diff options
| author | Guy Harris <guy@alum.mit.edu> | 2020-01-19 19:55:38 -0800 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2020-01-19 19:55:38 -0800 |
| commit | 306c2a0384af923a73bf234f3c8bc186ceff0b58 (patch) | |
| tree | 0598390b879d6e9a76ff3b906989a920222d2654 /addrtoname.h | |
| parent | 2cd0a90c24ccf01ad9a034d7d5a6a651c82a4785 (diff) | |
| download | tcpdump-306c2a0384af923a73bf234f3c8bc186ceff0b58.tar.gz | |
More bounds checking when fetching addresses and converting to strings.
Replace more calls to ipaddr_string()/ip6addr_string() with calls to
GET_IPADDR_STRING()/GET_IP6ADDR_STRING() macros performing bounds
checking.
Add similar bounds-checking inline functions and macros to wrap
linkaddr_string(), etheraddr_string(), and isonsap_string() and convert
calls to them to use the macros as well.
Shuffle the inline functions in addrtoname.h around a bit, so that the
inline functions, external declarations, and macros are all in the same
order.
Diffstat (limited to 'addrtoname.h')
| -rw-r--r-- | addrtoname.h | 50 |
1 files changed, 39 insertions, 11 deletions
diff --git a/addrtoname.h b/addrtoname.h index 201ab431..8a262aa7 100644 --- a/addrtoname.h +++ b/addrtoname.h @@ -19,13 +19,12 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ +#include "extract.h" + /* - * Definitions to let us compile most of the IPv6 code even on systems + * Definition to let us compile most of the IPv6 code even on systems * without IPv6 support. */ - -#include "extract.h" - #ifndef INET6_ADDRSTRLEN #define INET6_ADDRSTRLEN 46 #endif @@ -65,19 +64,20 @@ extern const char * ieee8021q_tci_string(const uint16_t); */ static inline const char * -get_ipaddr_string(netdissect_options *ndo, const u_char *p) +get_linkaddr_string(netdissect_options *ndo, const uint8_t *p, + const unsigned int type, const unsigned int len) { - if (!ND_TTEST_4(p)) + if (!ND_TTEST_LEN(p, len)) longjmp(ndo->ndo_truncated, 1); - return ipaddr_string(ndo, p); + return linkaddr_string(ndo, p, type, len); } static inline const char * -get_ip6addr_string(netdissect_options *ndo, const u_char *p) +get_etheraddr_string(netdissect_options *ndo, const uint8_t *p) { - if (!ND_TTEST_16(p)) + if (!ND_TTEST_LEN(p, MAC_ADDR_LEN)) longjmp(ndo->ndo_truncated, 1); - return ip6addr_string(ndo, p); + return etheraddr_string(ndo, p); } static inline const char * @@ -88,6 +88,34 @@ get_le64addr_string(netdissect_options *ndo, const u_char *p) return le64addr_string(ndo, p); } +static inline const char * +get_isonsap_string(netdissect_options *ndo, const uint8_t *nsap, + u_int nsap_length) +{ + if (!ND_TTEST_LEN(nsap, nsap_length)) + longjmp(ndo->ndo_truncated, 1); + return isonsap_string(ndo, nsap, nsap_length); +} + +static inline const char * +get_ipaddr_string(netdissect_options *ndo, const u_char *p) +{ + if (!ND_TTEST_4(p)) + longjmp(ndo->ndo_truncated, 1); + return ipaddr_string(ndo, p); +} + +static inline const char * +get_ip6addr_string(netdissect_options *ndo, const u_char *p) +{ + if (!ND_TTEST_16(p)) + longjmp(ndo->ndo_truncated, 1); + return ip6addr_string(ndo, p); +} + +#define GET_LINKADDR_STRING(p, type, len) get_linkaddr_string(ndo, (const u_char *)(p), type, len) +#define GET_ETHERADDR_STRING(p) get_etheraddr_string(ndo, (const u_char *)(p)) +#define GET_LE64ADDR_STRING(p) get_le64addr_string(ndo, (const u_char *)(p)) +#define GET_ISONSAP_STRING(nsap, nsap_length) get_isonsap_string(ndo, (const u_char *)(nsap), nsap_length) #define GET_IPADDR_STRING(p) get_ipaddr_string(ndo, (const u_char *)(p)) #define GET_IP6ADDR_STRING(p) get_ip6addr_string(ndo, (const u_char *)(p)) -#define GET_LE64ADDR_STRING(p) get_le64addr_string(ndo, (const u_char *)(p)) |