From 83afc6862927510f50d50e4a157c81a56d38a959 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail Date: Fri, 16 Feb 2024 16:49:02 +0100 Subject: [PATCH] pflog: Modernize packet parsing Enable ND_LONGJMP_FROM_TCHECK and remove a 'trunc' label. Add MAX_PFLOG_HDRLEN and use it for a test. Use ND_ICHECK_U() in length tests and add an 'invalid' label. Don't check the truncation with ND_TCHECK_SIZE(hdr), because the sizeof(hdr) depend on the OS. Use ND_TCHECK_LEN(hdr, hdrlen). Increment ndo_ll_hdr_len only in non-truncation case. --- print-pflog.c | 31 ++++++++++--------------------- 1 file changed, 10 insertions(+), 21 deletions(-) diff --git a/print-pflog.c b/print-pflog.c index edfeaaed..14277700 100644 --- a/print-pflog.c +++ b/print-pflog.c @@ -27,6 +27,7 @@ #include "netdissect-stdinc.h" +#define ND_LONGJMP_FROM_TCHECK #include "netdissect.h" #include "extract.h" #include "af.h" @@ -80,6 +81,7 @@ struct pfloghdr { nd_uint16_t dport; #endif }; +#define MAX_PFLOG_HDRLEN 100 /* 61 + 3 + 16 + 16 + 2 + 2 */ /* * Reason values. @@ -252,29 +254,17 @@ pflog_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, ndo->ndo_protocol = "pflog"; /* check length */ - if (caplen < sizeof(uint8_t)) { - nd_print_trunc(ndo); - ndo->ndo_ll_hdr_len += h->caplen; - return; - } + ND_ICHECK_U(length, <, MIN_PFLOG_HDRLEN); hdr = (const struct pfloghdr *)p; hdrlen = GET_U_1(hdr->length); - if (hdrlen < MIN_PFLOG_HDRLEN) { - ND_PRINT("[pflog: invalid header length!]"); - ndo->ndo_ll_hdr_len += hdrlen; /* XXX: not really */ - return; - } + ND_ICHECK_U(hdrlen, <, MIN_PFLOG_HDRLEN); hdrlen = roundup2(hdrlen, 4); - - if (caplen < hdrlen) { - nd_print_trunc(ndo); - ndo->ndo_ll_hdr_len += hdrlen; /* XXX: true? */ - return; - } + ND_ICHECK_U(hdrlen, >, MAX_PFLOG_HDRLEN); /* print what we know */ - ND_TCHECK_SIZE(hdr); + ND_TCHECK_LEN(hdr, hdrlen); + ndo->ndo_ll_hdr_len += hdrlen; if (ndo->ndo_eflag) pflog_print(ndo, hdr); @@ -314,9 +304,8 @@ pflog_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h, ND_DEFAULTPRINT(p, caplen); } - ndo->ndo_ll_hdr_len += hdrlen; return; -trunc: - nd_print_trunc(ndo); - ndo->ndo_ll_hdr_len += hdrlen; + +invalid: + nd_print_invalid(ndo); }