VXLAN: Add a bound check

Moreover: Add and use tstr[]. Add and use VXLAN_HDR_LEN.
author: Francois-Xavier Le Bail <fx.lebail@yahoo.com> 2016-01-31 20:27:48 +0100
committer: Francois-Xavier Le Bail <fx.lebail@yahoo.com> 2016-01-31 20:52:31 +0100
commit: 20c9007debe6a04176c02842ec4d97641b67efb1 (patch)
tree: d55f3c229fa95614518a208fa586ca6b42b172d6 /print-vxlan.c
parent: fdc13e28cfc73e63c07fd6e9dc43b8925a0eb483 (diff)
download: tcpdump-20c9007debe6a04176c02842ec4d97641b67efb1.tar.gz
1 files changed, 14 insertions, 5 deletions
diff --git a/print-vxlan.c b/print-vxlan.c
index b9c87e20..8314aa78 100644
--- a/print-vxlan.c
+++ b/print-vxlan.c
@@ -22,6 +22,10 @@
 #include "netdissect.h"
 #include "extract.h"
 
+static const char tstr[] = " [|VXLAN]";
+
+#define VXLAN_HDR_LEN 8
+
 /*
  * VXLAN header, RFC7348
  *               Virtual eXtensible Local Area Network (VXLAN): A Framework
@@ -42,10 +46,10 @@ vxlan_print(netdissect_options *ndo, const u_char *bp, u_int len)
     uint8_t flags;
     uint32_t vni;
 
-    if (len < 8) {
-        ND_PRINT((ndo, "[|VXLAN]"));
-        return;
-    }
+    if (len < VXLAN_HDR_LEN)
+        goto trunc;
+
+    ND_TCHECK2(*bp, VXLAN_HDR_LEN);
 
     flags = *bp;
     bp += 4;
@@ -57,5 +61,10 @@ vxlan_print(netdissect_options *ndo, const u_char *bp, u_int len)
     ND_PRINT((ndo, "flags [%s] (0x%02x), ", flags & 0x08 ? "I" : ".", flags));
     ND_PRINT((ndo, "vni %u\n", vni));
 
-    ether_print(ndo, bp, len - 8, len - 8, NULL, NULL);
+    ether_print(ndo, bp, len - VXLAN_HDR_LEN, len - VXLAN_HDR_LEN, NULL, NULL);
+
+    return;
+
+trunc:
+    ND_PRINT((ndo, "%s", tstr));
 }
author	Francois-Xavier Le Bail <fx.lebail@yahoo.com>	2016-01-31 20:27:48 +0100
committer	Francois-Xavier Le Bail <fx.lebail@yahoo.com>	2016-01-31 20:52:31 +0100
commit	20c9007debe6a04176c02842ec4d97641b67efb1 (patch)
tree	d55f3c229fa95614518a208fa586ca6b42b172d6 /print-vxlan.c
parent	fdc13e28cfc73e63c07fd6e9dc43b8925a0eb483 (diff)
download	tcpdump-20c9007debe6a04176c02842ec4d97641b67efb1.tar.gz