tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Review request: fn_printn() fencepost error

From: Bill Fenner <fenner () research att com>
Date: Thu, 3 Apr 2003 19:44:13 -0800 (PST)
Hi,

  Normally, I'd just commit fixes like this, but since fn_printn() is
pretty crucial to avoiding odd behavior, if not buffer overruns, I
thought I should run this by the group.

  If the last byte of the string being printed with fn_printn() is
the last byte that was captured, then it returns a truncation
indication, because the "not-truncated" check occurs after the
check to see if we went past the end of the buffer.

  I modified fn_printn() to check the number of bytes remaining
in the while, kept the decrement of the bytes remaining inside
the loop, and made the return value simply depend on whether we
had used up all of the bytes.

  Here's the test program that I used to validate -- it should
return 0 for the first three and 1 for the last set of arguments.

int
main(void)
{
        char *foo = "hello, world!";
        int l = strlen(foo);
        char *bar = foo + l;

        printf("first 5: %d\n", fn_printn(foo, 5, bar));
        printf("All but last: %d\n", fn_printn(foo, l - 1, bar));
        printf("Whole string: %d\n", fn_printn(foo, l, bar));
        printf("Definitely truncated: %d\n", fn_printn(foo, l + 1, bar));
}

  Anyway, I tried to be pretty thorough, but I'd still like some
more eyes on this.

Thanks,

  Bill


Index: util.c
===================================================================
RCS file: /tcpdump/master/tcpdump/util.c,v
retrieving revision 1.84
diff -u -r1.84 util.c
--- util.c      4 Mar 2003 08:53:26 -0000       1.84
+++ util.c      4 Apr 2003 03:42:26 -0000
@@ -85,15 +85,10 @@
 fn_printn(register const u_char *s, register u_int n,
          register const u_char *ep)
 {
-       register int ret;
        register u_char c;
 
-       ret = 1;                        /* assume truncated */
-       while (ep == NULL || s < ep) {
-               if (n-- <= 0) {
-                       ret = 0;
-                       break;
-               }
+       while (n > 0 && (ep == NULL || s < ep)) {
+               n--;
                c = *s++;
                if (!isascii(c)) {
                        c = toascii(c);
@@ -106,7 +101,7 @@
                }
                putchar(c);
        }
-       return(ret);
+       return (n == 0) ? 0 : 1;
 }
 
 /*
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: