Don't directly fetch multi-byte integers from packets.

Use the EXTRACT_ macros to extract multi-byte integral values from
packets, rather than just dereferencing pointers into the packet; there
is no guarantee that the packet data will be aligned on the right
boundary, and there is no guarantee that, if they're not, a direct
access will work correctly.

print-ap1394.c

@@ -33,6 +33,7 @@ static const char rcsid[] _U_ =
 #include <pcap.h>
 
 #include "interface.h"
+#include "extract.h"
 #include "addrtoname.h"
 #include "ethertype.h"
 
@@ -57,18 +58,21 @@ static inline void
 ap1394_hdr_print(register const u_char *bp, u_int length)
 {
 	register const struct firewire_header *fp;
+	u_int16_t firewire_type;
+
 	fp = (const struct firewire_header *)bp;
 
 	(void)printf("%s > %s",
 		     linkaddr_string(fp->firewire_dhost, LINKADDR_IEEE1394, FIREWIRE_EUI64_LEN),
 		     linkaddr_string(fp->firewire_shost, LINKADDR_IEEE1394, FIREWIRE_EUI64_LEN));
 
+	firewire_type = EXTRACT_16BITS(&fp->firewire_type);
 	if (!qflag) {
 		(void)printf(", ethertype %s (0x%04x)",
-			       tok2str(ethertype_values,"Unknown", ntohs(fp->firewire_type)),
-                               ntohs(fp->firewire_type));	      
+			       tok2str(ethertype_values,"Unknown", firewire_type),
+                               firewire_type);
         } else {
-                (void)printf(", %s", tok2str(ethertype_values,"Unknown Ethertype (0x%04x)", ntohs(fp->firewire_type)));  
+                (void)printf(", %s", tok2str(ethertype_values,"Unknown Ethertype (0x%04x)", firewire_type));
         }
 
 	(void)printf(", length %u: ", length);
@@ -102,7 +106,7 @@ ap1394_if_print(const struct pcap_pkthdr *h, const u_char *p)
 	fp = (struct firewire_header *)p;
 	p += FIREWIRE_HDRLEN;
 
-	ether_type = ntohs(fp->firewire_type);
+	ether_type = EXTRACT_16BITS(&fp->firewire_type);
 
 	extracted_ether_type = 0;
 	if (ether_encap_print(ether_type, p, length, caplen,

print-arcnet.c

@@ -35,6 +35,7 @@ static const char rcsid[] _U_ =
 #include <pcap.h>
 
 #include "interface.h"
+#include "extract.h"
 #include "arcnet.h"
 
 static int arcnet_encap_print(u_char arctype, const u_char *p,
@@ -151,11 +152,11 @@ arcnet_if_print(const struct pcap_pkthdr *h, const u_char *p)
 				return (caplen);
 			}
 			flag = ap->arc_flag2;
-			seqid = ntohs(ap->arc_seqid2);
+			seqid = EXTRACT_16BITS(&ap->arc_seqid2);
 			archdrlen = ARC_HDRNEWLEN_EXC;
 		} else {
 			flag = ap->arc_flag;
-			seqid = ntohs(ap->arc_seqid);
+			seqid = EXTRACT_16BITS(&ap->arc_seqid);
 			archdrlen = ARC_HDRNEWLEN;
 		}
 	}

print-bt.c

@@ -33,6 +33,7 @@ static const char rcsid[] _U_ =
 #include <string.h>
 
 #include "interface.h"
+#include "extract.h"
 #include "addrtoname.h"
 
 #if defined(DLT_BLUETOOTH_HCI_H4_WITH_PHDR) && defined(HAVE_PCAP_BLUETOOTH_H)
@@ -60,7 +61,7 @@ bt_if_print(const struct pcap_pkthdr *h, const u_char *p)
 	length -= BT_HDRLEN;
 	p += BT_HDRLEN;
 	if (eflag)
-		(void)printf("hci length %d, direction %s, ", length, (ntohl(hdr->direction)&0x1)?"in":"out");
+		(void)printf("hci length %d, direction %s, ", length, (EXTRACT_32BITS(&hdr->direction)&0x1)?"in":"out");
 
 	if (!suppress_default_print)
 		default_print(p, caplen);

print-dccp.c

@@ -394,9 +394,6 @@ void dccp_print(const u_char *bp, const u_char *data2, u_int len)
 static int dccp_print_option(const u_char *option)
 {	
 	u_int8_t optlen, i;
-	u_int32_t *ts;
-	u_int16_t *var16;
-	u_int32_t *var32;
 
 	TCHECK(*option);
 
