* Routines for socks versions 4 &5 packet dissection
* Copyright 2000, Jeffrey C. Foster <jfoste@woodward.com>
*
- * $Id: packet-socks.c,v 1.55 2004/01/10 02:43:29 guy Exp $
+ * $Id: packet-socks.c,v 1.56 2004/01/22 20:43:17 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
*ptr = hash_info->udp_remote_port;
- decode_udp_ports( tvb, offset, pinfo, tree, pinfo->srcport, pinfo->destport);
+ decode_udp_ports( tvb, offset, pinfo, tree, pinfo->srcport, pinfo->destport, -1);
*ptr = hash_info->udp_port;
/* packet-udp.c
* Routines for UDP packet disassembly
*
- * $Id: packet-udp.c,v 1.111 2003/09/03 09:52:07 sahlberg Exp $
+ * $Id: packet-udp.c,v 1.112 2004/01/22 20:43:17 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
void
decode_udp_ports(tvbuff_t *tvb, int offset, packet_info *pinfo,
- proto_tree *tree, int uh_sport, int uh_dport)
+ proto_tree *tree, int uh_sport, int uh_dport, int uh_ulen)
{
tvbuff_t *next_tvb;
int low_port, high_port;
-
- next_tvb = tvb_new_subset(tvb, offset, -1, -1);
+ gint len, reported_len;
+
+ len = tvb_length_remaining(tvb, offset);
+ reported_len = tvb_reported_length_remaining(tvb, offset);
+ if (uh_ulen != -1) {
+ /* This is the length from the UDP header; the payload should be cut
+ off at that length.
+ XXX - what if it's *greater* than the reported length? */
+ if (uh_ulen < len)
+ len = uh_ulen;
+ if (uh_ulen < reported_len)
+ reported_len = uh_ulen;
+ }
+ next_tvb = tvb_new_subset(tvb, offset, len, reported_len);
/* determine if this packet is part of a conversation and call dissector */
/* for the conversation if available */
proto_tree_add_uint_hidden(udp_tree, hf_udp_port, tvb, offset, 2, udph->uh_sport);
proto_tree_add_uint_hidden(udp_tree, hf_udp_port, tvb, offset+2, 2, udph->uh_dport);
+ if (udph->uh_ulen < 8) {
+ /* Bogus length - it includes the header, so it must be >= 8. */
+ proto_tree_add_uint_format(udp_tree, hf_udp_length, tvb, offset + 4, 2,
+ udph->uh_ulen, "Length: %u (bogus, must be >= 8)", udph->uh_ulen);
+ return;
+ }
proto_tree_add_uint(udp_tree, hf_udp_length, tvb, offset + 4, 2, udph->uh_ulen);
reported_len = tvb_reported_length(tvb);
len = tvb_length(tvb);
/* No checksum supplied in the packet. */
proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb,
offset + 6, 2, udph->uh_sum, "Checksum: 0x%04x (none)", udph->uh_sum);
- } else if (!pinfo->fragmented && len >= reported_len && len >= udph->uh_ulen) {
+ } else if (!pinfo->fragmented && len >= reported_len &&
+ len >= udph->uh_ulen && reported_len >= udph->uh_ulen) {
/* The packet isn't part of a fragmented datagram and isn't
truncated, so we can checksum it.
XXX - make a bigger scatter-gather list once we do fragment
switch (pinfo->src.type) {
case AT_IPv4:
- phdr[0] = g_htonl((IP_PROTO_UDP<<16) + reported_len);
+ phdr[0] = g_htonl((IP_PROTO_UDP<<16) + udph->uh_ulen);
cksum_vec[2].len = 4;
break;
case AT_IPv6:
- phdr[0] = g_htonl(reported_len);
+ phdr[0] = g_htonl(udph->uh_ulen);
phdr[1] = g_htonl(IP_PROTO_UDP);
cksum_vec[2].len = 8;
break;
g_assert_not_reached();
break;
}
- cksum_vec[3].ptr = tvb_get_ptr(tvb, offset, len);
- cksum_vec[3].len = reported_len;
+ cksum_vec[3].ptr = tvb_get_ptr(tvb, offset, udph->uh_ulen);
+ cksum_vec[3].len = udph->uh_ulen;
computed_cksum = in_cksum(&cksum_vec[0], 4);
if (computed_cksum == 0) {
proto_tree_add_uint_format(udp_tree, hf_udp_checksum, tvb,
* nothing left in the packet.
*/
if (!pinfo->in_error_pkt || tvb_length_remaining(tvb, offset) > 0)
- decode_udp_ports(tvb, offset, pinfo, tree, udph->uh_sport, udph->uh_dport);
+ decode_udp_ports(tvb, offset, pinfo, tree, udph->uh_sport, udph->uh_dport,
+ udph->uh_ulen);
}
void