OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Michael Schloh
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 06-Apr-2004 17:39:44
Branch: OPENPKG_2_0_SOLID Handle: 2004040616394400
Modified files: (Branch: OPENPKG_2_0_SOLID)
openpkg-src/tcpdump tcpdump.patch tcpdump.spec
Log:
OpenPKG-SA-2004.010-tcpdump (CAN-2004-0183 und CAN-2004-0184): Add patch
code from a hand crafted 'diff tcpdump-3.8.1 tcpdump-3.8.2' to avoid denial
of service from reading ISAKMP packets with malformed delete payloads and
identification payloads
Summary:
Revision Changes Path
1.4.2.1 +692 -19 openpkg-src/tcpdump/tcpdump.patch
1.37.2.2 +1 -1 openpkg-src/tcpdump/tcpdump.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/tcpdump/tcpdump.patch
============================================================================
$ cvs diff -u -r1.4 -r1.4.2.1 tcpdump.patch
--- openpkg-src/tcpdump/tcpdump.patch 16 Jan 2004 12:37:39 -0000 1.4
+++ openpkg-src/tcpdump/tcpdump.patch 6 Apr 2004 15:39:44 -0000 1.4.2.1
@@ -1,17 +1,19 @@
- tcpdump patch patrix; [EMAIL PROTECTED]
+ tcpdump patch matrix; [EMAIL PROTECTED]
- tcpdump 371 371 372 381
- OpenPKG 120 121 130 20020822
- --- --- --- ---
- CAN-2002-0380 nfs y n n n see past OpenPKG-SA-2003.014-tcpdump
- CAN-2002-1350 bgp y n n n see past OpenPKG-SA-2003.014-tcpdump
- CAN-2003-0108 isakmp y n n n see past OpenPKG-SA-2003.014-tcpdump
- depth y y y n (*)
- CAN-2003-0989 isakmp y y y n updates CAN-2003-0108-isakmp
- CAN-2003-1029 l2tp y y n n
- CAN-2004-0055 radius y y y y
- CAN-2004-0057 isakmp y y y y
+ tcpdump 371 371 372 381 381
+ OpenPKG 120 121 130 200 20040207
+ --- --- --- --- --------
+ CAN-2002-0380 nfs y n n n n see past
OpenPKG-SA-2003.014-tcpdump
+ CAN-2002-1350 bgp y n n n n see past
OpenPKG-SA-2003.014-tcpdump
+ CAN-2003-0108 isakmp y n n n n see past
OpenPKG-SA-2003.014-tcpdump
+ depth y y y n n (*)
+ CAN-2003-0989 isakmp y y y n n updates CAN-2003-0108-isakmp
+ CAN-2003-1029 l2tp y y n n n see past
OpenPKG-SA-2004.002-tcpdump
+ CAN-2004-0055 radius y y y y y see past
OpenPKG-SA-2004.002-tcpdump
+ CAN-2004-0057 isakmp y y y y y see past
OpenPKG-SA-2004.002-tcpdump
+ CAN-2004-0183 isakmp y y y y y
+ CAN-2004-0184 isakmp y y y y y
(*) the vendor code fix for CAN-2003-0108 had two other unrelated code
changes piggybacked. We removed the cosmetics (constify) and
@@ -56,7 +58,70 @@
diff -u -d -u -d -r1.41 -r1.42
--- print-isakmp.c.CAN-2004-0057 20 Dec 2003 10:03:19 -0000 1.41
+++ print-isakmp.c 7 Jan 2004 08:00:51 -0000 1.42
-@@ -327,9 +327,13 @@
+@@ -60,31 +60,31 @@
+ #endif
+
+ static const u_char *isakmp_sa_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_p_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_t_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_ke_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_id_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_cert_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_cr_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_sig_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_hash_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_nonce_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_n_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_d_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_vid_print(const struct isakmp_gen *,
+- const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
++ u_int, const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_sub0_print(u_char, const struct isakmp_gen *,
+ const u_char *, u_int32_t, u_int32_t, u_int32_t, int);
