diff options
Diffstat (limited to 'contrib/tcpdump/print-ppp.c')
-rw-r--r-- | contrib/tcpdump/print-ppp.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/contrib/tcpdump/print-ppp.c b/contrib/tcpdump/print-ppp.c index 7e4870d..ee8239c 100644 --- a/contrib/tcpdump/print-ppp.c +++ b/contrib/tcpdump/print-ppp.c @@ -20,10 +20,10 @@ * * Extensively modified by Motonori Shindo (mshindo@mshindo.net) for more * complete PPP support. - * - * $FreeBSD$ */ +/* \summary: Point to Point Protocol (PPP) printer */ + /* * TODO: * o resolve XXX as much as possible @@ -31,12 +31,11 @@ * o BAP support */ -#define NETDISSECT_REWORKED #ifdef HAVE_CONFIG_H #include "config.h" #endif -#include <tcpdump-stdinc.h> +#include <netdissect-stdinc.h> #ifdef __bsdi__ #include <net/slcompress.h> @@ -45,7 +44,7 @@ #include <stdlib.h> -#include "interface.h" +#include "netdissect.h" #include "extract.h" #include "addrtoname.h" #include "ppp.h" @@ -945,6 +944,9 @@ handle_pap(netdissect_options *ndo, switch (code) { case PAP_AREQ: + /* A valid Authenticate-Request is 6 or more octets long. */ + if (len < 6) + goto trunc; if (length - (p - p0) < 1) return; ND_TCHECK(*p); @@ -973,6 +975,13 @@ handle_pap(netdissect_options *ndo, break; case PAP_AACK: case PAP_ANAK: + /* Although some implementations ignore truncation at + * this point and at least one generates a truncated + * packet, RFC 1334 section 2.2.2 clearly states that + * both AACK and ANAK are at least 5 bytes long. + */ + if (len < 5) + goto trunc; if (length - (p - p0) < 1) return; ND_TCHECK(*p); @@ -1672,6 +1681,11 @@ ppp_hdlc_if_print(netdissect_options *ndo, return (chdlc_if_print(ndo, h, p)); default: + if (caplen < 4) { + ND_PRINT((ndo, "[|ppp]")); + return (caplen); + } + if (ndo->ndo_eflag) ND_PRINT((ndo, "%02x %02x %d ", p[0], p[1], length)); p += 2; |