Some versions of the MSVC runtime library have a non-C99-compliant
vsnprintf(), which we want to avoid. On Windows, use snprintf() and
vsnprintf() for VS 2015 and later, where they both exist in
C99-compliant forms, and wrap _{v}snprintf_s() otherwise (they're
guaranteed to do the null termination that we want).
Also add some bounds checks whose absence was noted while looking for
length checks that needed to be added, and clean up one output issue
that showed up if an attribute in ATTR_SET had no flags.
Update test output.
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
It's just a heuristic test to try to guess whether the NLRI information
has path IDs or not. If we run past the end of the packet data, just
stop processing before we try to fetch data past the end, don't return
an error.
This keeps us from showing truncation in non-truncated packets.
Update tests to reflect that change.
decode_labeled_vpn_l2() should return the full length of the item,
including the header; fix it to do so.
Fix calculation of length-in-bytes from length-in-bits.
Add additional length checks.
Do checks of unsigned values against zero as "not equal to zero" rather
than "greater than zero" (they should compile to the same code as, for
unsigned values. they mean the same thing, but that makes it a bit
clearer than it's not as if we're testing for negative values).
Some compilers don't figure out that path_id is always set if add_path*
is "true". Explicitly initialize it to eliminate complaints from those
compilers.
Don't copy structures out of the packet, access them in-place using the
EXTRACT_ macros as appropriate, as we already did for some packet types.
Declare the structures using nd_ types.
Rename bgp_header_print() to bgp_pdu_print(), because, after dissecting
and printing stuff from the header, it calls routines to dissect the
body.
Now all the macros have a name meaning a count in bytes.
With _S_: signed, _U_: unsigned
e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4
and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8 -> EXTRACT_S_1
bgp_mvpn_6_and_7 && bgp_pmsi_tunnel-oobr && bgp_vpn_rt-oobr: All contained illegal prefix lengths in the withdrawn routes section, ie > than 32 for ipv4, so I modified the .pcap files to have legal prefixs so that the BGP wasn't truncated and updated the withdrawn routes in the test.out
decode_rt_routing_info() didn't check bounds before fetching 4 octets of
the origin AS field and could over-read the input buffer, put it right.
It also fetched the varying number of octets of the route target field
from 4 octets lower than the correct offset, put it right.
It also used the same temporary buffer explicitly through as_printf()
and implicitly through bgp_vpn_rd_print() so the end result of snprintf()
was not what was originally intended.
This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.
Add a test using the capture file supplied by the reporter(s).
RFC 6514 Section 4.6 defines the structure for Shared Tree Join (6) and
Source Tree Join (7) multicast VPN route types. decode_multicast_vpn()
didn't implement the Source AS field of that structure properly, adjust
the offsets to put it right.
This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.
Add a test using the capture file supplied by the reporter(s).
The 'len - (tptr - pptr)' expression type is 'unsigned int' on a 32 bits
system.
Thus the conversion changes negative values to positive ones and the > 0
test is invalid.
Update the expression to compare two pointers.