+ static const u_char *isakmp_sub_print(u_char, const struct isakmp_gen *,
+@@ -112,8 +112,8 @@
+ };
+
+ /* isakmp->np */
+-static const u_char *(*npfunc[])(const struct isakmp_gen *, const u_char *,
+- u_int32_t, u_int32_t, u_int32_t, int) = {
++static const u_char *(*npfunc[])(const struct isakmp_gen *, u_int,
++ const u_char *, u_int32_t, u_int32_t, u_int32_t, int) = {
+ NULL,
+ isakmp_sa_print,
+ isakmp_p_print,
+@@ -321,15 +321,20 @@
+ return 0;
+ }
+
+-static void
++static int
+ rawprint(caddr_t loc, size_t len)
+ {
static u_char *p;
size_t i;
@@ -65,27 +130,635 @@
p = (u_char *)loc;
for (i = 0; i < len; i++)
printf("%02x", p[i] & 0xff);
++ return 1;
+trunc:
-+ return;
++ return 0;
}
struct attrmap {
-@@ -1111,6 +1115,8 @@
+@@ -410,8 +415,10 @@
+ }
+
+ static const u_char *
+-isakmp_sa_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
+- u_int32_t doi0 _U_, u_int32_t proto0, int depth)
++isakmp_sa_print(const struct isakmp_gen *ext,
++ u_int item_len _U_,
++ const u_char *ep, u_int32_t phase, u_int32_t doi0 _U_,
++ u_int32_t proto0, int depth)
+ {
+ const struct isakmp_pl_sa *p;
+ struct isakmp_pl_sa sa;
+@@ -423,6 +430,7 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_SA));
+
+ p = (struct isakmp_pl_sa *)ext;
++ TCHECK(*p);
+ safememcpy(&sa, ext, sizeof(sa));
+ doi = ntohl(sa.doi);
+ sit = ntohl(sa.sit);
+@@ -449,22 +457,28 @@
+
+ np = (u_char *)ext + sizeof(sa);
+ if (sit != 0x01) {
++ TCHECK2(*(ext + 1), sizeof(ident));
+ safememcpy(&ident, ext + 1, sizeof(ident));
+ printf(" ident=%u", (u_int32_t)ntohl(ident));
+ np += sizeof(ident);
+ }
+
+ ext = (struct isakmp_gen *)np;
++ TCHECK(*ext);
+
+ cp = isakmp_sub_print(ISAKMP_NPTYPE_P, ext, ep, phase, doi, proto0,
+ depth);
+
+ return cp;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_SA));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_p_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
+- u_int32_t doi0, u_int32_t proto0 _U_, int depth)
++isakmp_p_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep, u_int32_t phase, u_int32_t doi0,
++ u_int32_t proto0 _U_, int depth)
+ {
+ const struct isakmp_pl_p *p;
+ struct isakmp_pl_p prop;
+@@ -473,20 +487,26 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_P));
+
+ p = (struct isakmp_pl_p *)ext;
++ TCHECK(*p);
+ safememcpy(&prop, ext, sizeof(prop));
+ printf(" #%d protoid=%s transform=%d",
+ prop.p_no, PROTOIDSTR(prop.prot_id), prop.num_t);
+ if (prop.spi_size) {
+ printf(" spi=");
+- rawprint((caddr_t)(p + 1), prop.spi_size);
++ if (!rawprint((caddr_t)(p + 1), prop.spi_size))
++ goto trunc;
+ }
+
+ ext = (struct isakmp_gen *)((u_char *)(p + 1) + prop.spi_size);
++ TCHECK(*ext);
+
+ cp = isakmp_sub_print(ISAKMP_NPTYPE_T, ext, ep, phase, doi0,
+ prop.prot_id, depth);
+
+ return cp;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_P));
++ return NULL;
+ }
+
+ static const char *isakmp_p_map[] = {
+@@ -546,9 +566,9 @@
+ };
+
+ static const u_char *
+-isakmp_t_print(const struct isakmp_gen *ext, const u_char *ep,
+- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto,
+- int depth _U_)
++isakmp_t_print(const struct isakmp_gen *ext, u_int item_len,
++ const u_char *ep, u_int32_t phase _U_, u_int32_t doi _U_,
++ u_int32_t proto, int depth _U_)
+ {
+ const struct isakmp_pl_t *p;
+ struct isakmp_pl_t t;
+@@ -561,6 +581,7 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_T));
+
+ p = (struct isakmp_pl_t *)ext;
++ TCHECK(*p);
+ safememcpy(&t, ext, sizeof(t));
+
+ switch (proto) {
+@@ -596,7 +617,7 @@
+ else
+ printf(" #%d id=%d ", t.t_no, t.t_id);
+ cp = (u_char *)(p + 1);
+- ep2 = (u_char *)p + ntohs(t.h.len);
++ ep2 = (u_char *)p + item_len;
+ while (cp < ep && cp < ep2) {
+ if (map && nmap) {
+ cp = isakmp_attrmap_print(cp, (ep < ep2) ? ep : ep2,
+@@ -607,30 +628,38 @@
+ if (ep < ep2)
+ printf("...");
+ return cp;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_T));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_ke_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
+- int depth _U_)
++isakmp_ke_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep _U_, u_int32_t phase _U_, u_int32_t doi _U_,
++ u_int32_t proto _U_, int depth _U_)
+ {
+ struct isakmp_gen e;
+
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_KE));
+
++ TCHECK(*ext);
+ safememcpy(&e, ext, sizeof(e));
+ printf(" key len=%d", ntohs(e.len) - 4);
+ if (2 < vflag && 4 < ntohs(e.len)) {
+ printf(" ");
+- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4);
++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4))
++ goto trunc;
+ }
+ return (u_char *)ext + ntohs(e.len);
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_KE));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_id_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase, u_int32_t doi _U_, u_int32_t proto _U_,
+- int depth _U_)
++isakmp_id_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep _U_, u_int32_t phase, u_int32_t doi _U_,
++ u_int32_t proto _U_, int depth _U_)
+ {
+ #define USE_IPSECDOI_IN_PHASE1 1
+ const struct isakmp_pl_id *p;
+@@ -649,12 +678,15 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_ID));
+
+ p = (struct isakmp_pl_id *)ext;
++ TCHECK(*p);
+ safememcpy(&id, ext, sizeof(id));
+- if (sizeof(*p) < id.h.len)
++ if (sizeof(*p) < item_len) {
+ data = (u_char *)(p + 1);
+- else
++ len = item_len - sizeof(*p);
++ } else {
+ data = NULL;
+- len = ntohs(id.h.len) - sizeof(*p);
++ len = 0;
++ }
+
+ #if 0 /*debug*/
+ printf(" [phase=%d doi=%d proto=%d]", phase, doi, proto);
+@@ -679,6 +711,7 @@
+ struct protoent *pe;
+
+ p = (struct ipsecdoi_id *)ext;
++ TCHECK(*p);
+ safememcpy(&id, ext, sizeof(id));
+ printf(" idtype=%s", STR_OR_ID(id.type, ipsecidtypestr));
+ if (id.proto_id) {
+@@ -698,9 +731,15 @@
+ printf(" port=%d", ntohs(id.port));
+ if (!len)
+ break;
++ if (data == NULL)
++ goto trunc;
++ TCHECK2(*data, len);
+ switch (id.type) {
+ case IPSECDOI_ID_IPV4_ADDR:
+- printf(" len=%d %s", len, ipaddr_string(data));
++ if (len < 4)
++ printf(" len=%d [bad: < 4]", len);
++ else
++ printf(" len=%d %s", len, ipaddr_string(data));
+ len = 0;
+ break;
+ case IPSECDOI_ID_FQDN:
+@@ -716,39 +755,60 @@
+ case IPSECDOI_ID_IPV4_ADDR_SUBNET:
+ {
+ const u_char *mask;
+- mask = data + sizeof(struct in_addr);
+- printf(" len=%d %s/%u.%u.%u.%u", len,
+- ipaddr_string(data),
+- mask[0], mask[1], mask[2], mask[3]);
++ if (len < 8)
++ printf(" len=%d [bad: < 8]", len);
++ else {
++ mask = data + sizeof(struct in_addr);
++ printf(" len=%d %s/%u.%u.%u.%u", len,
++ ipaddr_string(data),
++ mask[0], mask[1], mask[2], mask[3]);
++ }
+ len = 0;
+ break;
+ }
+ #ifdef INET6
+ case IPSECDOI_ID_IPV6_ADDR:
+- printf(" len=%d %s", len, ip6addr_string(data));
++ if (len < 16)
++ printf(" len=%d [bad: < 16]", len);
++ else
++ printf(" len=%d %s", len, ip6addr_string(data));
+ len = 0;
+ break;
+ case IPSECDOI_ID_IPV6_ADDR_SUBNET:
+ {
+ const u_int32_t *mask;
+- mask = (u_int32_t *)(data + sizeof(struct in6_addr));
+- /*XXX*/
+- printf(" len=%d %s/0x%08x%08x%08x%08x", len,
+- ip6addr_string(data),
+- mask[0], mask[1], mask[2], mask[3]);
++ if (len < 20)
++ printf(" len=%d [bad: < 20]", len);
++ else {
++ mask = (u_int32_t *)(data + sizeof(struct in6_addr));
