diff options
| author | Denis Ovsienko <denis@ovsienko.info> | 2020-12-02 00:01:43 +0000 |
|---|---|---|
| committer | Denis Ovsienko <denis@ovsienko.info> | 2020-12-02 00:01:43 +0000 |
| commit | 66587af01ff6d3fc4cdea3ca5138ff595b8beedb (patch) | |
| tree | 80cc672eba132e33ee901568535298a0c7891c4b /print-sflow.c | |
| parent | 5c959b2a4cccc2d9b70a9dba2e4dbb52135b6e13 (diff) | |
| download | tcpdump-66587af01ff6d3fc4cdea3ca5138ff595b8beedb.tar.gz | |
sFlow: Modernize packet parsing style.
Enable ND_LONGJMP_FROM_TCHECK. Remove many redundant ND_TCHECK*()
instances. Report invalid packets as invalid, not truncated. Test
whether the invalid packet is entirely in the buffer. Fix a typo in a
comment. Use a variable where it was intended.
Diffstat (limited to 'print-sflow.c')
| -rw-r--r-- | print-sflow.c | 79 |
1 files changed, 12 insertions, 67 deletions
diff --git a/print-sflow.c b/print-sflow.c index ba79e6a6..51325e28 100644 --- a/print-sflow.c +++ b/print-sflow.c @@ -27,6 +27,7 @@ #include "netdissect-stdinc.h" +#define ND_LONGJMP_FROM_TCHECK #include "netdissect.h" #include "extract.h" #include "addrtoname.h" @@ -308,7 +309,6 @@ print_sflow_counter_generic(netdissect_options *ndo, return 1; sflow_gen_counter = (const struct sflow_generic_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_gen_counter); ND_PRINT("\n\t ifindex %u, iftype %u, ifspeed %" PRIu64 ", ifdirection %u (%s)", GET_BE_U_4(sflow_gen_counter->ifindex), GET_BE_U_4(sflow_gen_counter->iftype), @@ -342,9 +342,6 @@ print_sflow_counter_generic(netdissect_options *ndo, GET_BE_U_4(sflow_gen_counter->ifpromiscmode)); return 0; - -trunc: - return 1; } static int @@ -357,7 +354,6 @@ print_sflow_counter_ethernet(netdissect_options *ndo, return 1; sflow_eth_counter = (const struct sflow_ethernet_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_eth_counter); ND_PRINT("\n\t align errors %u, fcs errors %u, single collision %u, multiple collision %u, test error %u", GET_BE_U_4(sflow_eth_counter->alignerrors), GET_BE_U_4(sflow_eth_counter->fcserrors), @@ -376,9 +372,6 @@ print_sflow_counter_ethernet(netdissect_options *ndo, GET_BE_U_4(sflow_eth_counter->symbol_errors)); return 0; - -trunc: - return 1; } static int @@ -398,7 +391,6 @@ print_sflow_counter_basevg(netdissect_options *ndo, return 1; sflow_100basevg_counter = (const struct sflow_100basevg_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_100basevg_counter); ND_PRINT("\n\t in high prio frames %u, in high prio octets %" PRIu64, GET_BE_U_4(sflow_100basevg_counter->in_highpriority_frames), GET_BE_U_8(sflow_100basevg_counter->in_highpriority_octets)); @@ -423,9 +415,6 @@ print_sflow_counter_basevg(netdissect_options *ndo, GET_BE_U_8(sflow_100basevg_counter->hc_out_highpriority_octets)); return 0; - -trunc: - return 1; } static int @@ -438,7 +427,6 @@ print_sflow_counter_vlan(netdissect_options *ndo, return 1; sflow_vlan_counter = (const struct sflow_vlan_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_vlan_counter); ND_PRINT("\n\t vlan_id %u, octets %" PRIu64 ", unicast_pkt %u, multicast_pkt %u, broadcast_pkt %u, discards %u", GET_BE_U_4(sflow_vlan_counter->vlan_id), @@ -449,9 +437,6 @@ print_sflow_counter_vlan(netdissect_options *ndo, GET_BE_U_4(sflow_vlan_counter->discards)); return 0; - -trunc: - return 1; } struct sflow_processor_counter_t { @@ -472,7 +457,6 @@ print_sflow_counter_processor(netdissect_options *ndo, return 1; sflow_processor_counter = (const struct sflow_processor_counter_t *)pointer; - ND_TCHECK_SIZE(sflow_processor_counter); ND_PRINT("\n\t 5sec %u, 1min %u, 5min %u, total_mem %" PRIu64 ", total_mem %" PRIu64, GET_BE_U_4(sflow_processor_counter->five_sec_util), @@ -482,9 +466,6 @@ print_sflow_counter_processor(netdissect_options *ndo, GET_BE_U_8(sflow_processor_counter->free_memory)); return 0; - -trunc: - return 1; } static int @@ -508,7 +489,6 @@ sflow_print_counter_records(netdissect_options *ndo, if (tlen < sizeof(struct sflow_counter_record_t)) return 1; sflow_counter_record = (const struct sflow_counter_record_t *)tptr; - ND_TCHECK_SIZE(sflow_counter_record); enterprise = GET_BE_U_4(sflow_counter_record->format); counter_type = enterprise & 0x0FFF; @@ -564,9 +544,6 @@ sflow_print_counter_records(netdissect_options *ndo, } return 0; - -trunc: - return 1; } static int @@ -580,7 +557,6 @@ sflow_print_counter_sample(netdissect_options *ndo, return 1; sflow_counter_sample = (const struct sflow_counter_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_counter_sample); nrecords = GET_BE_U_4(sflow_counter_sample->records); @@ -593,9 +569,6 @@ sflow_print_counter_sample(netdissect_options *ndo, return sflow_print_counter_records(ndo, pointer + sizeof(struct sflow_counter_sample_t), len - sizeof(struct sflow_counter_sample_t), nrecords); - -trunc: - return 1; } static int @@ -610,7 +583,6 @@ sflow_print_expanded_counter_sample(netdissect_options *ndo, return 1; sflow_expanded_counter_sample = (const struct sflow_expanded_counter_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_expanded_counter_sample); nrecords = GET_BE_U_4(sflow_expanded_counter_sample->records); @@ -623,9 +595,6 @@ sflow_print_expanded_counter_sample(netdissect_options *ndo, return sflow_print_counter_records(ndo, pointer + sizeof(struct sflow_expanded_counter_sample_t), len - sizeof(struct sflow_expanded_counter_sample_t), nrecords); - -trunc: - return 1; } static int @@ -638,7 +607,6 @@ print_sflow_raw_packet(netdissect_options *ndo, return 1; sflow_flow_raw = (const struct sflow_expanded_flow_raw_t *)pointer; - ND_TCHECK_SIZE(sflow_flow_raw); ND_PRINT("\n\t protocol %s (%u), length %u, stripped bytes %u, header_size %u", tok2str(sflow_flow_raw_protocol_values,"Unknown",GET_BE_U_4(sflow_flow_raw->protocol)), GET_BE_U_4(sflow_flow_raw->protocol), @@ -647,12 +615,9 @@ print_sflow_raw_packet(netdissect_options *ndo, GET_BE_U_4(sflow_flow_raw->header_size)); /* QUESTION - should we attempt to print the raw header itself? - assuming of course there is wnough data present to do so... */ + assuming of course there is enough data present to do so... */ return 0; - -trunc: - return 1; } static int @@ -665,16 +630,12 @@ print_sflow_ethernet_frame(netdissect_options *ndo, return 1; sflow_ethernet_frame = (const struct sflow_ethernet_frame_t *)pointer; - ND_TCHECK_SIZE(sflow_ethernet_frame); ND_PRINT("\n\t frame len %u, type %u", GET_BE_U_4(sflow_ethernet_frame->length), GET_BE_U_4(sflow_ethernet_frame->type)); return 0; - -trunc: - return 1; } static int @@ -687,7 +648,6 @@ print_sflow_extended_switch_data(netdissect_options *ndo, return 1; sflow_extended_sw_data = (const struct sflow_extended_switch_data_t *)pointer; - ND_TCHECK_SIZE(sflow_extended_sw_data); ND_PRINT("\n\t