diff options
| author | Guy Harris <gharris@sonic.net> | 2022-03-31 02:29:19 -0700 |
|---|---|---|
| committer | Guy Harris <gharris@sonic.net> | 2022-03-31 02:29:19 -0700 |
| commit | 6a681e6a16943fb363b5403e84272a1ddaccf28e (patch) | |
| tree | cb5d9d72a18e02b59814b60dbe9099b2da56c900 /print-ip.c | |
| parent | 6bd6fe46630359208a2948451e2ce52db1002cd0 (diff) | |
| download | tcpdump-6a681e6a16943fb363b5403e84272a1ddaccf28e.tar.gz | |
Have routines that set the snapend take a buffer pointer and length as args.
Have nd_push_buffer() take a snapshot length, not a snapshot end, as
its last argument.
Replace nd_push_snapend() and nd_change_snapend() with nd_push_snaplen()
and nd_change_snaplen(), both of which take a pointer into the packet
buffer and snapshot length relative to that pointer as arguments. Have
those routines check the snapshot length to make sure it's not bigger
than the number of bytes in the packet past the pointer, and silently
ignore the requst if it is.
Using a length rather than a pointer avoids the possibility of the
calculation of the snapshot end overflowing and resulting in a snapshot
end *before* the point in the buffer.
Add a test for this, with a capture file containing an IPv6 packet with
an extremely large "jumbo" packet size.
Revert the "Make sure we don't set the snapend before the beginning of
the packet." changes, as they no longer apply with this change (which
also makes sure we don't set the snapend before the beginning of the
packet).
Diffstat (limited to 'print-ip.c')
| -rw-r--r-- | print-ip.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -377,7 +377,7 @@ ip_print(netdissect_options *ndo, /* * Cut off the snapshot length to the end of the IP payload. */ - nd_push_snapend(ndo, bp + len); + nd_push_snaplen(ndo, bp, len); len -= hlen; |