Fix a ipv4 compiler warning. Improve TCP opt decoding error handling logic.

config.h.in

@@ -134,17 +134,17 @@
 #undef VERSION
 
 /* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
-   <pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
+   <pthread.h>, or <semaphore.h> is not used. If the typedef was allowed, the
    #define below would cause a syntax error. */
 #undef _UINT32_T
 
 /* Define for Solaris 2.5.1 so the uint64_t typedef from <sys/synch.h>,
-   <pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
+   <pthread.h>, or <semaphore.h> is not used. If the typedef was allowed, the
    #define below would cause a syntax error. */
 #undef _UINT64_T
 
 /* Define for Solaris 2.5.1 so the uint8_t typedef from <sys/synch.h>,
-   <pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
+   <pthread.h>, or <semaphore.h> is not used. If the typedef was allowed, the
    #define below would cause a syntax error. */
 #undef _UINT8_T
 

src/decode-ipv4.c

@@ -237,7 +237,7 @@ static int IPV4OptValidateCIPSO(Packet *p, const IPV4Opt *o) {
             default:
                 //printf("CIPSO tag %" PRIu8 " unknown tag\n", ttype);
                 DECODER_SET_EVENT(p,IPV4_OPT_MALFORMED);
-                /* \todo May not want to return error here on unknown tag type (at least not for 3|4 */
+                /** \todo May not want to return error here on unknown tag type (at least not for 3|4) */
                 return -1;
         }
     }
@@ -562,6 +562,8 @@ void DecodeIPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt,
 #ifdef UNITTESTS
 
 void DecodeIPV4OptionsPrint(Packet *p) {
+/** \todo Fix this on 32bit */
+#if 0
     IPV4Vars *pv = &p->ip4vars;
 
     printf("DecodeIPV4Options: cnt=%" PRIu8
@@ -585,6 +587,7 @@ void DecodeIPV4OptionsPrint(Packet *p) {
            (pv->o_sid ? pv->o_sid->type : 0), (pv->o_sid ? pv->o_sid->len : 0), (uintmax_t)(pv->o_sid ? pv->o_sid->data : 0),
            (pv->o_ssrr ? pv->o_ssrr->type : 0), (pv->o_ssrr ? pv->o_ssrr->len : 0), (uintmax_t)(pv->o_ssrr ? pv->o_ssrr->data : 0),
            (pv->o_rtralt ? pv->o_rtralt->type : 0), (pv->o_rtralt ? pv->o_rtralt->len : 0), (uintmax_t)(pv->o_rtralt ? pv->o_rtralt->data : 0));
+#endif
 }
 
 /** \test IPV4 with no options. */

src/decode-tcp.c

@@ -25,23 +25,21 @@ static int DecodeTCPOptions(ThreadVars *tv, Packet *p, uint8_t *pkt, uint16_t le
                 break;
             }
 
-            p->TCP_OPTS[p->TCP_OPTS_CNT].type = *pkt;
-            p->TCP_OPTS[p->TCP_OPTS_CNT].len  = *(pkt+1);
-            if (plen > 2)
-                p->TCP_OPTS[p->TCP_OPTS_CNT].data = (pkt+2);
-            else
-                p->TCP_OPTS[p->TCP_OPTS_CNT].data = NULL;
-
             /* we already know that the total options len is valid,
              * so here the len of the specific option must be bad.
              * Also check for invalid lengths 0 and 1. */
-            /** \todo Should we check this *before* we set the data so that the incorrect data is not used later on? */
-            if (p->TCP_OPTS[p->TCP_OPTS_CNT].len > plen ||
-                p->TCP_OPTS[p->TCP_OPTS_CNT].len < 2) {
+            if (*(pkt+1) > plen || *(pkt+1) < 2) {
                 DECODER_SET_EVENT(p,TCP_OPT_INVALID_LEN);
                 return -1;
             }
 
+            p->TCP_OPTS[p->TCP_OPTS_CNT].type = *pkt;
+            p->TCP_OPTS[p->TCP_OPTS_CNT].len  = *(pkt+1);
+            if (plen > 2)
+                p->TCP_OPTS[p->TCP_OPTS_CNT].data = (pkt+2);
+            else
+                p->TCP_OPTS[p->TCP_OPTS_CNT].data = NULL;
+
             /* we are parsing the most commonly used opts to prevent
              * us from having to walk the opts list for these all the
              * time. */