diff options
author | Gleb Smirnoff <glebius@FreeBSD.org> | 2017-02-01 20:26:42 +0000 |
---|---|---|
committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2017-02-01 20:26:42 +0000 |
commit | 3340d77368116708ab5b5b95acf6c9c710528300 (patch) | |
tree | 811e83fd724dc565485db80039bf234ece065b10 /contrib/tcpdump/print-ldp.c | |
parent | 151139ad9e119116ae3692d0b8dd13baf691d55e (diff) | |
parent | d79b843cb78484ea27f877f1541055e1a6a5a4d3 (diff) | |
download | src-3340d77368116708ab5b5b95acf6c9c710528300.tar.gz src-3340d77368116708ab5b5b95acf6c9c710528300.zip |
Update tcpdump to 4.9.0.
It fixes many buffer overflow in different protocol parsers, but none of
them are critical, even in absense of Capsicum.
Security: CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925
Security: CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929
Security: CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933
Security: CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937
Security: CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973
Security: CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984
Security: CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993
Security: CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203
Security: CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342
Security: CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485
Security: CVE-2017-5486
Notes
Notes:
svn path=/head/; revision=313048
Diffstat (limited to 'contrib/tcpdump/print-ldp.c')
-rw-r--r-- | contrib/tcpdump/print-ldp.c | 27 |
1 files changed, 13 insertions, 14 deletions
diff --git a/contrib/tcpdump/print-ldp.c b/contrib/tcpdump/print-ldp.c index 3f741d136ce4..40c9d8c2a22c 100644 --- a/contrib/tcpdump/print-ldp.c +++ b/contrib/tcpdump/print-ldp.c @@ -14,14 +14,15 @@ * and Steinar Haug (sthaug@nethelp.no) */ -#define NETDISSECT_REWORKED +/* \summary: Label Distribution Protocol (LDP) printer */ + #ifdef HAVE_CONFIG_H #include "config.h" #endif -#include <tcpdump-stdinc.h> +#include <netdissect-stdinc.h> -#include "interface.h" +#include "netdissect.h" #include "extract.h" #include "addrtoname.h" @@ -284,12 +285,10 @@ ldp_tlv_print(netdissect_options *ndo, TLV_TCHECK(4); ND_PRINT((ndo, "\n\t IPv4 Transport Address: %s", ipaddr_string(ndo, tptr))); break; -#ifdef INET6 case LDP_TLV_IPV6_TRANSPORT_ADDR: TLV_TCHECK(16); ND_PRINT((ndo, "\n\t IPv6 Transport Address: %s", ip6addr_string(ndo, tptr))); break; -#endif case LDP_TLV_CONFIG_SEQ_NUMBER: TLV_TCHECK(4); ND_PRINT((ndo, "\n\t Sequence Number: %u", EXTRACT_32BITS(tptr))); @@ -311,7 +310,6 @@ ldp_tlv_print(netdissect_options *ndo, tptr+=sizeof(struct in_addr); } break; -#ifdef INET6 case AFNUM_INET6: while(tlv_tlen >= sizeof(struct in6_addr)) { ND_TCHECK2(*tptr, sizeof(struct in6_addr)); @@ -320,7 +318,6 @@ ldp_tlv_print(netdissect_options *ndo, tptr+=sizeof(struct in6_addr); } break; -#endif default: /* unknown AF */ break; @@ -365,7 +362,6 @@ ldp_tlv_print(netdissect_options *ndo, else ND_PRINT((ndo, ": IPv4 prefix %s", buf)); } -#ifdef INET6 else if (af == AFNUM_INET6) { i=decode_prefix6(ndo, tptr, tlv_tlen, buf, sizeof(buf)); if (i == -2) @@ -377,7 +373,6 @@ ldp_tlv_print(netdissect_options *ndo, else ND_PRINT((ndo, ": IPv6 prefix %s", buf)); } -#endif else ND_PRINT((ndo, ": Address family %u prefix", af)); break; @@ -385,16 +380,20 @@ ldp_tlv_print(netdissect_options *ndo, break; case LDP_FEC_MARTINI_VC: /* + * We assume the type was supposed to be one of the MPLS + * Pseudowire Types. + */ + TLV_TCHECK(7); + vc_info_len = *(tptr+2); + + /* * According to RFC 4908, the VC info Length field can be zero, * in which case not only are there no interface parameters, * there's no VC ID. */ - TLV_TCHECK(7); - vc_info_len = *(tptr+2); - if (vc_info_len == 0) { ND_PRINT((ndo, ": %s, %scontrol word, group-ID %u, VC-info-length: %u", - tok2str(l2vpn_encaps_values, "Unknown", EXTRACT_16BITS(tptr)&0x7fff), + tok2str(mpls_pw_types_values, "Unknown", EXTRACT_16BITS(tptr)&0x7fff), EXTRACT_16BITS(tptr)&0x8000 ? "" : "no ", EXTRACT_32BITS(tptr+3), vc_info_len)); @@ -404,7 +403,7 @@ ldp_tlv_print(netdissect_options *ndo, /* Make sure we have the VC ID as well */ TLV_TCHECK(11); ND_PRINT((ndo, ": %s, %scontrol word, group-ID %u, VC-ID %u, VC-info-length: %u", - tok2str(l2vpn_encaps_values, "Unknown", EXTRACT_16BITS(tptr)&0x7fff), + tok2str(mpls_pw_types_values, "Unknown", EXTRACT_16BITS(tptr)&0x7fff), EXTRACT_16BITS(tptr)&0x8000 ? "" : "no ", EXTRACT_32BITS(tptr+3), EXTRACT_32BITS(tptr+7), |