mirrors/tcpdump
0
0
Fork 0
mirror of https://github.com/the-tcpdump-group/tcpdump.git synced 2024-11-24 02:23:27 +08:00
Code Issues Packages Projects Releases Wiki Activity
0559dc9874
tcpdump/print-calm-fast.c
Guy Harris 6bc44295cf CVE-2016-7985,7986/Change the way protocols print link-layer addresses. 
If a protocol that runs under a link-layer protocol would print the
link-layer addresses for the packet as source and destination addresses
for the packet, don't have it blithely assume those link-layer addresses
are present or are at a particular offset from the beginning of that
protocol's data; Ethertypes, for example, are used by a number of
protocols, not all of which have Ethernet headers and not all of which
have any MAC headers.

Instead, pass the printers for those protocols structures with a pointer
to the address data and a pointer to a routine that prints the address.

Fixes some heap overflows found with American Fuzzy Lop by Hanno Böck.
2017-01-18 09:16:36 +01:00

76 lines
1.8 KiB
C
Raw Blame History

/*
* Copyright (c) 2013 The TCPDUMP project
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that: (1) source code
* distributions retain the above copyright notice and this paragraph
* in its entirety, and (2) distributions including binary code include
* the above copyright notice and this paragraph in its entirety in
* the documentation or other materials provided with the distribution.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND
* WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
* LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE.
*
* Original code by Ola Martin Lykkja (ola.lykkja@q-free.com)
*/
/* \summary: Communication access for land mobiles (CALM) printer */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <netdissect-stdinc.h>
#include "netdissect.h"
#include "addrtoname.h"
/*
ISO 29281:2009
Intelligent Transport Systems . Communications access for land mobiles (CALM)
CALM non-IP networking
*/
/*
* This is the top level routine of the printer. 'bp' points
* to the calm header of the packet.
*/
void
calm_fast_print(netdissect_options *ndo, const u_char *bp, u_int length, const struct lladdr_info *src)
{
int srcNwref;
int dstNwref;
ND_TCHECK2(*bp, 2);
if (length < 2)
goto trunc;
srcNwref = bp[0];
dstNwref = bp[1];
length -= 2;
bp += 2;
ND_PRINT((ndo, "CALM FAST"));
if (src != NULL)
ND_PRINT((ndo, " src:%s", (src->addr_string)(ndo, src->addr)));
ND_PRINT((ndo, "; "));
ND_PRINT((ndo, "SrcNwref:%d; ", srcNwref));
ND_PRINT((ndo, "DstNwref:%d; ", dstNwref));
if (ndo->ndo_vflag)
ND_DEFAULTPRINT(bp, length);
return;
trunc:
ND_PRINT((ndo, "[|calm fast]"));
return;
}
/*
* Local Variables:
* c-style: whitesmith
* c-basic-offset: 8
* End:
*/
Reference in New Issue View Git Blame Copy Permalink