svn commit: r277783 - head/contrib/tcpdump

Mon, 26 Jan 2015 17:46:13 -0800 

Author: pfg
Date: Tue Jan 27 01:45:47 2015
New Revision: 277783
URL: https://svnweb.freebsd.org/changeset/base/277783

Log:
  MFV   r277782:
  
  Merge some cherry-picked fixes originating in OpenBSD
  
  Check whether the version field is available before looking at it.
  While we're at it, use ND_TCHECK(), rather than a hand-rolled check, to
  check whether we have the full fixed-length portion of the IPv4 header.
  
  commit c67afe913011138a2504ec4d3d423b48e73b12f3
  
  Do more length checking. From OpenBSD.
  
  commit d7516761f9c4877bcb05bb6543be3543e165249

Modified:
  head/contrib/tcpdump/print-ip.c
  head/contrib/tcpdump/print-sl.c
Directory Properties:
  head/contrib/tcpdump/   (props changed)

Modified: head/contrib/tcpdump/print-ip.c
==============================================================================
--- head/contrib/tcpdump/print-ip.c     Tue Jan 27 01:39:42 2015        
(r277782)
+++ head/contrib/tcpdump/print-ip.c     Tue Jan 27 01:45:47 2015        
(r277783)
@@ -537,6 +537,7 @@ ip_print(netdissect_options *ndo,
        struct protoent *proto;
 
        ipds->ip = (const struct ip *)bp;
+       ND_TCHECK(ipds->ip->ip_vhl);
        if (IP_V(ipds->ip) != 4) { /* print version if != 4 */
            ND_PRINT((ndo, "IP%u ", IP_V(ipds->ip)));
            if (IP_V(ipds->ip) == 6)
@@ -545,10 +546,7 @@ ip_print(netdissect_options *ndo,
        else if (!ndo->ndo_eflag)
                ND_PRINT((ndo, "IP "));
 
-       if ((u_char *)(ipds->ip + 1) > ndo->ndo_snapend) {
-               ND_PRINT((ndo, "%s", tstr));
-               return;
-       }
+       ND_TCHECK(*ipds->ip);
        if (length < sizeof (struct ip)) {
                ND_PRINT((ndo, "truncated-ip %u", length));
                return;
@@ -677,6 +675,11 @@ ip_print(netdissect_options *ndo,
                                ND_PRINT((ndo, " ip-proto-%d", ipds->ip->ip_p));
                }
        }
+       return;
+
+trunc:
+       ND_PRINT((ndo, "%s", tstr));
+       return;
 }
 
 void

Modified: head/contrib/tcpdump/print-sl.c
==============================================================================
--- head/contrib/tcpdump/print-sl.c     Tue Jan 27 01:39:42 2015        
(r277782)
+++ head/contrib/tcpdump/print-sl.c     Tue Jan 27 01:45:47 2015        
(r277783)
@@ -64,7 +64,7 @@ sl_if_print(netdissect_options *ndo,
        register u_int length = h->len;
        register const struct ip *ip;
 
-       if (caplen < SLIP_HDRLEN) {
+       if (caplen < SLIP_HDRLEN || length < SLIP_HDRLEN) {
                ND_PRINT((ndo, "%s", tstr));
                return (caplen);
        }
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to