when parsing icmp only check that we have enough data up to what is being really looked into (4 bytes). fixes short pings display; pval@ ok

2004-05-08 17:19:40 +00:00 · 2004-05-08 17:19:40 +00:00 · 2b7dce195a
commit 2b7dce195a
parent 44e3d691c8
1 changed files with 21 additions and 0 deletions
--- a/net/trafshow/patches/patch-display_c
+++ b/net/trafshow/patches/patch-display_c
@ -0,0 +1,21 @@
+--- display.c.bak.orig	Mon Aug 24 00:51:48 1998
+++ display.c	Tue Aug 28 17:35:19 2001
+@@ -386,18 +386,18 @@
+ 					clrtoeol();
+ 					goto refresh_screen;
+ 				}
+ 				sport = ntohs(((struct udphdr *)cp)->uh_sport);
+ 				dport = ntohs(((struct udphdr *)cp)->uh_dport);
+ 			} else if (ip->ip_p == IPPROTO_ICMP) {
+-				if (cp + sizeof(struct icmp) > snapend ||
+-				    iplen - hlen < sizeof(struct icmp)) {
+				if (cp + 4 > snapend ||
+				    iplen - hlen < 4) {
+ 					mvprintw(LINES-1, err_pos, "\
+ truncated-icmp: wrong ip hdrlen");
+ 					clrtoeol();
+ 					goto refresh_screen;
+ 				}
+ 				sport = ((struct icmp *)cp)->icmp_type;
+ 			}
+ 		}