++ /*XXX*/
++ printf(" len=%d %s/0x%08x%08x%08x%08x", len,
++ ip6addr_string(data),
++ mask[0], mask[1], mask[2], mask[3]);
++ }
+ len = 0;
+ break;
+ }
+ #endif /*INET6*/
+ case IPSECDOI_ID_IPV4_ADDR_RANGE:
+- printf(" len=%d %s-%s", len, ipaddr_string(data),
+- ipaddr_string(data + sizeof(struct in_addr)));
++ if (len < 8)
++ printf(" len=%d [bad: < 8]", len);
++ else {
++ printf(" len=%d %s-%s", len,
++ ipaddr_string(data),
++ ipaddr_string(data + sizeof(struct in_addr)));
++ }
+ len = 0;
+ break;
+ #ifdef INET6
+ case IPSECDOI_ID_IPV6_ADDR_RANGE:
+- printf(" len=%d %s-%s", len, ip6addr_string(data),
+- ip6addr_string(data + sizeof(struct in6_addr)));
++ if (len < 32)
++ printf(" len=%d [bad: < 32]", len);
++ else {
++ printf(" len=%d %s-%s", len,
++ ip6addr_string(data),
++ ip6addr_string(data + sizeof(struct
in6_addr)));
++ }
+ len = 0;
+ break;
+ #endif /*INET6*/
+@@ -764,16 +824,21 @@
+ printf(" len=%d", len);
+ if (2 < vflag) {
+ printf(" ");
+- rawprint((caddr_t)data, len);
++ if (!rawprint((caddr_t)data, len))
++ goto trunc;
+ }
+ }
+- return (u_char *)ext + ntohs(id.h.len);
++ return (u_char *)ext + item_len;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_ID));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_cert_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
+- int depth _U_)
++isakmp_cert_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep _U_, u_int32_t phase _U_,
++ u_int32_t doi0 _U_,
++ u_int32_t proto0 _U_, int depth _U_)
+ {
+ const struct isakmp_pl_cert *p;
+ struct isakmp_pl_cert cert;
+@@ -786,20 +851,25 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_CERT));
+
+ p = (struct isakmp_pl_cert *)ext;
++ TCHECK(*p);
+ safememcpy(&cert, ext, sizeof(cert));
+- printf(" len=%d", ntohs(cert.h.len) - 4);
++ printf(" len=%d", item_len - 4);
+ printf(" type=%s", STR_OR_ID((cert.encode), certstr));
+- if (2 < vflag && 4 < ntohs(cert.h.len)) {
++ if (2 < vflag && 4 < item_len) {
+ printf(" ");
+- rawprint((caddr_t)(ext + 1), ntohs(cert.h.len) - 4);
++ if (!rawprint((caddr_t)(ext + 1), item_len - 4))
++ goto trunc;
+ }
+- return (u_char *)ext + ntohs(cert.h.len);
++ return (u_char *)ext + item_len;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_CERT));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_cr_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
+- int depth _U_)
++isakmp_cr_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep _U_, u_int32_t phase _U_, u_int32_t doi0 _U_,
++ u_int32_t proto0 _U_, int depth _U_)
+ {
+ const struct isakmp_pl_cert *p;
+ struct isakmp_pl_cert cert;
+@@ -812,73 +882,96 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_CR));
+
+ p = (struct isakmp_pl_cert *)ext;
++ TCHECK(*p);
+ safememcpy(&cert, ext, sizeof(cert));
+- printf(" len=%d", ntohs(cert.h.len) - 4);
++ printf(" len=%d", item_len - 4);
+ printf(" type=%s", STR_OR_ID((cert.encode), certstr));
+- if (2 < vflag && 4 < ntohs(cert.h.len)) {
++ if (2 < vflag && 4 < item_len) {
+ printf(" ");
+- rawprint((caddr_t)(ext + 1), ntohs(cert.h.len) - 4);
++ if (!rawprint((caddr_t)(ext + 1), item_len - 4))
++ goto trunc;
+ }
+- return (u_char *)ext + ntohs(cert.h.len);
++ return (u_char *)ext + item_len;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_CR));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_hash_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
+- int depth _U_)
++isakmp_hash_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep _U_, u_int32_t phase _U_, u_int32_t doi _U_,
++ u_int32_t proto _U_, int depth _U_)
+ {
+ struct isakmp_gen e;
