Index: dump.c =================================================================== RCS file: /networking/master_src/tac_plus/dump.c,v retrieving revision 1.1.1.2 retrieving revision 1.3 diff -c -r1.1.1.2 -r1.3 *** dump.c 1998/07/02 19:34:04 1.1.1.2 --- dump.c 1998/07/23 21:21:48 1.3 *************** *** 19,24 **** --- 19,27 ---- #include "tac_plus.h" + /* from packet.c */ + extern u_char *walk_packet() ; + /* Routines for dumping packets to stderr */ char * summarise_outgoing_packet_type(pak) *************** *** 127,133 **** struct acct *acct; int i; HDR *hdr; ! u_char *p, *argsizep; int seq; dump_header(pak); --- 130,136 ---- struct acct *acct; int i; HDR *hdr; ! u_char *p,*pnext,*data_start, *argsizep; int seq; dump_header(pak); *************** *** 228,246 **** /* start of variable length data is here */ p = pak + TAC_PLUS_HDR_SIZE + TAC_AUTHEN_START_FIXED_FIELDS_SIZE; report(LOG_DEBUG, "User: "); report_string(LOG_DEBUG, p, start->user_len); ! p += start->user_len; report(LOG_DEBUG, "port: "); report_string(LOG_DEBUG, p, start->port_len); ! p += start->port_len; report(LOG_DEBUG, "rem_addr: "); report_string(LOG_DEBUG, p, start->rem_addr_len); ! p += start->rem_addr_len; report(LOG_DEBUG, "data: "); report_string(LOG_DEBUG, p, start->data_len); report(LOG_DEBUG, "End packet"); --- 231,275 ---- /* start of variable length data is here */ p = pak + TAC_PLUS_HDR_SIZE + TAC_AUTHEN_START_FIXED_FIELDS_SIZE; + data_start = p ; + report(LOG_DEBUG, "User: "); + + + pnext = walk_packet(hdr,data_start,p,start->user_len); + if ( pnext == NULL ) { + report(LOG_DEBUG, "garbage in user_len"); + return ; + } report_string(LOG_DEBUG, p, start->user_len); ! p = pnext ; report(LOG_DEBUG, "port: "); + + pnext = walk_packet(hdr,data_start,p,start->port_len); + if ( pnext == NULL ) { + report(LOG_DEBUG, "garbage in port_len"); + return ; + } report_string(LOG_DEBUG, p, start->port_len); ! p = pnext ; report(LOG_DEBUG, "rem_addr: "); + + pnext = walk_packet(hdr,data_start,p,start->rem_addr_len); + if ( pnext == NULL ) { + report(LOG_DEBUG, "garbage in rem_addr_len"); + return ; + } report_string(LOG_DEBUG, p, start->rem_addr_len); ! p = pnext ; report(LOG_DEBUG, "data: "); + pnext = walk_packet(hdr,data_start,p,start->data_len); + if ( pnext == NULL ) { + report(LOG_DEBUG, "garbage in data_len"); + return ; + } report_string(LOG_DEBUG, p, start->data_len); report(LOG_DEBUG, "End packet"); *************** *** 258,268 **** p = pak + TAC_PLUS_HDR_SIZE + TAC_AUTHEN_CONT_FIXED_FIELDS_SIZE; report(LOG_DEBUG, "User msg: "); report_string(LOG_DEBUG, p, cont->user_msg_len); ! p += cont->user_msg_len; ! report(LOG_DEBUG, "User data: "); report_string(LOG_DEBUG, p, cont->user_data_len); report(LOG_DEBUG, "End packet"); --- 287,310 ---- p = pak + TAC_PLUS_HDR_SIZE + TAC_AUTHEN_CONT_FIXED_FIELDS_SIZE; + data_start = p ; + report(LOG_DEBUG, "User msg: "); + + pnext = walk_packet(hdr,data_start,p,cont->user_msg_len); + if ( pnext == NULL ) { + report(LOG_DEBUG, "garbage in user_msg_len"); + return ; + } report_string(LOG_DEBUG, p, cont->user_msg_len); ! p = pnext ; ! report(LOG_DEBUG, "User data: "); + pnext = walk_packet(hdr,data_start,p,cont->user_data_len); + if ( pnext == NULL ) { + report(LOG_DEBUG, "garbage in user_data_len"); + return ; + } report_string(LOG_DEBUG, p, cont->user_data_len); report(LOG_DEBUG, "End packet"); Index: packet.c =================================================================== RCS file: /networking/master_src/tac_plus/packet.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -c -r1.1.1.2 -r1.2 *** packet.c 1998/07/02 19:34:06 1.1.1.2 --- packet.c 1998/07/23 20:32:32 1.2 *************** *** 513,518 **** --- 513,538 ---- return (0); } + /* Walk through the variable data parts of a packet */ + u_char * + walk_packet(hdr,vstart,vcurrent,len) + HDR *hdr; + u_char *vstart; + u_char *vcurrent; + int len; + { + u_char *p = NULL ; + /* Be paranoid about garbage in len */ + if ( len > -1 ) { + if (((int) vcurrent - (int)vstart + len) < hdr->datalength) { + p = vcurrent ; + p += len ; + } + } + + return p ; + } + send_error_reply(type, msg) int type; char *msg;