, memset(&addr, 0, sizeof(addr)); plenbytes = (plen + 7) / 8; - ND_TCHECK_LEN(pptr + 1, plenbytes); ITEMCHECK(plenbytes); - memcpy(&addr, pptr + 1, plenbytes); + GET_CPY_BYTES(&addr, pptr + 1, plenbytes); if (plen % 8) { ((u_char *)&addr)[plenbytes - 1] &= ((0xff00 >> (plen % 8)) & 0xff); } snprintf(buf, buflen, "%s/%u", ipaddr_string(ndo, (const u_char *)&addr), plen); return 1 + plenbytes; -trunc: - return -2; - badtlv: - return -3; + return -2; } static int @@ -646,9 +642,8 @@ decode_labeled_prefix4(netdissect_options *ndo, memset(&addr, 0, sizeof(addr)); plenbytes = (plen + 7) / 8; - ND_TCHECK_LEN(pptr + 4, plenbytes); ITEMCHECK(plenbytes); - memcpy(&addr, pptr + 4, plenbytes); + GET_CPY_BYTES(&addr, pptr + 4, plenbytes); if (plen % 8) { ((u_char *)&addr)[plenbytes - 1] &= ((0xff00 >> (plen % 8)) & 0xff); } @@ -1030,8 +1025,7 @@ decode_rt_routing_info(netdissect_options *ndo, */ memset(&route_target, 0, sizeof(route_target)); num_octets = (plen + 7) / 8; - ND_TCHECK_LEN(pptr + 5, num_octets); - memcpy(&route_target, pptr + 5, num_octets); + GET_CPY_BYTES(&route_target, pptr + 5, num_octets); /* If mask-len is not on octet boundary, ensure all extra bits are 0 */ if (plen % 8) { ((u_char *)&route_target)[num_octets - 1] &= @@ -1042,8 +1036,6 @@ decode_rt_routing_info(netdissect_options *ndo, bgp_rt_prefix_print(ndo, (u_char *)&route_target, plen)); return 5 + num_octets; -trunc: - return -2; } static int @@ -1064,8 +1056,7 @@ decode_labeled_vpn_prefix4(netdissect_options *ndo, return -1; memset(&addr, 0, sizeof(addr)); - ND_TCHECK_LEN(pptr + 12, (plen + 7) / 8); - memcpy(&addr, pptr + 12, (plen + 7) / 8); + GET_CPY_BYTES(&addr, pptr + 12, (plen + 7) / 8); if (plen % 8) { ((u_char *)&addr)[(plen + 7) / 8 - 1] &= ((0xff00 >> (plen % 8)) & 0xff); @@ -1079,9 +1070,6 @@ decode_labeled_vpn_prefix4(netdissect_options *ndo, ((GET_U_1(pptr + 3) & 1) == 0) ? "(BOGUS: Bottom of Stack NOT set!)" : "(bottom)" ); return 12 + (plen + 7) / 8; - -trunc: - return -2; } /* @@ -1381,9 +1369,8 @@ decode_prefix6(netdissect_options *ndo, memset(&addr, 0, sizeof(addr)); plenbytes = (plen + 7) / 8; - ND_TCHECK_LEN(pd + 1, plenbytes); ITEMCHECK(plenbytes); - memcpy(&addr, pd + 1, plenbytes); + GET_CPY_BYTES(&addr, pd + 1, plenbytes); if (plen % 8) { addr[plenbytes - 1] &= ((0xff00 >> (plen % 8)) & 0xff); @@ -1391,11 +1378,8 @@ decode_prefix6(netdissect_options *ndo, snprintf(buf, buflen, "%s/%u", ip6addr_string(ndo, (const u_char *)&addr), plen); return 1 + plenbytes; -trunc: - return -2; - badtlv: - return -3; + return -2; } static int @@ -1421,8 +1405,7 @@ decode_labeled_prefix6(netdissect_options *ndo, memset(&addr, 0, sizeof(addr)); plenbytes = (plen + 7) / 8; - ND_TCHECK_LEN(pptr + 4, plenbytes); - memcpy(&addr, pptr + 4, plenbytes); + GET_CPY_BYTES(&addr, pptr + 4, plenbytes); if (plen % 8) { addr[plenbytes - 1] &= ((0xff00 >> (plen % 8)) & 0xff); @@ -1461,8 +1444,7 @@ decode_labeled_vpn_prefix6(netdissect_options *ndo, return -1; memset(&addr, 0, sizeof(addr)); - ND_TCHECK_LEN(pptr + 12, (plen + 7) / 8); - memcpy(&addr, pptr + 12, (plen + 7) / 8); + GET_CPY_BYTES(&addr, pptr + 12, (plen + 7) / 8); if (plen % 8) { addr[(plen + 7) / 8 - 1] &= ((0xff00 >> (plen % 8)) & 0xff); @@ -1476,9 +1458,6 @@ decode_labeled_vpn_prefix6(netdissect_options *ndo, ((GET_U_1(pptr + 3) & 1) == 0) ? "(BOGUS: Bottom of Stack NOT set!)" : "(bottom)" ); return 12 + (plen + 7) / 8; - -trunc: - return -2; } static int @@ -1494,8 +1473,7 @@ decode_clnp_prefix(netdissect_options *ndo, return -1; memset(&addr, 0, sizeof(addr)); - ND_TCHECK_LEN(pptr + 4, (plen + 7) / 8); - memcpy(&addr, pptr + 4, (plen + 7) / 8); + GET_CPY_BYTES(&addr, pptr + 4, (plen + 7) / 8); if (plen % 8) { addr[(plen + 7) / 8 - 1] &= ((0xff00 >> (plen % 8)) & 0xff); @@ -1506,9 +1484,6 @@ decode_clnp_prefix(netdissect_options *ndo, plen); return 1 + (plen + 7) / 8; - -trunc: - return -2; } static int @@ -1529,8 +1504,7 @@ decode_labeled_vpn_clnp_prefix(netdissect_options *ndo, return -1; memset(&addr, 0, sizeof(addr)); - ND_TCHECK_LEN(pptr + 12, (plen + 7) / 8); - memcpy(&addr, pptr + 12, (plen + 7) / 8); + GET_CPY_BYTES(&addr, pptr + 12, (plen + 7) / 8); if (plen % 8) { addr[(plen + 7) / 8 - 1] &= ((0xff00 >> (plen % 8)) & 0xff); } @@ -1544,9 +1518,6 @@ decode_labeled_vpn_clnp_prefix(netdissect_options *ndo, ((GET_U_1(pptr + 3) & 1) == 0) ? "(BOGUS: Bottom of Stack NOT set!)" : "(bottom)" ); return 12 + (plen + 7) / 8; - -trunc: - return -2; } /* @@ -1753,8 +1724,6 @@ bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi, if (advance == -1) ND_PRINT("\n\t (illegal prefix length)"); else if (advance == -2) - goto trunc; - else if (advance == -3) break; /* bytes left, but not enough */ else ND_PRINT("\n\t %s", buf); @@ -1780,15 +1749,11 @@ bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi, advance = decode_labeled_vpn_prefix4(ndo, tptr, buf, buflen); if (advance == -1) ND_PRINT("\n\t (illegal prefix length)"); - else if (advance == -2) - goto trunc; else ND_PRINT("\n\t %s", buf); break; case (AFNUM_INET<<8 | SAFNUM_RT_ROUTING_INFO): advance = decode_rt_routing_info(ndo, tptr); - if (advance == -2) - goto trunc; break; case (AFNUM_INET<<8 | SAFNUM_MULTICAST_VPN): /* fall through */ case (AFNUM_INET6<<8 | SAFNUM_MULTICAST_VPN): @@ -1821,8 +1786,6 @@ bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi, if (advance == -1) ND_PRINT("\n\t (illegal prefix length)"); else if (advance == -2) - goto trunc; - else if (advance == -3) break; /* bytes left, but not enough */ else ND_PRINT("\n\t %s", buf); @@ -1848,8 +1811,6 @@ bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi, advance = decode_labeled_vpn_prefix6(ndo, tptr, buf, buflen); if (advance == -1) ND_PRINT("\n\t (illegal prefix length)"); - else if (advance == -2) - goto trunc; else ND_PRINT("\n\t %s", buf); break; @@ -1871,8 +1832,6 @@ bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi, advance = decode_clnp_prefix(ndo, tptr, buf, buflen); if (advance == -1) ND_PRINT("\n\t (illegal prefix length)"); - else if (advance == -2) - goto trunc; else ND_PRINT("\n\t %s", buf); break; @@ -1882,8 +1841,6 @@ bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi, advance = decode_labeled_vpn_clnp_prefix(ndo, tptr, buf, buflen); if (advance == -1) ND_PRINT("\n\t (illegal prefix length)"); - else if (advance == -2) - goto trunc; else ND_PRINT("\n\t %s", buf); break; @@ -2800,8 +2757,6 @@ bgp_update_print(netdissect_options *ndo, ND_PRINT("\n\t (illegal prefix length)"); break; } else if (wpfx == -2) - goto trunc; - else if (wpfx == -3) goto trunc; /* bytes left, but not enough */ else { ND_PRINT("\n\t %s", buf); @@ -2917,8 +2872,6 @@ bgp_update_print(netdissect_options *ndo, ND_PRINT("\n\t (illegal prefix length)"); break; } else if (i == -2) - goto trunc; - else if (i == -3) goto trunc; /* bytes left, but not enough */ else { ND_PRINT("\n\t %s", buf); diff --git a/print-domain.c b/print-domain.c index 74c71dba..c3c6fd8f 100644 --- a/print-domain.c +++ b/print-domain.c @@ -796,10 +796,8 @@ ns_rprint(netdissect_options *ndo, ND_PRINT(" %u(bad plen)", pbit); break; } else if (pbit < 128) { - if (!ND_TTEST_LEN(cp + 1, sizeof(a) - pbyte)) - return(NULL); memset(a, 0, sizeof(a)); - memcpy(a + pbyte, cp + 1, sizeof(a) - pbyte); + GET_CPY_BYTES(a + pbyte, cp + 1, sizeof(a) - pbyte); ND_PRINT(" %u %s", pbit, addrtostr6(&a, ntop_buf, sizeof(ntop_buf))); } diff --git a/print-icmp6.c b/print-icmp6.c index ba1f6e61..f16c1fa9 100644 --- a/print-icmp6.c +++ b/print-icmp6.c @@ -1514,12 +1514,10 @@ icmp6_opt_print(netdissect_options *ndo, const u_char *bp, int resid) case 1: break; case 2: - ND_TCHECK_8(opri + 1); - memcpy(&in6, opri + 1, 8); + GET_CPY_BYTES(&in6, opri + 1, 8); break; case 3: - ND_TCHECK_16(opri + 1); - memcpy(&in6, opri + 1, 16); + GET_CPY_BYTES(&in6, opri + 1, 16); break; default: goto trunc; diff --git a/print-isoclns.c b/print-isoclns.c index 3b4a1502..ddd55953 100644 --- a/print-isoclns.c +++ b/print-isoclns.c @@ -2307,9 +2307,8 @@ isis_print_extd_ip_reach(netdissect_options *ndo, byte_length = (bit_length + 7) / 8; /* prefix has variable length encoding */ - ND_TCHECK_LEN(tptr, byte_length); memset(prefix, 0, sizeof(prefix)); /* clear the copy buffer */ - memcpy(prefix,tptr,byte_length); /* copy as much as is stored in the TLV */ + GET_CPY_BYTES(prefix,tptr,byte_length); /* copy as much as is stored in the TLV */ tptr+=byte_length; processed+=byte_length; @@ -2360,8 +2359,6 @@ isis_print_extd_ip_reach(netdissect_options *ndo, } } return (processed); -trunc: - return 0; } static void diff --git a/print-ospf6.c b/print-ospf6.c index 1b862b30..1bdcd681 100644 --- a/print-ospf6.c +++ b/print-ospf6.c @@ -425,9 +425,8 @@ ospf6_print_lsaprefix(netdissect_options *ndo, if (lsa_length < wordlen * 4) goto trunc; lsa_length -= wordlen * 4; - ND_TCHECK_LEN(lsapp->lsa_p_prefix, wordlen * 4); memset(prefix, 0, sizeof(prefix)); - memcpy(prefix, lsapp->lsa_p_prefix, wordlen * 4); + GET_CPY_BYTES(prefix, lsapp->lsa_p_prefix, wordlen * 4); ND_PRINT("\n\t\t%s/%u", ip6addr_string(ndo, prefix), /* local buffer, not packet data; don't use GET_IP6ADDR_STRING() */ GET_U_1(lsapp->lsa_p_len)); if (GET_U_1(lsapp->lsa_p_opt)) { |