SYSLOG: Make a few cleanups.

Add a comment to tell the specification. Untangle the PRI parsing code.
Replace a loop with nd_printn() to print a counted string.
This commit is contained in:
Denis Ovsienko 2020-09-30 02:51:28 +01:00
parent 38d92a4ff4
commit 4d8d97abab

View File

@ -15,6 +15,7 @@
*/
/* \summary: Syslog protocol printer */
/* specification: RFC 3164 (not RFC 5424) */
#ifdef HAVE_CONFIG_H
#include <config.h>
@ -90,24 +91,21 @@ syslog_print(netdissect_options *ndo,
* severity and facility values
*/
if (GET_U_1(pptr) == '<') {
if (GET_U_1(pptr) != '<')
goto invalid;
msg_off++;
while (msg_off <= SYSLOG_MAX_DIGITS &&
GET_U_1(pptr + msg_off) >= '0' &&
GET_U_1(pptr + msg_off) <= '9') {
pri = pri * 10 + (GET_U_1(pptr + msg_off) - '0');
msg_off++;
while (msg_off <= SYSLOG_MAX_DIGITS &&
GET_U_1(pptr + msg_off) >= '0' &&
GET_U_1(pptr + msg_off) <= '9') {
pri = pri * 10 + (GET_U_1(pptr + msg_off) - '0');
msg_off++;
}
if (GET_U_1(pptr + msg_off) != '>') {
nd_print_trunc(ndo);
return;
}
msg_off++;
} else {
nd_print_trunc(ndo);
return;
}
if (GET_U_1(pptr + msg_off) != '>')
goto invalid;
msg_off++;
facility = (pri & SYSLOG_FACILITY_MASK) >> 3;
severity = pri & SYSLOG_SEVERITY_MASK;
@ -128,10 +126,25 @@ syslog_print(netdissect_options *ndo,
severity);
/* print the syslog text in verbose mode */
for (; msg_off < len; msg_off++) {
fn_print_char(ndo, GET_U_1(pptr + msg_off));
}
/*
* RFC 3164 Section 4.1.3: "There is no ending delimiter to this part.
* The MSG part of the syslog packet MUST contain visible (printing)
* characters."
*
* RFC 5424 Section 8.2: "This document does not impose any mandatory
* restrictions on the MSG or PARAM-VALUE content. As such, they MAY
* contain control characters, including the NUL character."
*
* Hence, to aid in protocol debugging, print the full MSG without
* beautification to make it clear what was transmitted on the wire.
*/
if (len > msg_off)
(void)nd_printn(ndo, pptr + msg_off, len - msg_off, NULL);
if (ndo->ndo_vflag > 1)
print_unknown_data(ndo, pptr, "\n\t", len);
return;
invalid:
nd_print_invalid(ndo);
}