diff options
author | Francois-Xavier Le Bail <fx.lebail@yahoo.com> | 2016-01-31 20:27:48 +0100 |
---|---|---|
committer | Francois-Xavier Le Bail <fx.lebail@yahoo.com> | 2016-01-31 20:52:31 +0100 |
commit | 20c9007debe6a04176c02842ec4d97641b67efb1 (patch) | |
tree | d55f3c229fa95614518a208fa586ca6b42b172d6 /print-vxlan.c | |
parent | fdc13e28cfc73e63c07fd6e9dc43b8925a0eb483 (diff) | |
download | tcpdump-20c9007debe6a04176c02842ec4d97641b67efb1.tar.gz |
VXLAN: Add a bound check
Moreover:
Add and use tstr[].
Add and use VXLAN_HDR_LEN.
Diffstat (limited to 'print-vxlan.c')
-rw-r--r-- | print-vxlan.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/print-vxlan.c b/print-vxlan.c index b9c87e20..8314aa78 100644 --- a/print-vxlan.c +++ b/print-vxlan.c @@ -22,6 +22,10 @@ #include "netdissect.h" #include "extract.h" +static const char tstr[] = " [|VXLAN]"; + +#define VXLAN_HDR_LEN 8 + /* * VXLAN header, RFC7348 * Virtual eXtensible Local Area Network (VXLAN): A Framework @@ -42,10 +46,10 @@ vxlan_print(netdissect_options *ndo, const u_char *bp, u_int len) uint8_t flags; uint32_t vni; - if (len < 8) { - ND_PRINT((ndo, "[|VXLAN]")); - return; - } + if (len < VXLAN_HDR_LEN) + goto trunc; + + ND_TCHECK2(*bp, VXLAN_HDR_LEN); flags = *bp; bp += 4; @@ -57,5 +61,10 @@ vxlan_print(netdissect_options *ndo, const u_char *bp, u_int len) ND_PRINT((ndo, "flags [%s] (0x%02x), ", flags & 0x08 ? "I" : ".", flags)); ND_PRINT((ndo, "vni %u\n", vni)); - ether_print(ndo, bp, len - 8, len - 8, NULL, NULL); + ether_print(ndo, bp, len - VXLAN_HDR_LEN, len - VXLAN_HDR_LEN, NULL, NULL); + + return; + +trunc: + ND_PRINT((ndo, "%s", tstr)); } |