Enable ND_LONGJMP_FROM_TCHECK. Remove many redundant ND_TCHECK*()
instances. Report invalid packets as invalid with a reason, not
truncated. Test whether the invalid packet is entirely in the buffer.
Remove redundant and add plenty of new length checks. Reduce scope for
some variables. Consistently decrement length when advancing the current
pointer. Resort to ND_TCHECK_LEN() only when there are no better ways to
test the packet buffer space.
Do not pass caplen to cdp_print() and remove an improvised snapshot end
guard. Move TLV type-specific code from cdp_print() into standalone
small functions and upgrade a TLV name lookup table into a more
developed TLV registry table along the lines of what was done for
OpenFlow.
In cdp_print_addr() instead of comparing pointers test the address
counter only and trust the loop to do the length checks.
Replace cdp_get_number() with GET_*() macros.
Rewrite the code to make it easier to follow and make indentation more
consistent while at it.
Remove a stray CDP case block from print-chdlc.c.
ND_TCHECK_4(e).
They are redundant because they are followed by a GET_IPADDR_STRING(e)
call, same e, which do the bounds check.
Remove unused 'trunc' labels and associated codes.
Update the output of a test accordingly.
Replace more calls to ipaddr_string()/ip6addr_string() with calls to
GET_IPADDR_STRING()/GET_IP6ADDR_STRING() macros performing bounds
checking.
Add similar bounds-checking inline functions and macros to wrap
linkaddr_string(), etheraddr_string(), and isonsap_string() and convert
calls to them to use the macros as well.
Shuffle the inline functions in addrtoname.h around a bit, so that the
inline functions, external declarations, and macros are all in the same
order.
The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
The functions are: nd_print, nd_printztn, nd_printn and nd_printzp.
Trying to make it clearer that they currently have to be used only on part
of the packet buffer.
Update some comments.
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
0x000f is a query for a VoIP VLAN ID, 0x000e is the reply for that.
0x0010 is a power consumption message.
Display 2-byte VoIP VLAN queries. Treat 2-byte VoIP VLAN replies as
errors; I've seen the former but not the latter.
Don't use unsigned long for values that fit in an unsigned int.
Now all the macros have a name meaning a count in bytes.
With _S_: signed, _U_: unsigned
e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4
and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8 -> EXTRACT_S_1
with the tag '\summary:' for greping.
Remark: Currently some printers have no summary line.
Moreover:
Summarize all printers with a single line in INSTALL.txt
Have our own routines to convert between IPv4/IPv6 addresses and
strings; that helps if, for example, we want to build binary versions of
tcpdump for Windows that can run both on NT 5 (W2K/WXP), which doesn't
have inet_ntop() or inet_pton(), and NT 6 (Vista/7/8/10), which do. It
also means that we don't require IPv6 library support on UN*X to print
addresses (if somebody wants to build tcpdump for older UN*Xes lacking
IPv6 support in the system library or in add-on libraries).
Get rid of files in the missing directory that we don't need, and
various no-longer-necessary autoconf tests.
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
The bounds check is already done before by ND_TCHECK2(*tptr, len).
So we are deliberately ignoring the return values of fn_printn with last
argument NULL (no bounds check).
In the "the TLV length is too short" message, we're printing the length
of the entire TLV; report it as "TLV length". If we pass that test,
we've subtracted out the lengths of the T and the L, leaving only the
length of the V, so report it as "value length".
The TLV length includes the T and the L, so it must be at least 4.
This means we don't need the "avoid infinite loop" check later; that
check was wrong, as per GitHub issue #401 and #402; this fixes#402,
which has a different patch for that bug.
