aboutsummaryrefslogtreecommitdiffstats
path: root/print-bgp.c
diff options
context:
space:
mode:
authorGordon Tetlow <gordon@FreeBSD.org>2017-09-18 04:10:54 +0000
committerGordon Tetlow <gordon@FreeBSD.org>2017-09-18 04:10:54 +0000
commit4533b6d8a9b95fc043b72b3656b98e79ac839041 (patch)
tree4ac156eafa4323886af859c09363dff43cc44106 /print-bgp.c
parentd79b843cb78484ea27f877f1541055e1a6a5a4d3 (diff)
downloadsrc-4533b6d8a9b95fc043b72b3656b98e79ac839041.tar.gz
src-4533b6d8a9b95fc043b72b3656b98e79ac839041.zip
Vendor import of tcpdump 4.9.2.vendor/tcpdump/4.9.2
Approved by: emaste (mentor)
Notes
Notes: svn path=/vendor/tcpdump/dist/; revision=323696 svn path=/vendor/tcpdump/4.9.2/; revision=323697; tag=vendor/tcpdump/4.9.2
Diffstat (limited to 'print-bgp.c')
-rw-r--r--print-bgp.c55
1 files changed, 40 insertions, 15 deletions
diff --git a/print-bgp.c b/print-bgp.c
index 79afeab4c759..c82f1cc7df10 100644
--- a/print-bgp.c
+++ b/print-bgp.c
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * Extensively modified by Hannes Gredler (hannes@juniper.net) for more
+ * Extensively modified by Hannes Gredler (hannes@gredler.at) for more
* complete BGP support.
*/
@@ -756,11 +756,18 @@ decode_rt_routing_info(netdissect_options *ndo,
{
uint8_t route_target[8];
u_int plen;
+ char asbuf[sizeof(astostr)]; /* bgp_vpn_rd_print() overwrites astostr */
+ /* NLRI "prefix length" from RFC 2858 Section 4. */
ND_TCHECK(pptr[0]);
plen = pptr[0]; /* get prefix length */
+ /* NLRI "prefix" (ibid), valid lengths are { 0, 32, 33, ..., 96 } bits.
+ * RFC 4684 Section 4 defines the layout of "origin AS" and "route
+ * target" fields inside the "prefix" depending on its length.
+ */
if (0 == plen) {
+ /* Without "origin AS", without "route target". */
snprintf(buf, buflen, "default route target");
return 1;
}
@@ -768,20 +775,29 @@ decode_rt_routing_info(netdissect_options *ndo,
if (32 > plen)
return -1;
+ /* With at least "origin AS", possibly with "route target". */
+ ND_TCHECK_32BITS(pptr + 1);
+ as_printf(ndo, asbuf, sizeof(asbuf), EXTRACT_32BITS(pptr + 1));
+
plen-=32; /* adjust prefix length */
if (64 < plen)
return -1;
+ /* From now on (plen + 7) / 8 evaluates to { 0, 1, 2, ..., 8 }
+ * and gives the number of octets in the variable-length "route
+ * target" field inside this NLRI "prefix". Look for it.
