The bounds check is already done before by ND_TCHECK2(*msg_data, addr_size +
name_entry_len + name_entry_padding).
So we are deliberately ignoring the return values of fn_printn with last
argument NULL (no bounds check).
Don't run past the end of the captured data, and don't run past the end
of the packet (i.e., don't make the length variable go negative).
Also, stop dissecting if the message length isn't valid.
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.
Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
Make sure all of them are declared const and most of them -- static.
Proper declaration of token arrays is a common review point for new code
that is based on existing decoders. Thus fix the issue at its root.
interface address, not just the *first* interface address.
For the name service message:
add length checking, both against truncated packets and bogus
lengths;
use fn_printn to print the name, to protect against control
characters, etc. in the name.
Unfortunately OLSR uses the same IDs for IPv4 and IPv6 packets, even
though the size of "messages" differ. The version of the internet protocol
is therefore handed to the "olsr_print" function.
The code isn't very nice, due to a high density of #ifdef INET6'es. If
IPv6-support really should be optional, I'm afraid this is inevitable.
Both, compilation with and without IPv6 support has been tested.
The patch addresses fixes other issues, too. The length given in the packet
was used for pointer arithmetic without checking if the value was in a
reasonable range first in several places. It should now be possible to
decode more than one "namespace message" within a single packet. Other
changes remove trailing whitespace or fix lines indented with tabs (the
majority of the file is indented using spaces).
Signed-off-by: Florian Forster <octo@leeloo.lan.home.verplant.org>
Especially not to do pointer arithmetic.
This is a real problem even without malicious people around if you use
OLSR via IPv6, because the message IDs didn't change but addresses are
now longer than four bytes.
Signed-off-by: Florian Forster <octo@leeloo.lan.home.verplant.org>