@@ -470,22 +467,17 @@ static int dccp_print_option(const u_char *option)
 		for (i = 0; i < optlen -2; i ++) printf("%02x", *(option +2 + i));	
 		break;
 	case 41:
-		ts = (u_int32_t *)(option + 2);
-		printf("timestamp %u", (u_int32_t)ntohl(*ts));
+		printf("timestamp %u", EXTRACT_32BITS(option + 2));
 		break;
 	case 42:
-		ts = (u_int32_t *)(option + 2);
-		printf("timestamp_echo %u", (u_int32_t)ntohl(*ts));
+		printf("timestamp_echo %u", EXTRACT_32BITS(option + 2));
 		break;
 	case 43:
 		printf("elapsed_time ");
-		if (optlen == 6){
-			ts = (u_int32_t *)(option + 2);
-			printf("%u", (u_int32_t)ntohl(*ts));
-		} else {
-			var16 = (u_int16_t *)(option + 2);
-			printf("%u", ntohs(*var16));
-		}	
+		if (optlen == 6)
+			printf("%u", EXTRACT_32BITS(option + 2));
+		else
+			printf("%u", EXTRACT_16BITS(option + 2));
 		break;
 	case 44:
 		printf("data_checksum ");
@@ -496,12 +488,10 @@ static int dccp_print_option(const u_char *option)
 			printf("CCID option %d",*option);
 			switch (optlen) {
 				case 4:
-					var16 = (u_int16_t *)(option + 2);
-					printf(" %u",ntohs(*var16));
+					printf(" %u", EXTRACT_16BITS(option + 2));
 					break;
 				case 6:
-					var32 = (u_int32_t *)(option + 2);
-					printf(" %u",(u_int32_t)ntohl(*var32));
+					printf(" %u", EXTRACT_32BITS(option + 2));
 					break;
 				default:
 					break;

print-enc.c

@@ -35,6 +35,7 @@ static const char rcsid[] _U_ =
 #include <pcap.h>
 
 #include "interface.h"
+#include "extract.h"
 #include "addrtoname.h"
 
 #include "enc.h"
@@ -67,7 +68,7 @@ enc_if_print(const struct pcap_pkthdr *h, register const u_char *p)
 	ENC_PRINT_TYPE(flags, M_AUTH, "authentic");
 	ENC_PRINT_TYPE(flags, M_CONF, "confidential");
 	/* ENC_PRINT_TYPE(flags, M_TUNNEL, "tunnel"); */
-	printf("SPI 0x%08x: ", (u_int32_t)ntohl(hdr->spi));
+	printf("SPI 0x%08x: ", EXTRACT_32BITS(&hdr->spi));
 
 	length -= ENC_HDRLEN;
 	caplen -= ENC_HDRLEN;

print-esp.c

@@ -600,7 +600,7 @@ esp_print(netdissect_options *ndo,
 		/* see if we can find the SA, and if so, decode it */
 		for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) {
 			struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&sa->daddr;
-			if (sa->spi == ntohl(esp->esp_spi) &&
+			if (sa->spi == EXTRACT_32BITS(&esp->esp_spi) &&
 			    sin6->sin6_family == AF_INET6 &&
 			    memcmp(&sin6->sin6_addr, &ip6->ip6_dst,
 				   sizeof(struct in6_addr)) == 0) {
@@ -618,7 +618,7 @@ esp_print(netdissect_options *ndo,
 		/* see if we can find the SA, and if so, decode it */
 		for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) {
 			struct sockaddr_in *sin = (struct sockaddr_in *)&sa->daddr;
-			if (sa->spi == ntohl(esp->esp_spi) &&
+			if (sa->spi == EXTRACT_32BITS(&esp->esp_spi) &&
 			    sin->sin_family == AF_INET &&
 			    sin->sin_addr.s_addr == ip->ip_dst.s_addr) {
 				break;

print-ether.c

@@ -33,6 +33,7 @@ static const char rcsid[] _U_ =
 #include <pcap.h>
 
 #include "interface.h"
+#include "extract.h"
 #include "addrtoname.h"
 #include "ethertype.h"
 
@@ -86,24 +87,27 @@ static inline void
 ether_hdr_print(register const u_char *bp, u_int length)
 {
 	register const struct ether_header *ep;
+	u_int16_t ether_type;
+
 	ep = (const struct ether_header *)bp;
 
 	(void)printf("%s > %s",
 		     etheraddr_string(ESRC(ep)),
 		     etheraddr_string(EDST(ep)));
 
