Commit Graph

56 Commits

Author SHA1 Message Date
Guy Harris
50dfa7eceb EAP: add some more length checks.
Check to make sure we don't go past the length value in the header.

Note that the string in an Identity message is optional (so we just
don't bother printing it if it's zero-length), but the string in a
notification message isn't (so report an error if it's zero-length).
2021-11-13 18:50:02 -08:00
Guy Harris
cac8a3cd04 EAP: label length mismatch as a possible EAP fragment.
In some cases, EAP fragmentation/reassembly is done at a layer above
EAP, e.g. when EAP messages are contained within a RADIUS message and
are broken up into multiple TLVs in the message.  In those cases, the
length handed to eap_print() will be different from the length in the
first fragment's header, and the remaining fragments won't *have* a
header, so the "length" will be garbage and thus unlikely to be equal to
the length handed to us.
2021-11-13 18:44:57 -08:00
Guy Harris
6569fb7945 EAP: no need for the count variable to be signed.
Make it unsigned, and, while we're at it, make the loop a for loop.
2021-11-13 18:34:00 -08:00
Guy Harris
47b4131380 Update some comments with new RFC numbers. 2021-11-13 18:18:47 -08:00
Francois-Xavier Le Bail
58a4ab67fc EAP: Fix some undefined behaviors at runtime
The errors were like:
print-eap.c:179:25: runtime error: unsigned integer overflow:
  2 - 5 cannot be represented in type 'unsigned int'
print-eap.c:181:50: runtime error: unsigned integer overflow:
  2 - 5 cannot be represented in type 'unsigned int'
print-eap.c:186:25: runtime error: unsigned integer overflow:
  2 - 5 cannot be represented in type 'unsigned int'
print-eap.c:188:50: runtime error: unsigned integer overflow:
  2 - 5 cannot be represented in type 'unsigned int'
2021-11-04 22:58:40 +01:00
Francois-Xavier Le Bail
1b69d2a8a1 Replace the (void)nd_printzp() calls by nd_printjnp() calls 2020-12-10 20:34:09 +01:00
Francois-Xavier Le Bail
6288c273b6 Remove useless 'return' at end of void functions (style) 2020-09-28 17:04:08 +02:00
Francois-Xavier Le Bail
21b12733b6 Remove 15 now redundant ND_TCHECK_n() calls
ND_TCHECK_n(e).

They are redundant because they are followed by a GET_.*_n(e) call,
same n, same e, which do the bounds check.

Remove unused 'trunc' label(s) and most associated code(s).
2020-09-10 14:06:40 +02:00
Denis Ovsienko
51e180c4fb Remove 96 assorted ND_TCHECK calls.
Remove a number of instances that do not match common patterns and have
the only substantial effect on the code flow that a truncated packet
triggers "goto trunc" instead of longjmp(). (In a few cases this change
can increase the number of fields printed before giving up.)
2020-09-08 05:04:58 +01:00
Francois-Xavier Le Bail
abc8c2d61c Remove many (762) now redundant ND_TCHECK_n() calls
ND_TCHECK_n(e), n in { 1, 2, 3, 4, 8 }.

They are redundant because they are followed by a GET_.*_n(e) call,
same n, same e, which do the bounds check.

Remove unused 'trunc' labels and most associated codes.

Update the outputs of some tests accordingly.
2020-09-06 20:22:29 +02:00
Aravind Prasad S
c429fc4120 Support for EAP Dump in RADIUS Messages
(pull request #864)
2020-07-22 13:50:14 +02:00
Francois-Xavier Le Bail
ee68aa3646 Use the new GET_ macros instead of the EXTRACT_ ones
The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
2019-03-26 21:06:24 +01:00
Denis Ovsienko
6bda3d1515 EAP: Fixup the check for Code value.
Code value 0 is not assigned, and the code block guarded by the if() is
specific to Request (1) and Response (2) only. This change prevents the
printer from decoding some invalid EAP messages as if they were valid.

[skip ci]
2018-08-18 19:00:36 +01:00
Denis Ovsienko
ecc344f328 EAP: simplify an if()
[skip ci]
2018-08-17 08:54:15 +01:00
Francois-Xavier Le Bail
00ecef01d7 Add more nd_print_trunc() calls
Update the output of some tests accordingly.
2018-05-06 11:26:45 +02:00
Francois-Xavier Le Bail
e10fe19f45 Remove the safeputs() function
Use the nd_printzp() function instead.
2018-05-02 10:15:26 +02:00
Francois-Xavier Le Bail
56e6581c34 Remove useless comments 2018-03-19 15:16:32 +01:00
Francois-Xavier Le Bail
546558eabd Add the ndo_protocol field in the netdissect_options structure
Update this field in printer entry functions.
It will be used for some printings.
2018-03-16 19:44:47 +01:00
Guy Harris
fb2479d733 Always include <config.h> rather than "config.h".
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options.  This way, we always pick up the
same config.h, in the build directory.
2018-01-21 12:27:28 -08:00
Francois-Xavier Le Bail
513f782ae1 Use quoted include netdissect-stdinc.h instead of angle-bracketed one 2018-01-21 10:28:15 +01:00
Francois-Xavier Le Bail
e2982e7f6f Update ND_PRINT() as a variadic macro 2018-01-07 13:36:41 +01:00
Francois-Xavier Le Bail
d526e47658 Use ND_TTEST_SIZE()/ND_TCHECK_SIZE() macros (1/n) 2018-01-03 21:32:07 +01:00
Guy Harris
9a63e07cc2 Use nd_ types, add EXTRACT_ calls. 2017-12-29 21:08:07 -08:00
Francois-Xavier Le Bail
5cea270318 Remove all storage class specifier 'register'
Let the compiler do the optimizations (or not) based on build options.

