[src/trunk]: src/usr.sbin/tcpdump correct ip6 option header chasing. sync wi...

[itojun <itojun%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/e03501b9cd34
branches:  trunk
changeset: 509619:e03501b9cd34
user:      itojun <itojun%NetBSD.org@localhost>
date:      Wed May 09 02:50:02 2001 +0000

description:
correct ip6 option header chasing.  sync with tcpdump.org.

diffstat:

 usr.sbin/tcpdump/print-ip6opts.c |  46 +++++++++++++++++++++++----------------
 1 files changed, 27 insertions(+), 19 deletions(-)

diffs (170 lines):

diff -r 2022569d470d -r e03501b9cd34 usr.sbin/tcpdump/print-ip6opts.c
--- a/usr.sbin/tcpdump/print-ip6opts.c  Wed May 09 02:12:30 2001 +0000
+++ b/usr.sbin/tcpdump/print-ip6opts.c  Wed May 09 02:50:02 2001 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: print-ip6opts.c,v 1.5 2001/01/28 10:05:06 itojun Exp $ */
+/*     $NetBSD: print-ip6opts.c,v 1.6 2001/05/09 02:50:02 itojun Exp $ */
 
 /*
  * Copyright (C) 1998 WIDE Project.
@@ -31,7 +31,7 @@
 
 #ifndef lint
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: print-ip6opts.c,v 1.5 2001/01/28 10:05:06 itojun Exp $");
+__RCSID("$NetBSD: print-ip6opts.c,v 1.6 2001/05/09 02:50:02 itojun Exp $");
 #endif
 
 #ifdef INET6
@@ -87,10 +87,20 @@
     int optlen;
 
     for (i = 0; i < len; i += optlen) {
+       if (bp[i] == IP6OPT_PAD1)
+           optlen = 1;
+       else {
+           if (i + 1 < len)
+               optlen = bp[i + 1] + 2;
+           else
+               goto trunc;
+       }
+       if (i + optlen > len)
+           goto trunc;
+
        switch (bp[i]) {
        case IP6OPT_PAD1:
             printf(", pad1");
-           optlen = 1;
            break;
        case IP6OPT_PADN:
            if (len - i < IP6OPT_MINLEN) {
@@ -98,7 +108,6 @@
                goto trunc;
            }
             printf(", padn");
-           optlen = bp[i + 1] + 2;
            break;
         case IP6SOPT_ALTCOA:
              if (len - i < IP6SOPT_ALTCOA_MINLEN) {
@@ -106,7 +115,6 @@
                goto trunc;
            }
             printf(", alt-CoA: %s", ip6addr_string(&bp[i+2]));
-           optlen = bp[i + 1] + 2;
            break;
         case IP6SOPT_UI:
              if (len - i < IP6SOPT_UI_MINLEN) {
@@ -114,7 +122,6 @@
                goto trunc;
            }
             printf("(ui: 0x%04x) ", ntohs(*(u_int16_t *)&bp[i + 2]));
-           optlen = bp[i + 1] + 2;
            break;
        default:
            if (len - i < IP6OPT_MINLEN) {
@@ -122,7 +129,6 @@
                goto trunc;
            }
            printf(", sopt_type 0x%02x: len=%d", bp[i], bp[i + 1]);
-           optlen = bp[i + 1] + 2;
            break;
        }
     }
@@ -139,10 +145,20 @@
     int optlen;
 
     for (i = 0; i < len; i += optlen) {
+       if (bp[i] == IP6OPT_PAD1)
+           optlen = 1;
+       else {
+           if (i + 1 < len)
+               optlen = bp[i + 1] + 2;
+           else
+               goto trunc;
+       }
+       if (i + optlen > len)
+           goto trunc;
+
        switch (bp[i]) {
        case IP6OPT_PAD1:
             printf("(pad1)");
-           optlen = 1;
            break;
        case IP6OPT_PADN:
            if (len - i < IP6OPT_MINLEN) {
@@ -150,7 +166,6 @@
                goto trunc;
            }
             printf("(padn)");
-           optlen = bp[i + 1] + 2;
            break;
        case IP6OPT_ROUTER_ALERT:
            if (len - i < IP6OPT_RTALERT_LEN) {
@@ -162,7 +177,6 @@
                goto trunc;
            }
            printf("(rtalert: 0x%04x) ", ntohs(*(u_int16_t *)&bp[i + 2]));
-           optlen = IP6OPT_RTALERT_LEN;
            break;
        case IP6OPT_JUMBO:
            if (len - i < IP6OPT_JUMBO_LEN) {
@@ -174,7 +188,6 @@
                goto trunc;
            }
            printf("(jumbo: %u) ", (u_int32_t)ntohl(*(u_int32_t *)&bp[i + 2]));
-           optlen = IP6OPT_JUMBO_LEN;
            break;
         case IP6OPT_HOME_ADDRESS:
            if (len - i < IP6OPT_HOMEADDR_MINLEN) {
@@ -188,10 +201,9 @@
            printf("(homeaddr: %s", ip6addr_string(&bp[i + 2]));
             if (bp[i + 1] > IP6OPT_HOMEADDR_MINLEN - 2) {
                ip6_sopt_print(&bp[i + IP6OPT_HOMEADDR_MINLEN],
-                   (optlen-IP6OPT_HOMEADDR_MINLEN));
+                   (optlen - IP6OPT_HOMEADDR_MINLEN));
            }
             printf(")");
-           optlen = bp[i + 1] + 2;
            break;
         case IP6OPT_BINDING_UPDATE:
            if (len - i < IP6OPT_BU_MINLEN) {
@@ -219,7 +231,6 @@
            printf(", lifetime: %u",
                (u_int32_t)ntohs(*(u_int32_t *)&bp[i + 8]));
 
-           optlen = bp[i + 1] + 2;
            if (bp[i + 1] > IP6OPT_BU_MINLEN - 2) {
                ip6_sopt_print(&bp[i + IP6OPT_BU_MINLEN],
                    (optlen - IP6OPT_BU_MINLEN));
@@ -246,10 +257,9 @@
 
            if (bp[i + 1] > IP6OPT_BA_MINLEN - 2) {
                ip6_sopt_print(&bp[i + IP6OPT_BA_MINLEN],
-                   (optlen-IP6OPT_BA_MINLEN));
+                   (optlen - IP6OPT_BA_MINLEN));
            }
             printf(")");
-           optlen = bp[i + 1] + 2;
            break;
         case IP6OPT_BINDING_REQ:
            if (len - i < IP6OPT_BR_MINLEN) {
@@ -259,10 +269,9 @@
             printf("(br");
             if (bp[i + 1] > IP6OPT_BR_MINLEN - 2) {
                ip6_sopt_print(&bp[i + IP6OPT_BR_MINLEN],
-                   (optlen-IP6OPT_BR_MINLEN));
+                   (optlen - IP6OPT_BR_MINLEN));
            }
             printf(")");
-           optlen = bp[i + 1] + 2;
            break;
        default:
            if (len - i < IP6OPT_MINLEN) {
@@ -270,7 +279,6 @@
                goto trunc;
            }
            printf("(opt_type 0x%02x: len=%d) ", bp[i], bp[i + 1]);
-           optlen = bp[i + 1] + 2;
            break;
        }
     }