Builds using Autotools or CMake generate config.h, thus remove the
'#ifdef HAVE_CONFIG_H'/'#endif'.
Remove also the 'add_definitions(-DHAVE_CONFIG_H)' in CMakeLists.txt.
This is in the jumbo case.
When the payload+header length is > (original) length, output example:
[payload+header length 65577 > length 65576] (invalid)
We treat this as a warning and so don't stop decoding (as before).
Add a test file.
Update two test outputs accordingly.
When the payload+header length is > (original) length, output example:
[payload+header length 105 > length 104] (invalid)
We treat this as a warning and so don't stop decoding (as before).
Add a test file.
Update a test output accordingly.
When the (original) length is < length of the header, output example:
[length 39 < 40] (invalid)
(The IPv6 header must be 40 bytes in length.)
Place the 'length' test before the 'version' test.
Add a test file.
Always call ndo->ndo_error with a memory-allocation error if they fail.
Add WARN_UNUSED_RESULT for compilers that support it, and use it for
those routines, so that any future code that doesn't check for failure
gets a warning.
Have nd_push_buffer() take a snapshot length, not a snapshot end, as
its last argument.
Replace nd_push_snapend() and nd_change_snapend() with nd_push_snaplen()
and nd_change_snaplen(), both of which take a pointer into the packet
buffer and snapshot length relative to that pointer as arguments. Have
those routines check the snapshot length to make sure it's not bigger
than the number of bytes in the packet past the pointer, and silently
ignore the requst if it is.
Using a length rather than a pointer avoids the possibility of the
calculation of the snapshot end overflowing and resulting in a snapshot
end *before* the point in the buffer.
Add a test for this, with a capture file containing an IPv6 packet with
an extremely large "jumbo" packet size.
Revert the "Make sure we don't set the snapend before the beginning of
the packet." changes, as they no longer apply with this change (which
also makes sure we don't set the snapend before the beginning of the
packet).
Remove a number of instances that do not match common patterns and have
the only substantial effect on the code flow that a truncated packet
triggers "goto trunc" instead of longjmp(). (In a few cases this change
can increase the number of fields printed before giving up.)
ND_TCHECK_n(e), n in { 1, 2, 3, 4, 8 }.
They are redundant because they are followed by a GET_.*_n(e) call,
same n, same e, which do the bounds check.
Remove unused 'trunc' labels and most associated codes.
Update the outputs of some tests accordingly.
Replace more calls to ipaddr_string()/ip6addr_string() with calls to
GET_IPADDR_STRING()/GET_IP6ADDR_STRING() macros performing bounds
checking.
Add similar bounds-checking inline functions and macros to wrap
linkaddr_string(), etheraddr_string(), and isonsap_string() and convert
calls to them to use the macros as well.
Shuffle the inline functions in addrtoname.h around a bit, so that the
inline functions, external declarations, and macros are all in the same
order.
Check that the payload specified in a Jumbo Payload option isn't smaller
than the total number of bytes worth of extension headers; if it is,
report truncation.
Check that:
1) we don't have more than one Jumbo Payload option;
2) we don't have a Jumbo Payload option if the payload length in the
IPv6 header was non-zero;
3) we don't have a Jumbo Payload option with a value < 65536.
If we see one when processing the hop-by-hop extension header, use it to
set the payload length.
In UDP, if we have a zero length field in the UDP header, and the length
of the data handed to us is > 65535, treat that as a Jumbo Payload
packet.
If we have an Ethernet packet where the last 2 octets of the header are
a length rather than an Ethernet type, and it's less than the remaining
length of the packet, shorten the length and captured length, update the
snapshot end.
Turn the buffer stack into a "packet information" stack, so that, if we
*do* update the snapshot end, we push the old end onto the stack, and
pop it off as soon as we're done dissecting the Ethernet packet, in case
there's more data in the packet after the Ethernet packet.
Use the stack when we use the IPv4 and IPv6 length fields as well.
The checksum calculation for IPv6 packets is based on a pseudo
header that includes the packet's final Destination Address (DA).
If the IPv6 packet contains a Routing header, the final DA is the
last element of the Routing header [RFC8200].
Currently, tcpdump supports Routing header types 0 and 2.
IPv6 Segment Routing Header (SRH) is a new Routing header type (4).
SRH is defined in draft-ietf-6man-segment-routing-header [1].
This patch fix the checksum calculation for SRv6 packets. It allows
tcpdump to get the final DA value from SRv6 packets.
[1] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-17
That means less duplication of functionality - and less chance that
XXX-over-IPv4 will be handled but XXX-over-IPv6 won't be handled, or
*vice versa*. (CARP and VRRP were being handled over IPv4 but not over
IPv6; this fixes that.)
The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
Now all the macros have a name meaning a count in bytes.
With _S_: signed, _U_: unsigned
e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4
and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8 -> EXTRACT_S_1
Get rid of casts to (int) that aren't needed or wanted.
If a field is unsigned, use an unsigned variable for it, print it with
%u, not %d, and don't cast it to int.
Replace a static variable in print-dvmrp.c with a local variable in
dvmrp_print() and a parameter to print_neighbors2().
