diff options
| author | guy <guy> | 2003-08-06 05:02:12 +0000 |
|---|---|---|
| committer | guy <guy> | 2003-08-06 05:02:12 +0000 |
| commit | 14e71ce55a9969390af3533ddaa3ab4289624d4a (patch) | |
| tree | fab422755d49af4acf6786895297aea90e079c49 /print-sctp.c | |
| parent | 5f542b97ad7e625eaa64af467e514237f953c78b (diff) | |
| download | tcpdump-14e71ce55a9969390af3533ddaa3ab4289624d4a.tar.gz | |
From Mark Ellzey Thomas <mark@ackers.net>: check the length of a data
chunk before printing it.
Diffstat (limited to 'print-sctp.c')
| -rw-r--r-- | print-sctp.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/print-sctp.c b/print-sctp.c index cb6c4d67..937f5e5c 100644 --- a/print-sctp.c +++ b/print-sctp.c @@ -35,7 +35,7 @@ #ifndef lint static const char rcsid[] = -"@(#) $Header: /tcpdump/master/tcpdump/print-sctp.c,v 1.12 2003-06-03 23:49:23 guy Exp $ (NETLAB/PEL)"; +"@(#) $Header: /tcpdump/master/tcpdump/print-sctp.c,v 1.13 2003-08-06 05:02:13 guy Exp $ (NETLAB/PEL)"; #endif #ifdef HAVE_CONFIG_H @@ -198,9 +198,17 @@ void sctp_print(const u_char *bp, /* beginning of sctp packet */ if (!xflag && !qflag) { payloadPtr = (const u_char *) (++dataHdrPtr); printf(":"); + if (htons(chunkDescPtr->chunkLength) < + sizeof(struct sctpDataPart)+ + sizeof(struct sctpChunkDesc)+1) { + printf("bogus chunk length %u]", + htons(chunkDescPtr->chunkLength)); + return; + } default_print(payloadPtr, - htons(chunkDescPtr->chunkLength)-1 - - sizeof(struct sctpDataPart)-sizeof(struct sctpChunkDesc)); + htons(chunkDescPtr->chunkLength) - + (sizeof(struct sctpDataPart)+ + sizeof(struct sctpChunkDesc)+1)); } else printf("]"); } |