diff --git a/config.h.in b/config.h.in index e7e4d358ee..d46b3d3ffc 100644 --- a/config.h.in +++ b/config.h.in @@ -134,17 +134,17 @@ #undef VERSION /* Define for Solaris 2.5.1 so the uint32_t typedef from , - , or is not used. If the typedef were allowed, the + , or is not used. If the typedef was allowed, the #define below would cause a syntax error. */ #undef _UINT32_T /* Define for Solaris 2.5.1 so the uint64_t typedef from , - , or is not used. If the typedef were allowed, the + , or is not used. If the typedef was allowed, the #define below would cause a syntax error. */ #undef _UINT64_T /* Define for Solaris 2.5.1 so the uint8_t typedef from , - , or is not used. If the typedef were allowed, the + , or is not used. If the typedef was allowed, the #define below would cause a syntax error. */ #undef _UINT8_T diff --git a/src/decode-ipv4.c b/src/decode-ipv4.c index b5f0525d3b..c08afa10e3 100644 --- a/src/decode-ipv4.c +++ b/src/decode-ipv4.c @@ -237,7 +237,7 @@ static int IPV4OptValidateCIPSO(Packet *p, const IPV4Opt *o) { default: //printf("CIPSO tag %" PRIu8 " unknown tag\n", ttype); DECODER_SET_EVENT(p,IPV4_OPT_MALFORMED); - /* \todo May not want to return error here on unknown tag type (at least not for 3|4 */ + /** \todo May not want to return error here on unknown tag type (at least not for 3|4) */ return -1; } } @@ -562,6 +562,8 @@ void DecodeIPV4(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt, #ifdef UNITTESTS void DecodeIPV4OptionsPrint(Packet *p) { +/** \todo Fix this on 32bit */ +#if 0 IPV4Vars *pv = &p->ip4vars; printf("DecodeIPV4Options: cnt=%" PRIu8 @@ -585,6 +587,7 @@ void DecodeIPV4OptionsPrint(Packet *p) { (pv->o_sid ? pv->o_sid->type : 0), (pv->o_sid ? pv->o_sid->len : 0), (uintmax_t)(pv->o_sid ? pv->o_sid->data : 0), (pv->o_ssrr ? pv->o_ssrr->type : 0), (pv->o_ssrr ? pv->o_ssrr->len : 0), (uintmax_t)(pv->o_ssrr ? pv->o_ssrr->data : 0), (pv->o_rtralt ? pv->o_rtralt->type : 0), (pv->o_rtralt ? pv->o_rtralt->len : 0), (uintmax_t)(pv->o_rtralt ? pv->o_rtralt->data : 0)); +#endif } /** \test IPV4 with no options. */ diff --git a/src/decode-tcp.c b/src/decode-tcp.c index 163e535a4c..a38b2f71b3 100644 --- a/src/decode-tcp.c +++ b/src/decode-tcp.c @@ -25,23 +25,21 @@ static int DecodeTCPOptions(ThreadVars *tv, Packet *p, uint8_t *pkt, uint16_t le break; } - p->TCP_OPTS[p->TCP_OPTS_CNT].type = *pkt; - p->TCP_OPTS[p->TCP_OPTS_CNT].len = *(pkt+1); - if (plen > 2) - p->TCP_OPTS[p->TCP_OPTS_CNT].data = (pkt+2); - else - p->TCP_OPTS[p->TCP_OPTS_CNT].data = NULL; - /* we already know that the total options len is valid, * so here the len of the specific option must be bad. * Also check for invalid lengths 0 and 1. */ - /** \todo Should we check this *before* we set the data so that the incorrect data is not used later on? */ - if (p->TCP_OPTS[p->TCP_OPTS_CNT].len > plen || - p->TCP_OPTS[p->TCP_OPTS_CNT].len < 2) { + if (*(pkt+1) > plen || *(pkt+1) < 2) { DECODER_SET_EVENT(p,TCP_OPT_INVALID_LEN); return -1; } + p->TCP_OPTS[p->TCP_OPTS_CNT].type = *pkt; + p->TCP_OPTS[p->TCP_OPTS_CNT].len = *(pkt+1); + if (plen > 2) + p->TCP_OPTS[p->TCP_OPTS_CNT].data = (pkt+2); + else + p->TCP_OPTS[p->TCP_OPTS_CNT].data = NULL; + /* we are parsing the most commonly used opts to prevent * us from having to walk the opts list for these all the * time. */