Avoid 'value has been optimized out' messages in gdb using '-O0'.
2017-12-13 19:17:47 +01:00
Francois-Xavier Le Bail
84ef17ac0e Replace ND_TTEST2()/ND_TCHECK2() macros by macros using pointers (1/n)
ND_TTEST2(var, l)  -> ND_TTEST_LEN(p, l)
ND_TCHECK2(var, l) -> ND_TCHECK_LEN(p, l)
2017-12-11 22:11:01 +01:00
Francois-Xavier Le Bail
3a7639e545 Use more the EXTRACT_U_1() macro (49/n)
Assignment, *(p)
2017-12-09 09:56:29 +01:00
Francois-Xavier Le Bail
99227bf552 Use more the EXTRACT_U_1() macro (30/n) 2017-11-27 18:28:49 +01:00
Francois-Xavier Le Bail
2858e729ed Use more the EXTRACT_U_1() macro (29/n)
In ND_PRINT() macro call(s) (step 8).

*(p + e)
2017-11-26 21:33:24 +01:00
Francois-Xavier Le Bail
da20bc56d6 Rename EXTRACT_ macros
Now all the macros have a name meaning a count in bytes.

With _S_: signed, _U_: unsigned

e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4

and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8  -> EXTRACT_S_1
2017-11-22 23:54:09 +01:00
Francois-Xavier Le Bail
3c8f3e13b0 Rename ND_TCHECK_/ND_TTEST_ macros
Now all the macros have a name meaning a count in bytes.

e.g.:
ND_TCHECK_32BITS -> ND_TCHECK_4
ND_TTEST_32BITS -> ND_TTEST_4
2017-11-22 21:58:44 +01:00
Francois-Xavier Le Bail
cb9b665059 Use more the EXTRACT_8BITS() macro to fetch a one-byte value (18/n)
Assignment, *(p op e)

Partial list.
2017-11-21 22:23:47 +01:00
Francois-Xavier Le Bail
716e07e060 Use more the EXTRACT_8BITS() macro to fetch a one-byte value (12/n)
In ND_PRINT() macro calls.
2017-11-20 09:40:00 +01:00
Francois-Xavier Le Bail
12e1c2f6fc Use more the EXTRACT_8BITS() macro to fetch a one-byte value (3/n)
In EAP_TTLS_VERSION() macro calls.
2017-11-19 14:35:37 +01:00
Francois-Xavier Le Bail
ea759b171c Use more the EXTRACT_8BITS() macro to fetch a one-byte value (2/n)
In tok2str() calls.
2017-11-19 13:26:02 +01:00
Francois-Xavier Le Bail
b9be0f8386 Use more the EXTRACT_8BITS() macro to fetch a one-byte value (1/n)
In bittok2str() calls.
2017-11-19 12:54:25 +01:00
Francois-Xavier Le Bail
577621026d Rename EXTRACT_nBITS() macros to EXTRACT_BE_nBITS()
It indicates clearly that these macros are used to extract big-endian
integral values.
2017-11-18 13:56:40 +01:00
Denis Ovsienko
413840cf18 Don't specify struct as "const" within sizeof().
The only difference the const qualifier makes in this context is visual,
make it consistent with the rest of the source code.
2017-09-13 13:33:02 +01:00
Guy Harris
9851220811 CVE-2017-13015/EAP: Add more bounds checks.
This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.
2017-09-13 12:25:44 +01:00
Francois-Xavier Le Bail
89789e51d5 Fix used but marked unused parameters 2016-08-19 01:58:35 +02:00
Francois-Xavier Le Bail
b38f324af9 Add a summary comment in all other printers
Moreover:
Remove some redundant comments
Update some summary comments
Update the specification URL for ATA over Ethernet (AoE) protocol
2016-08-15 22:42:38 +02:00
Francois-Xavier Le Bail
11d3a01319 Move the printer summaries from INSTALL.txt to each printer
with the tag '\summary:' for greping.
Remark: Currently some printers have no summary line.

Moreover:
Summarize all printers with a single line in INSTALL.txt
2016-08-14 17:03:43 +02:00
Francois-Xavier Le Bail
99c91c3aec Rename 'tcpdump-stdinc.h' to 'netdissect-stdinc.h'
Get the full log via: git log --follow netdissect-stdinc.h
2015-09-10 08:50:40 +02:00
Francois-Xavier Le Bail
c1c3c77463 Printers must include 'netdissect.h', not 'interface.h' 2015-09-05 23:35:58 +02:00
Denis Ovsienko
38700c7f24 dismiss NETDISSECT_REWORKED macro
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
2015-03-22 10:06:15 +00:00
Denis Ovsienko
f0f2e6d058 don't reinvent ND_TCHECK2() 2014-06-12 14:59:03 +04:00
Denis Ovsienko
f274a23dc1 improve previous NDO conversions 2014-04-03 17:41:02 +04:00
Denis Ovsienko
64e53f90ca NDOize EAP, IEEE CFM, lwres, SIP & Syslog decoders 2014-04-01 19:46:05 +04:00
Denis Ovsienko
51670d1949 NDOize safeputs() and safeputchar() 2014-04-01 19:46:05 +04:00
Denis Ovsienko
69f6f4392a don't include addrtoname.h needlessly 2014-02-25 17:53:08 +04:00
Denis Ovsienko
fe3253b9b8 remove tcpdump's own CVS keywords
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
2014-01-03 00:59:08 +04:00