]>
Commit | Line | Data |
---|---|---|
b048a2e8 | 1 | =================================================================== |
2 | RCS file: /tcpdump/master/tcpdump/print-bgp.c,v | |
3 | retrieving revision 1.91.2.11 | |
4 | retrieving revision 1.91.2.12 | |
5 | diff -u -r1.91.2.11 -r1.91.2.12 | |
6 | --- tcpdump/print-bgp.c 2007/02/26 13:31:33 1.91.2.11 | |
7 | +++ tcpdump/print-bgp.c 2007/07/14 22:26:35 1.91.2.12 | |
b048a2e8 | 8 | @@ -609,6 +609,26 @@ |
9 | return -2; | |
10 | } | |
11 | ||
12 | +/* | |
13 | + * As I remember, some versions of systems have an snprintf() that | |
14 | + * returns -1 if the buffer would have overflowed. If the return | |
15 | + * value is negative, set buflen to 0, to indicate that we've filled | |
16 | + * the buffer up. | |
17 | + * | |
18 | + * If the return value is greater than buflen, that means that | |
19 | + * the buffer would have overflowed; again, set buflen to 0 in | |
20 | + * that case. | |
21 | + */ | |
22 | +#define UPDATE_BUF_BUFLEN(buf, buflen, strlen) \ | |
23 | + if (strlen<0) \ | |
24 | + buflen=0; \ | |
25 | + else if ((u_int)strlen>buflen) \ | |
26 | + buflen=0; \ | |
27 | + else { \ | |
28 | + buflen-=strlen; \ | |
29 | + buf+=strlen; \ | |
30 | + } | |
31 | + | |
32 | static int | |
33 | decode_labeled_vpn_l2(const u_char *pptr, char *buf, u_int buflen) | |
34 | { | |
35 | @@ -619,11 +639,13 @@ | |
36 | tlen=plen; | |
37 | pptr+=2; | |
38 | TCHECK2(pptr[0],15); | |
39 | + buf[0]='\0'; | |
40 | strlen=snprintf(buf, buflen, "RD: %s, CE-ID: %u, Label-Block Offset: %u, Label Base %u", | |
41 | bgp_vpn_rd_print(pptr), | |
42 | EXTRACT_16BITS(pptr+8), | |
43 | EXTRACT_16BITS(pptr+10), | |
44 | EXTRACT_24BITS(pptr+12)>>4); /* the label is offsetted by 4 bits so lets shift it right */ | |
45 | + UPDATE_BUF_BUFLEN(buf, buflen, strlen); | |
46 | pptr+=15; | |
47 | tlen-=15; | |
48 | ||
49 | @@ -639,23 +661,32 @@ | |
50 | ||
51 | switch(tlv_type) { | |
52 | case 1: | |
53 | - strlen+=snprintf(buf+strlen,buflen-strlen, "\n\t\tcircuit status vector (%u) length: %u: 0x", | |
54 | - tlv_type, | |
55 | - tlv_len); | |
56 | + if (buflen!=0) { | |
57 | + strlen=snprintf(buf,buflen, "\n\t\tcircuit status vector (%u) length: %u: 0x", | |
58 | + tlv_type, | |
59 | + tlv_len); | |
60 | + UPDATE_BUF_BUFLEN(buf, buflen, strlen); | |
61 | + } | |
62 | ttlv_len=ttlv_len/8+1; /* how many bytes do we need to read ? */ | |
63 | while (ttlv_len>0) { | |
64 | TCHECK(pptr[0]); | |
65 | - strlen+=snprintf(buf+strlen,buflen-strlen, "%02x",*pptr++); | |
66 | + if (buflen!=0) { | |
67 | + strlen=snprintf(buf,buflen, "%02x",*pptr++); | |
68 | + UPDATE_BUF_BUFLEN(buf, buflen, strlen); | |
69 | + } | |
70 | ttlv_len--; | |
71 | } | |
72 | break; | |
73 | default: | |
74 | - snprintf(buf+strlen,buflen-strlen, "\n\t\tunknown TLV #%u, length: %u", | |
75 | - tlv_type, | |
76 | - tlv_len); | |
77 | + if (buflen!=0) { | |
78 | + strlen=snprintf(buf,buflen, "\n\t\tunknown TLV #%u, length: %u", | |
79 | + tlv_type, | |
80 | + tlv_len); | |
81 | + UPDATE_BUF_BUFLEN(buf, buflen, strlen); | |
82 | + } | |
83 | break; | |
84 | } | |
85 | - tlen-=(tlv_len<<3); /* the tlv-length is expressed in bits so lets shift it tright */ | |
86 | + tlen-=(tlv_len<<3); /* the tlv-length is expressed in bits so lets shift it right */ | |
87 | } | |
88 | return plen+2; | |
89 |