src vlan %u, src pri %u, dst vlan %u, dst pri %u", GET_BE_U_4(sflow_extended_sw_data->src_vlan), GET_BE_U_4(sflow_extended_sw_data->src_pri), @@ -695,9 +655,6 @@ print_sflow_extended_switch_data(netdissect_options *ndo, GET_BE_U_4(sflow_extended_sw_data->dst_pri)); return 0; - -trunc: - return 1; } static int @@ -722,7 +679,6 @@ sflow_print_flow_records(netdissect_options *ndo, return 1; sflow_flow_record = (const struct sflow_flow_record_t *)tptr; - ND_TCHECK_SIZE(sflow_flow_record); /* so, the funky encoding means we cannot blythly mask-off bits, we must also check the enterprise. */ @@ -785,9 +741,6 @@ sflow_print_flow_records(netdissect_options *ndo, } return 0; - -trunc: - return 1; } static int @@ -801,7 +754,6 @@ sflow_print_flow_sample(netdissect_options *ndo, return 1; sflow_flow_sample = (const struct sflow_flow_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_flow_sample); nrecords = GET_BE_U_4(sflow_flow_sample->records); @@ -819,9 +771,6 @@ sflow_print_flow_sample(netdissect_options *ndo, return sflow_print_flow_records(ndo, pointer + sizeof(struct sflow_flow_sample_t), len - sizeof(struct sflow_flow_sample_t), nrecords); - -trunc: - return 1; } static int @@ -835,7 +784,6 @@ sflow_print_expanded_flow_sample(netdissect_options *ndo, return 1; sflow_expanded_flow_sample = (const struct sflow_expanded_flow_sample_t *)pointer; - ND_TCHECK_SIZE(sflow_expanded_flow_sample); nrecords = GET_BE_U_4(sflow_expanded_flow_sample->records); @@ -846,14 +794,11 @@ sflow_print_expanded_flow_sample(netdissect_options *ndo, GET_BE_U_4(sflow_expanded_flow_sample->rate), GET_BE_U_4(sflow_expanded_flow_sample->pool), GET_BE_U_4(sflow_expanded_flow_sample->drops), - GET_BE_U_4(sflow_expanded_flow_sample->records)); + nrecords); return sflow_print_flow_records(ndo, pointer + sizeof(struct sflow_expanded_flow_sample_t), len - sizeof(struct sflow_expanded_flow_sample_t), nrecords); - -trunc: - return 1; } void @@ -917,13 +862,12 @@ sflow_print(netdissect_options *ndo, while (nsamples > 0 && tlen > 0) { sflow_sample = (const struct sflow_sample_header *)tptr; - ND_TCHECK_SIZE(sflow_sample); sflow_sample_type = (GET_BE_U_4(sflow_sample->format)&0x0FFF); sflow_sample_len = GET_BE_U_4(sflow_sample->len); if (tlen < sizeof(struct sflow_sample_header)) - goto trunc; + goto invalid; tptr += sizeof(struct sflow_sample_header); tlen -= sizeof(struct sflow_sample_header); @@ -939,7 +883,7 @@ sflow_print(netdissect_options *ndo, } if (tlen < sflow_sample_len) - goto trunc; + goto invalid; /* did we capture enough for fully decoding the sample ? */ ND_TCHECK_LEN(tptr, sflow_sample_len); @@ -947,22 +891,22 @@ sflow_print(netdissect_options *ndo, switch(sflow_sample_type) { case SFLOW_FLOW_SAMPLE: if (sflow_print_flow_sample(ndo, tptr, tlen)) - goto trunc; + goto invalid; break; case SFLOW_COUNTER_SAMPLE: if (sflow_print_counter_sample(ndo, tptr,tlen)) - goto trunc; + goto invalid; break; case SFLOW_EXPANDED_FLOW_SAMPLE: if (sflow_print_expanded_flow_sample(ndo, tptr, tlen)) - goto trunc; + goto invalid; break; case SFLOW_EXPANDED_COUNTER_SAMPLE: if (sflow_print_expanded_counter_sample(ndo, tptr,tlen)) - goto trunc; + goto invalid; break; default: @@ -976,6 +920,7 @@ sflow_print(netdissect_options *ndo, } return; - trunc: - nd_print_trunc(ndo); +invalid: + nd_print_invalid(ndo); + ND_TCHECK_LEN(tptr, tlen); } |