svn commit: r277783 - head/contrib/tcpdump

Pedro F. Giffuni pfg at FreeBSD.org
Tue Jan 27 01:45:49 UTC 2015 

Author: pfg
Date: Tue Jan 27 01:45:47 2015
New Revision: 277783
URL: https://svnweb.freebsd.org/changeset/base/277783

Log:
  MFV	r277782:
  
  Merge some cherry-picked fixes originating in OpenBSD
  
  Check whether the version field is available before looking at it.
  While we're at it, use ND_TCHECK(), rather than a hand-rolled check, to
  check whether we have the full fixed-length portion of the IPv4 header.
  
  commit c67afe913011138a2504ec4d3d423b48e73b12f3
  
  Do more length checking. From OpenBSD.
  
  commit d7516761f9c4877bcb05bb6543be3543e165249

Modified:
  head/contrib/tcpdump/print-ip.c
  head/contrib/tcpdump/print-sl.c
Directory Properties:
  head/contrib/tcpdump/   (props changed)

Modified: head/contrib/tcpdump/print-ip.c
==============================================================================
--- head/contrib/tcpdump/print-ip.c	Tue Jan 27 01:39:42 2015	(r277782)
+++ head/contrib/tcpdump/print-ip.c	Tue Jan 27 01:45:47 2015	(r277783)
@@ -537,6 +537,7 @@ ip_print(netdissect_options *ndo,
 	struct protoent *proto;
 
 	ipds->ip = (const struct ip *)bp;
+	ND_TCHECK(ipds->ip->ip_vhl);
 	if (IP_V(ipds->ip) != 4) { /* print version if != 4 */
 	    ND_PRINT((ndo, "IP%u ", IP_V(ipds->ip)));
 	    if (IP_V(ipds->ip) == 6)
@@ -545,10 +546,7 @@ ip_print(netdissect_options *ndo,
 	else if (!ndo->ndo_eflag)
 		ND_PRINT((ndo, "IP "));
 
-	if ((u_char *)(ipds->ip + 1) > ndo->ndo_snapend) {
-		ND_PRINT((ndo, "%s", tstr));
-		return;
-	}
+	ND_TCHECK(*ipds->ip);
 	if (length < sizeof (struct ip)) {
 		ND_PRINT((ndo, "truncated-ip %u", length));
 		return;
@@ -677,6 +675,11 @@ ip_print(netdissect_options *ndo,
 				ND_PRINT((ndo, " ip-proto-%d", ipds->ip->ip_p));
 		}
 	}
+	return;
+
+trunc:
+	ND_PRINT((ndo, "%s", tstr));
+	return;
 }
 
 void

Modified: head/contrib/tcpdump/print-sl.c
==============================================================================
--- head/contrib/tcpdump/print-sl.c	Tue Jan 27 01:39:42 2015	(r277782)
+++ head/contrib/tcpdump/print-sl.c	Tue Jan 27 01:45:47 2015	(r277783)
@@ -64,7 +64,7 @@ sl_if_print(netdissect_options *ndo,
 	register u_int length = h->len;
 	register const struct ip *ip;
 
-	if (caplen < SLIP_HDRLEN) {
+	if (caplen < SLIP_HDRLEN || length < SLIP_HDRLEN) {
 		ND_PRINT((ndo, "%s", tstr));
 		return (caplen);
 	}

More information about the svn-src-all mailing list