+	ether_type = EXTRACT_16BITS(&ep->ether_type);
 	if (!qflag) {
-	        if (ntohs(ep->ether_type) <= ETHERMTU)
+	        if (ether_type <= ETHERMTU)
 		          (void)printf(", 802.3");
                 else 
 		          (void)printf(", ethertype %s (0x%04x)",
-				       tok2str(ethertype_values,"Unknown", ntohs(ep->ether_type)),
-                                       ntohs(ep->ether_type));	      
+				       tok2str(ethertype_values,"Unknown", ether_type),
+                                       ether_type);
         } else {
-                if (ntohs(ep->ether_type) <= ETHERMTU)
+                if (ether_type <= ETHERMTU)
                           (void)printf(", 802.3");
                 else 
-                          (void)printf(", %s", tok2str(ethertype_values,"Unknown Ethertype (0x%04x)", ntohs(ep->ether_type)));  
+                          (void)printf(", %s", tok2str(ethertype_values,"Unknown Ethertype (0x%04x)", ether_type));
         }
 
 	(void)printf(", length %u: ", length);
@@ -129,7 +133,7 @@ ether_print(const u_char *p, u_int length, u_int caplen)
 	ep = (struct ether_header *)p;
 	p += ETHER_HDRLEN;
 
-	ether_type = ntohs(ep->ether_type);
+	ether_type = EXTRACT_16BITS(&ep->ether_type);
 
 	/*
 	 * Is it (gag) an 802.3 encapsulation?
@@ -226,13 +230,16 @@ ether_encap_print(u_short ether_type, const u_char *p,
 		return (1);
 
 	case ETHERTYPE_8021Q:
-	        if (eflag)
-		    printf("vlan %u, p %u%s, ",
-			   ntohs(*(u_int16_t *)p) & 0xfff,
-			   ntohs(*(u_int16_t *)p) >> 13,
-			   (ntohs(*(u_int16_t *)p) & 0x1000) ? ", CFI" : "");
+	        if (eflag) {
+	        	u_int16_t tag = EXTRACT_16BITS(p);
+
+			printf("vlan %u, p %u%s, ",
+			    tag & 0xfff,
+			    tag >> 13,
+			    (tag & 0x1000) ? ", CFI" : "");
+		}
 
-		ether_type = ntohs(*(u_int16_t *)(p + 2));
+		ether_type = EXTRACT_16BITS(p + 2);
 		p += 4;
 		length -= 4;
 		caplen -= 4;
@@ -259,7 +266,7 @@ ether_encap_print(u_short ether_type, const u_char *p,
 		return (1);
 
         case ETHERTYPE_JUMBO:
-                ether_type = ntohs(*(u_int16_t *)(p));
+                ether_type = EXTRACT_16BITS(p);
                 p += 2;
                 length -= 2;      
                 caplen -= 2;

print-icmp6.c

@@ -853,7 +853,7 @@ mldv2_report_print(const u_char *bp, u_int len)
     }
 
     TCHECK(icp->icmp6_data16[1]);
-    ngroups = ntohs(icp->icmp6_data16[1]);
+    ngroups = EXTRACT_16BITS(&icp->icmp6_data16[1]);
     printf(", %d group record(s)", ngroups);
     if (vflag > 0) {
 	/* Print the group records */
@@ -912,7 +912,7 @@ mldv2_query_print(const u_char *bp, u_int len)
 	return;
     }
     TCHECK(icp->icmp6_data16[0]);
-    mrc = ntohs(icp->icmp6_data16[0]);
+    mrc = EXTRACT_16BITS(&icp->icmp6_data16[0]);
     if (mrc < 32768) {
 	mrt = mrc;
     } else {
@@ -941,7 +941,7 @@ mldv2_query_print(const u_char *bp, u_int len)
     }
 
     TCHECK2(bp[26], 2);
-    nsrcs = ntohs(*(u_short *)&bp[26]);
+    nsrcs = EXTRACT_16BITS(&bp[26]);
     if (nsrcs > 0) {
 	if (len < 28 + nsrcs * sizeof(struct in6_addr))
 	    printf(" [invalid number of sources]");

print-ospf.c

@@ -982,7 +982,7 @@ ospf_decode_v2(register const struct ospfhdr *op,
                        bittok2str(ospf_dd_flag_values,"none",op->ospf_db.db_flags));
                 TCHECK(op->ospf_db.db_ifmtu);
                 if (op->ospf_db.db_ifmtu) {
-                        printf(", MTU: %u", ntohs(op->ospf_db.db_ifmtu));
+                        printf(", MTU: %u", EXTRACT_16BITS(&op->ospf_db.db_ifmtu));
                 }
                 TCHECK(op->ospf_db.db_seq);
                 printf(", Sequence: 0x%08x", EXTRACT_32BITS(&op->ospf_db.db_seq));

print-pflog.c

@@ -94,8 +94,8 @@ pflog_print(const struct pfloghdr *hdr)
 {
 	u_int32_t rulenr, subrulenr;
 