+ */
memset(&route_target, 0, sizeof(route_target));
- ND_TCHECK2(pptr[1], (plen + 7) / 8);
- memcpy(&route_target, &pptr[1], (plen + 7) / 8);
+ ND_TCHECK2(pptr[5], (plen + 7) / 8);
+ memcpy(&route_target, &pptr[5], (plen + 7) / 8);
+ /* Which specification says to do this? */
if (plen % 8) {
((u_char *)&route_target)[(plen + 7) / 8 - 1] &=
((0xff00 >> (plen % 8)) & 0xff);
}
snprintf(buf, buflen, "origin AS: %s, route target %s",
- as_printf(ndo, astostr, sizeof(astostr), EXTRACT_32BITS(pptr+1)),
+ asbuf,
bgp_vpn_rd_print(ndo, (u_char *)&route_target));
return 5 + (plen + 7) / 8;
@@ -895,6 +911,7 @@ static const struct tok bgp_multicast_vpn_route_type_values[] = {
{ BGP_MULTICAST_VPN_ROUTE_TYPE_SOURCE_ACTIVE, "Source-Active"},
{ BGP_MULTICAST_VPN_ROUTE_TYPE_SHARED_TREE_JOIN, "Shared Tree Join"},
{ BGP_MULTICAST_VPN_ROUTE_TYPE_SOURCE_TREE_JOIN, "Source Tree Join"},
+ { 0, NULL}
};
static int
@@ -959,13 +976,13 @@ decode_multicast_vpn(netdissect_options *ndo,
case BGP_MULTICAST_VPN_ROUTE_TYPE_SHARED_TREE_JOIN: /* fall through */
case BGP_MULTICAST_VPN_ROUTE_TYPE_SOURCE_TREE_JOIN:
- ND_TCHECK2(pptr[0], BGP_VPN_RD_LEN);
+ ND_TCHECK2(pptr[0], BGP_VPN_RD_LEN + 4);
offset = strlen(buf);
snprintf(buf + offset, buflen - offset, ", RD: %s, Source-AS %s",
bgp_vpn_rd_print(ndo, pptr),
as_printf(ndo, astostr, sizeof(astostr),
EXTRACT_32BITS(pptr + BGP_VPN_RD_LEN)));
- pptr += BGP_VPN_RD_LEN;
+ pptr += BGP_VPN_RD_LEN + 4;
bgp_vpn_sg_print(ndo, pptr, buf, buflen);
break;
@@ -1400,6 +1417,7 @@ bgp_attr_print(netdissect_options *ndo,
ND_TCHECK(tptr[0]);
ND_PRINT((ndo, "%s", tok2str(bgp_as_path_segment_open_values,
"?", tptr[0])));
+ ND_TCHECK(tptr[1]);
for (i = 0; i < tptr[1] * as_size; i += as_size) {
ND_TCHECK2(tptr[2 + i], as_size);
ND_PRINT((ndo, "%s ",
@@ -1719,7 +1737,7 @@ bgp_attr_print(netdissect_options *ndo,
ND_PRINT((ndo, ", no SNPA"));
}
- while (len - (tptr - pptr) > 0) {
+ while (tptr < pptr + len) {
switch (af<<8 | safi) {
case (AFNUM_INET<<8 | SAFNUM_UNICAST):
case (AFNUM_INET<<8 | SAFNUM_MULTICAST):
@@ -1887,7 +1905,7 @@ bgp_attr_print(netdissect_options *ndo,
tptr += 3;
- while (len - (tptr - pptr) > 0) {
+ while (tptr < pptr + len) {
switch (af<<8 | safi) {
case (AFNUM_INET<<8 | SAFNUM_UNICAST):
case (AFNUM_INET<<8 | SAFNUM_MULTICAST):
@@ -2116,11 +2134,11 @@ bgp_attr_print(netdissect_options *ndo,
{
uint8_t tunnel_type, flags;
+ ND_TCHECK2(tptr[0], 5);
tunnel_type = *(tptr+1);
flags = *tptr;
tlen = len;
- ND_TCHECK2(tptr[0], 5);
ND_PRINT((ndo, "\n\t Tunnel-type %s (%u), Flags [%s], MPLS Label %u",
tok2str(bgp_pmsi_tunnel_values, "Unknown", tunnel_type),
tunnel_type,
@@ -2175,35 +2193,42 @@ bgp_attr_print(netdissect_options *ndo,
uint8_t type;
uint16_t length;
- ND_TCHECK2(tptr[0], 3);
-
tlen = len;
while (tlen >= 3) {
+ ND_TCHECK2(tptr[0], 3);
+
type = *tptr;
length = EXTRACT_16BITS(tptr+1);
+ tptr += 3;
+ tlen -= 3;
ND_PRINT((ndo, "\n\t %s TLV (%u), length %u",
tok2str(bgp_aigp_values, "Unknown", type),
type, length));
+ if (length < 3)
+ goto trunc;
+ length -= 3;
+
/*
* Check if we can read the TLV data.
*/
- ND_TCHECK2(tptr[3], length - 3);
+ ND_TCHECK2(tptr[3], length);
switch (type) {
case BGP_AIGP_TLV:
- ND_TCHECK2(tptr[3], 8);
+ if (length < 8)
+ goto trunc;
ND_PRINT((ndo, ", metric %" PRIu64,
- EXTRACT_64BITS(tptr+3)));
+ EXTRACT_64BITS(tptr)));
break;
default:
if (ndo->ndo_vflag <= 1) {
- print_unknown_data(ndo, tptr+3,"\n\t ", length-3);
+ print_unknown_data(ndo, tptr,"\n\t ", length);
}
}