diff --git a/print-juniper.c b/print-juniper.c index 9a258d9ae..e8879ea7b 100644 --- a/print-juniper.c +++ b/print-juniper.c @@ -472,6 +472,7 @@ juniper_ggsn_print(netdissect_options *ndo, p+=l2info.header_len; gh = (struct juniper_ggsn_header *)&l2info.cookie; + ND_TCHECK(*gh); if (ndo->ndo_eflag) { ND_PRINT((ndo, "proto %s (%u), vlan %u: ", tok2str(juniper_protocol_values,"Unknown",gh->proto), @@ -492,6 +493,10 @@ juniper_ggsn_print(netdissect_options *ndo, } return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif @@ -519,6 +524,7 @@ juniper_es_print(netdissect_options *ndo, p+=l2info.header_len; ih = (const struct juniper_ipsec_header *)p; + ND_TCHECK(*ih); switch (ih->type) { case JUNIPER_IPSEC_O_ESP_ENCRYPT_ESP_AUTHEN_TYPE: case JUNIPER_IPSEC_O_ESP_ENCRYPT_AH_AUTHEN_TYPE: @@ -564,6 +570,10 @@ juniper_es_print(netdissect_options *ndo, ip_print(ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif @@ -588,6 +598,7 @@ juniper_monitor_print(netdissect_options *ndo, p+=l2info.header_len; mh = (const struct juniper_monitor_header *)p; + ND_TCHECK(*mh); if (ndo->ndo_eflag) ND_PRINT((ndo, "service-id %u, iif %u, pkt-type %u: ", EXTRACT_32BITS(&mh->service_id), @@ -598,6 +609,10 @@ juniper_monitor_print(netdissect_options *ndo, ip_heuristic_guess (ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif @@ -622,6 +637,7 @@ juniper_services_print(netdissect_options *ndo, p+=l2info.header_len; sh = (const struct juniper_services_header *)p; + ND_TCHECK(*sh); if (ndo->ndo_eflag) ND_PRINT((ndo, "service-id %u flags 0x%02x service-set-id 0x%04x iif %u: ", sh->svc_id, @@ -633,6 +649,10 @@ juniper_services_print(netdissect_options *ndo, ip_heuristic_guess (ndo, p, l2info.length); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_services]")); + return l2info.header_len; } #endif @@ -740,6 +760,7 @@ juniper_pppoe_atm_print(netdissect_options *ndo, p+=l2info.header_len; + ND_TCHECK2(p[0], 2); extracted_ethertype = EXTRACT_16BITS(p); /* this DLT contains nothing but raw PPPoE frames, * prepended with a type field*/ @@ -752,6 +773,10 @@ juniper_pppoe_atm_print(netdissect_options *ndo, ND_PRINT((ndo, "unknown ethertype 0x%04x", extracted_ethertype)); return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_pppoe_atm]")); + return l2info.header_len; } #endif @@ -940,6 +965,7 @@ juniper_atm1_print(netdissect_options *ndo, return l2info.header_len; } + ND_TCHECK2(p[0], 3); if (EXTRACT_24BITS(p) == 0xfefe03 || /* NLPID encaps ? */ EXTRACT_24BITS(p) == 0xaaaa03) { /* SNAP encaps ? */ @@ -958,6 +984,10 @@ juniper_atm1_print(netdissect_options *ndo, return l2info.header_len; return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_atm1]")); + return l2info.header_len; } #endif @@ -989,6 +1019,7 @@ juniper_atm2_print(netdissect_options *ndo, return l2info.header_len; } + ND_TCHECK2(p[0], 3); if (EXTRACT_24BITS(p) == 0xfefe03 || /* NLPID encaps ? */ EXTRACT_24BITS(p) == 0xaaaa03) { /* SNAP encaps ? */ @@ -1016,6 +1047,10 @@ juniper_atm2_print(netdissect_options *ndo, return l2info.header_len; return l2info.header_len; + +trunc: + ND_PRINT((ndo, "[|juniper_atm2]")); + return l2info.header_len; } #endif @@ -1280,6 +1315,7 @@ juniper_parse_header(netdissect_options *ndo, l2info->caplen -= l2info->header_len; /* search through the cookie table and copy values matching for our PIC type */ + ND_TCHECK(p[0]); while (lp->s != NULL) { if (lp->pictype == l2info->pictype) { @@ -1360,6 +1396,7 @@ juniper_parse_header(netdissect_options *ndo, case DLT_JUNIPER_MLFR: switch (l2info->cookie_type) { case LS_COOKIE_ID: + ND_TCHECK2(p[0], 2); l2info->bundle = l2info->cookie[1]; l2info->proto = EXTRACT_16BITS(p); l2info->header_len += 2; @@ -1383,6 +1420,7 @@ juniper_parse_header(netdissect_options *ndo, case DLT_JUNIPER_MFR: switch (l2info->cookie_type) { case LS_COOKIE_ID: + ND_TCHECK2(p[0], 2); l2info->bundle = l2info->cookie[1]; l2info->proto = EXTRACT_16BITS(p); l2info->header_len += 2; diff --git a/tests/TESTLIST b/tests/TESTLIST index 5376c12a8..f14868fc4 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -451,6 +451,9 @@ nfs-attr-oobr nfs-attr-oobr.pcap nfs-attr-oobr.out decnet-oobr decnet-oobr.pcap decnet-oobr.out oobr_parse_elements oobr_parse_elements.pcap oobr_parse_elements.out hoobr_ripng_print hoobr_ripng_print.pcap hoobr_ripng_print.out +hoobr_juniper hoobr_juniper.pcap hoobr_juniper.out +hoobr_juniper2 hoobr_juniper2.pcap hoobr_juniper2.out +hoobr_juniper3 hoobr_juniper3.pcap hoobr_juniper3.out # bad packets from Wilfried Kirsch slip-bad-direction slip-bad-direction.pcap slip-bad-direction.out -ve diff --git a/tests/hoobr_juniper.out b/tests/hoobr_juniper.out new file mode 100644 index 000000000..b13cfbee0 --- /dev/null +++ b/tests/hoobr_juniper.out @@ -0,0 +1 @@ +[|juniper_hdr], length 808464432 diff --git a/tests/hoobr_juniper.pcap b/tests/hoobr_juniper.pcap new file mode 100644 index 000000000..831a8c7db Binary files /dev/null and b/tests/hoobr_juniper.pcap differ diff --git a/tests/hoobr_juniper2.out b/tests/hoobr_juniper2.out new file mode 100644 index 000000000..1f164cfba --- /dev/null +++ b/tests/hoobr_juniper2.out @@ -0,0 +1 @@ +[|juniper_atm1] diff --git a/tests/hoobr_juniper2.pcap b/tests/hoobr_juniper2.pcap new file mode 100644 index 000000000..7c7673591 Binary files /dev/null and b/tests/hoobr_juniper2.pcap differ diff --git a/tests/hoobr_juniper3.out b/tests/hoobr_juniper3.out new file mode 100644 index 000000000..8062118b5 --- /dev/null +++ b/tests/hoobr_juniper3.out @@ -0,0 +1 @@ +Unknown Juniper DLT_ type 132: [|juniper_services] diff --git a/tests/hoobr_juniper3.pcap b/tests/hoobr_juniper3.pcap new file mode 100644 index 000000000..2ab9c6630 Binary files /dev/null and b/tests/hoobr_juniper3.pcap differ