-	rulenr = ntohl(hdr->rulenr);
-	subrulenr = ntohl(hdr->subrulenr);
+	rulenr = EXTRACT_32BITS(&hdr->rulenr);
+	subrulenr = EXTRACT_32BITS(&hdr->subrulenr);
 	if (subrulenr == (u_int32_t)-1)
 		printf("rule %u/", rulenr);
 	else

print-ppp.c

@@ -1629,7 +1629,7 @@ ppp_bsdos_if_print(const struct pcap_pkthdr *h _U_, register const u_char *p _U_
 		hdrlength += 1;
 	} else {
 		/* Un-compressed protocol field */
-		ptype = ntohs(*(u_int16_t *)p);
+		ptype = EXTRACT_16BITS(p);
 		if (eflag)
 			printf("%04x ", ptype);
 		p += 2;
@@ -1649,7 +1649,7 @@ ppp_bsdos_if_print(const struct pcap_pkthdr *h _U_, register const u_char *p _U_
 		 && ph->phdr_ctl == PPP_CONTROL) {
 			if (eflag)
 				printf("%02x %02x ", q[0], q[1]);
-			ptype = ntohs(ph->phdr_type);
+			ptype = EXTRACT_16BITS(&ph->phdr_type);
 			if (eflag && (ptype == PPP_VJC || ptype == PPP_VJNC)) {
 				printf("%s ", tok2str(ppptype2str,
 						"proto-#%d", ptype));

print-sll.c

@@ -142,7 +142,7 @@ sll_if_print(const struct pcap_pkthdr *h, const u_char *p)
 	caplen -= SLL_HDR_LEN;
 	p += SLL_HDR_LEN;
 
-	ether_type = ntohs(sllp->sll_protocol);
+	ether_type = EXTRACT_16BITS(&sllp->sll_protocol);
 
 	/*
 	 * Is it (gag) an 802.3 encapsulation, or some non-Ethernet

print-symantec.c

@@ -33,6 +33,7 @@ static const char rcsid[] _U_ =
 #include <pcap.h>
 
 #include "interface.h"
+#include "extract.h"
 #include "addrtoname.h"
 #include "ethertype.h"
 
@@ -52,7 +53,7 @@ symantec_hdr_print(register const u_char *bp, u_int length)
 
 	sp = (const struct symantec_header *)bp;
 
-	etype = ntohs(sp->ether_type);
+	etype = EXTRACT_16BITS(&sp->ether_type);
 	if (!qflag) {
 	        if (etype <= ETHERMTU)
 		          (void)printf("invalid ethertype %u", etype);
@@ -98,7 +99,7 @@ symantec_if_print(const struct pcap_pkthdr *h, const u_char *p)
 	sp = (struct symantec_header *)p;
 	p += sizeof (struct symantec_header);
 
-	ether_type = ntohs(sp->ether_type);
+	ether_type = EXTRACT_16BITS(&sp->ether_type);
 
 	if (ether_type <= ETHERMTU) {
 		/* ether_type not known, print raw packet */

print-tcp.c

@@ -759,7 +759,7 @@ tcp_verify_signature(const struct ip *ip, const struct tcphdr *tp,
                 ip6 = (struct ip6_hdr *)ip;
                 MD5_Update(&ctx, (char *)&ip6->ip6_src, sizeof(ip6->ip6_src));
                 MD5_Update(&ctx, (char *)&ip6->ip6_dst, sizeof(ip6->ip6_dst));
-                len32 = htonl(ntohs(ip6->ip6_plen));
+                len32 = htonl(EXTRACT_16BITS(&ip6->ip6_plen));
                 MD5_Update(&ctx, (char *)&len32, sizeof(len32));
                 nxt = 0;
                 MD5_Update(&ctx, (char *)&nxt, sizeof(nxt));

print-token.c

@@ -39,6 +39,7 @@ static const char rcsid[] _U_ =
 #include <string.h>
 
 #include "interface.h"
+#include "extract.h"
 #include "addrtoname.h"
 #include "ethertype.h"
 
@@ -135,10 +136,10 @@ token_print(const u_char *p, u_int length, u_int caplen)
 				printf(" [%d:%d]", RING_NUMBER(trp, seg),
 				    BRIDGE_NUMBER(trp, seg));
 		} else {
-			printf("rt = %x", ntohs(trp->token_rcf));
+			printf("rt = %x", EXTRACT_16BITS(&trp->token_rcf));
 
 			for (seg = 0; seg < SEGMENT_COUNT(trp); seg++)
-				printf(":%x", ntohs(trp->token_rseg[seg]));
+				printf(":%x", EXTRACT_16BITS(&trp->token_rseg[seg]));
 		}
 		printf(" (%s) ", largest_frame[LARGEST_FRAME(trp)]);
 	} else {