Ethernet: Rework the length checks
authorFrancois-Xavier Le Bail <devel.fx.lebail@orange.fr>
Sun, 21 Nov 2021 14:33:24 +0000 (15:33 +0100)
committerFrancois-Xavier Le Bail <devel.fx.lebail@orange.fr>
Sun, 21 Nov 2021 14:49:13 +0000 (15:49 +0100)
Add a sanity check: packet length need to be >= capture length

(Like a sanity check in print.c, pretty_print_packet() function)

Remove a now useless test:
Because packet length (length) >= capture length (caplen), when
caplen >= ETHER_HDRLEN + switch_tag_len, length cannot
be < ETHER_HDRLEN + switch_tag_len.

print-ether.c

index 3aeda8f741669bc04e0a578955e1c50272f433f9..954668c4a2b5bf759a4ae478ada2a2f6c7912a03 100644 (file)
@@ -150,14 +150,15 @@ ether_common_print(netdissect_options *ndo, const u_char *p, u_int length,
        int llc_hdrlen;
        struct lladdr_info src, dst;
 
+       if (length < caplen) {
+               ND_PRINT("[length %u < caplen %u]", length, caplen);
+               nd_print_invalid(ndo);
+               return length;
+       }
        if (caplen < ETHER_HDRLEN + switch_tag_len) {
                nd_print_trunc(ndo);
                return caplen;
        }
-       if (length < ETHER_HDRLEN + switch_tag_len) {
-               nd_print_trunc(ndo);
-               return length;
-       }
 
        if (print_encap_header != NULL)
                (*print_encap_header)(ndo, encap_header_arg);