[src/netbsd-1-6]: src/dist/tcpdump Pull up revision 1.5 (requested by itojun ...

[tv <tv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/4399fd83a3b9
branches:  netbsd-1-6
changeset: 527697:4399fd83a3b9
user:      tv <tv%NetBSD.org@localhost>
date:      Sun Jun 02 15:47:15 2002 +0000

description:
Pull up revision 1.5 (requested by itojun in ticket #121):
corrects NFS decoder overrun problem outlined in:
http://192.139.46.44/lists/workers/2002/05/msg00198.html

diffstat:

 dist/tcpdump/interface.h |  14 +++++++++++---
 1 files changed, 11 insertions(+), 3 deletions(-)

diffs (28 lines):

diff -r ae868b2aec74 -r 4399fd83a3b9 dist/tcpdump/interface.h
--- a/dist/tcpdump/interface.h  Sun Jun 02 15:35:11 2002 +0000
+++ b/dist/tcpdump/interface.h  Sun Jun 02 15:47:15 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: interface.h,v 1.3 2002/02/18 09:37:05 itojun Exp $     */
+/*     $NetBSD: interface.h,v 1.3.2.1 2002/06/02 15:47:15 tv Exp $     */
 
 /*
  * Copyright (c) 1988-2002
@@ -137,8 +137,16 @@
 extern const u_char *packetp;
 extern const u_char *snapend;
 
-/* True if  "l" bytes of "var" were captured */
-#define TTEST2(var, l) ((const u_char *)&(var) <= snapend - (l))
+/*
+ * True if  "l" bytes of "var" were captured.
+ *
+ * The "snapend - (l) <= snapend" checks to make sure "l" isn't so large
+ * that "snapend - (l)" underflows.
+ *
+ * The check is for <= rather than < because "l" might be 0.
+ */
+#define TTEST2(var, l) (snapend - (l) <= snapend && \
+                       (const u_char *)&(var) <= snapend - (l))
 
 /* True if "var" was captured */
 #define TTEST(var) TTEST2(var, sizeof(var))