Do sanity checking on the hardware address and protocol address lengths;

if the checks fail, treat it the same as we do for and unknown protocol
(we require the hardware address length not to be zero, as
"linkaddr_string()" can't handle that, and we require the protocol
address length to be 4, as we only handle IP as a protocol type).

1 files changed, 5 insertions, 3 deletions

diff --git a/print-arp.c b/print-arp.c
index 3c46ab50..3f09d63c 100644
--- a/print-arp.c
+++ b/print-arp.c
@@ -21,7 +21,7 @@
 
 #ifndef lint
 static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/print-arp.c,v 1.55 2002-08-01 08:53:00 risso Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/print-arp.c,v 1.56 2002-09-04 10:11:44 guy Exp $ (LBL)";
 #endif
 
 #ifdef HAVE_CONFIG_H
@@ -154,7 +154,8 @@ atmarp_print(const u_char *bp, u_int length, u_int caplen)
 	pro = EXTRACT_16BITS(&PRO(ap));
 	op = EXTRACT_16BITS(&OP(ap));
 
-	if (pro != ETHERTYPE_IP && pro != ETHERTYPE_TRAIL) {
+	if ((pro != ETHERTYPE_IP && pro != ETHERTYPE_TRAIL) ||
+	    PLN(ap) != 4 || HLN(ap) == 0) {
 		(void)printf("arp-#%d for proto #%d (%d) hardware #%d (%d)",
 				op, pro, PLN(ap), hrd, HLN(ap));
 		return;
@@ -232,7 +233,8 @@ arp_print(const u_char *bp, u_int length, u_int caplen)
 	pro = EXTRACT_16BITS(&PRO(ap));
 	op = EXTRACT_16BITS(&OP(ap));
 
-	if (pro != ETHERTYPE_IP && pro != ETHERTYPE_TRAIL) {
+	if ((pro != ETHERTYPE_IP && pro != ETHERTYPE_TRAIL) ||
+	    PLN(ap) != 4 || HLN(ap) == 0) {
 		(void)printf("arp-#%d for proto #%d (%d) hardware #%d (%d)",
 				op, pro, PLN(ap), hrd, HLN(ap));
 		return;