+
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_HASH));
+
++ TCHECK(*ext);
+ safememcpy(&e, ext, sizeof(e));
+ printf(" len=%d", ntohs(e.len) - 4);
+ if (2 < vflag && 4 < ntohs(e.len)) {
+ printf(" ");
+- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4);
++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4))
++ goto trunc;
+ }
+ return (u_char *)ext + ntohs(e.len);
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_HASH));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_sig_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
+- int depth _U_)
++isakmp_sig_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep _U_, u_int32_t phase _U_, u_int32_t doi _U_,
++ u_int32_t proto _U_, int depth _U_)
+ {
+ struct isakmp_gen e;
+
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_SIG));
+
++ TCHECK(*ext);
+ safememcpy(&e, ext, sizeof(e));
+ printf(" len=%d", ntohs(e.len) - 4);
+ if (2 < vflag && 4 < ntohs(e.len)) {
+ printf(" ");
+- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4);
++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4))
++ goto trunc;
+ }
+ return (u_char *)ext + ntohs(e.len);
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_SIG));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_nonce_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
+- int depth _U_)
++isakmp_nonce_print(const struct isakmp_gen *ext,
++ u_int item_len _U_,
++ const u_char *ep _U_,
++ u_int32_t phase _U_, u_int32_t doi _U_,
++ u_int32_t proto _U_, int depth _U_)
+ {
+ struct isakmp_gen e;
+
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_NONCE));
+
++ TCHECK(*ext);
+ safememcpy(&e, ext, sizeof(e));
+ printf(" n len=%d", ntohs(e.len) - 4);
+ if (2 < vflag && 4 < ntohs(e.len)) {
+ printf(" ");
+- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4);
++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4))
++ goto trunc;
+ }
+ return (u_char *)ext + ntohs(e.len);
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_NONCE));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_n_print(const struct isakmp_gen *ext, const u_char *ep, u_int32_t phase,
+- u_int32_t doi0 _U_, u_int32_t proto0 _U_, int depth)
++isakmp_n_print(const struct isakmp_gen *ext, u_int item_len,
++ const u_char *ep, u_int32_t phase, u_int32_t doi0 _U_,
++ u_int32_t proto0 _U_, int depth)
+ {
+ struct isakmp_pl_n *p, n;
+ const u_char *cp;
+@@ -934,6 +1027,7 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_N));
+
+ p = (struct isakmp_pl_n *)ext;
++ TCHECK(*p);
+ safememcpy(&n, ext, sizeof(n));
+ doi = ntohl(n.doi);
+ proto = n.prot_id;
+@@ -950,7 +1044,8 @@
+ printf(" type=%s", numstr(ntohs(n.type)));
+ if (n.spi_size) {
+ printf(" spi=");
+- rawprint((caddr_t)(p + 1), n.spi_size);
++ if (!rawprint((caddr_t)(p + 1), n.spi_size))
++ goto trunc;
+ }
+ return (u_char *)(p + 1) + n.spi_size;
+ }
+@@ -969,11 +1064,12 @@
+ printf(" type=%s", numstr(ntohs(n.type)));
+ if (n.spi_size) {
+ printf(" spi=");
+- rawprint((caddr_t)(p + 1), n.spi_size);
++ if (!rawprint((caddr_t)(p + 1), n.spi_size))
++ goto trunc;
+ }
+
+ cp = (u_char *)(p + 1) + n.spi_size;
+- ep2 = (u_char *)p + ntohs(n.h.len);
++ ep2 = (u_char *)p + item_len;
+
+ if (cp < ep) {
+ printf(" orig=(");
+@@ -1000,19 +1096,21 @@
+ break;
+ default:
+ /* NULL is dummy */
+- isakmp_print(cp,
+- ntohs(n.h.len) - sizeof(*p) - n.spi_size,
++ isakmp_print(cp, item_len - sizeof(*p) - n.spi_size,
+ NULL);
+ }
+ printf(")");
+ }
+- return (u_char *)ext + ntohs(n.h.len);
++ return (u_char *)ext + item_len;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_N));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_d_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi0 _U_, u_int32_t proto0 _U_,
+- int depth _U_)
++isakmp_d_print(const struct isakmp_gen *ext, u_int item_len _U_,
++ const u_char *ep _U_, u_int32_t phase _U_, u_int32_t doi0 _U_,
++ u_int32_t proto0 _U_, int depth _U_)
+ {
+ const struct isakmp_pl_d *p;
+ struct isakmp_pl_d d;
+@@ -1024,6 +1122,7 @@
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_D));
+
+ p = (struct isakmp_pl_d *)ext;
++ TCHECK(*p);
+ safememcpy(&d, ext, sizeof(d));
+ doi = ntohl(d.doi);
+ proto = d.prot_id;
+@@ -1041,28 +1140,38 @@
+ for (i = 0; i < ntohs(d.num_spi); i++) {
+ if (i != 0)
+ printf(",");
+- rawprint((caddr_t)q, d.spi_size);
++ if (!rawprint((caddr_t)q, d.spi_size))
++ goto trunc;
+ q += d.spi_size;
+ }
+ return q;
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_D));
++ return NULL;
+ }
+
+ static const u_char *
+-isakmp_vid_print(const struct isakmp_gen *ext, const u_char *ep _U_,
+- u_int32_t phase _U_, u_int32_t doi _U_, u_int32_t proto _U_,
+- int depth _U_)
++isakmp_vid_print(const struct isakmp_gen *ext,
++ u_int item_len _U_, const u_char *ep _U_,
++ u_int32_t phase _U_, u_int32_t doi _U_,
++ u_int32_t proto _U_, int depth _U_)
+ {
+ struct isakmp_gen e;
+
+ printf("%s:", NPSTR(ISAKMP_NPTYPE_VID));
+
++ TCHECK(*ext);
+ safememcpy(&e, ext, sizeof(e));
+ printf(" len=%d", ntohs(e.len) - 4);
+ if (2 < vflag && 4 < ntohs(e.len)) {
+ printf(" ");
+- rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4);
++ if (!rawprint((caddr_t)(ext + 1), ntohs(e.len) - 4))
++ goto trunc;
+ }
+ return (u_char *)ext + ntohs(e.len);
++trunc:
++ printf(" [|%s]", NPSTR(ISAKMP_NPTYPE_VID));
++ return NULL;
+ }
+
+ static const u_char *
+@@ -1074,6 +1183,7 @@
+ u_int item_len;
+
+ cp = (u_char *)ext;
++ TCHECK(*ext);
+ safememcpy(&e, ext, sizeof(e));
+
+ /*
+@@ -1091,13 +1201,16 @@
+ * XXX - what if item_len is too short, or too long,
+ * for this payload type?
+ */
+- cp = (*NPFUNC(np))(ext, ep, phase, doi, proto, depth);
++ cp = (*NPFUNC(np))(ext, item_len, ep, phase, doi, proto, depth);
+ } else {
+ printf("%s", NPSTR(np));
+ cp += item_len;
+ }
+
+ return cp;
++trunc:
++ printf(" [|isakmp]");
++ return NULL;
+ }
+
+ static const u_char *
+@@ -1111,13 +1224,12 @@
cp = (const u_char *)ext;
while (np) {
-+ TCHECK2(*ext, sizeof(e));
++ TCHECK(*ext);
+
safememcpy(&e, ext, sizeof(e));
- if (ep < (u_char *)ext + ntohs(e.len)) {
-@@ -1136,6 +1142,8 @@
+- if (ep < (u_char *)ext + ntohs(e.len)) {
+- printf(" [|%s]", NPSTR(np));
+- cp = ep + 1;
+- break;
+- }
++ TCHECK2(*ext, ntohs(e.len));
++
+ depth++;
+ printf("\n");
+ for (i = 0; i < depth; i++)
+@@ -1136,6 +1248,9 @@
ext = (struct isakmp_gen *)cp;
}
return cp;
+trunc:
++ printf(" [|%s]", NPSTR(np));
+ return NULL;
}
static char *
-
+@@ -1263,7 +1378,7 @@
+ done:
+ if (vflag) {
+ if (ntohl(base.len) != length) {
+- printf(" (len mismatch: isakmp %u/ip %d)",
++ printf(" (len mismatch: isakmp %u/ip %u)",
+ (u_int32_t)ntohl(base.len), length);
+ }
+ }
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/tcpdump/tcpdump.spec
============================================================================
$ cvs diff -u -r1.37.2.1 -r1.37.2.2 tcpdump.spec
--- openpkg-src/tcpdump/tcpdump.spec 18 Feb 2004 14:51:59 -0000 1.37.2.1
+++ openpkg-src/tcpdump/tcpdump.spec 6 Apr 2004 15:39:44 -0000 1.37.2.2
@@ -34,7 +34,7 @@
Group: Network
License: GPL
Version: 3.8.1
-Release: 2.0.0
+Release: 2.0.1
# list of sources
Source0: http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
