Revision 145ebfa1

View differences:

proto/babel/babel.h
78 78
  BABEL_TLV_MAX
79 79
};
80 80

  
81
enum babel_subtlv_type {
82
  BABEL_SUBTLV_PAD1		= 0,
83
  BABEL_SUBTLV_PADN		= 1
84
};
85

  
81 86
enum babel_iface_type {
82 87
  /* In practice, UNDEF and WIRED give equivalent behaviour */
83 88
  BABEL_IFACE_TYPE_UNDEF	= 0,
proto/babel/packets.c
120 120
  u8 router_id_seen;		/* router_id field is valid */
121 121
  u8 def_ip6_prefix_seen;	/* def_ip6_prefix is valid */
122 122
  u8 def_ip4_prefix_seen;	/* def_ip4_prefix is valid */
123
  u8 current_tlv_endpos;	/* End of self-terminating TLVs (offset from start) */
123 124
};
124 125

  
125 126
enum parse_result {
......
379 380
  if (msg->ae >= BABEL_AE_MAX)
380 381
    return PARSE_IGNORE;
381 382

  
382
  // We handle link-local IPs. In every other case, the addr field will be 0 but
383
  // validation will succeed. The handler takes care of these cases.
384
  if (msg->ae == BABEL_AE_IP6_LL)
383
  /*
384
   * We only actually read link-local IPs. In every other case, the addr field
385
   * will be 0 but validation will succeed. The handler takes care of these
386
   * cases. We handle them here anyway because we need the length for parsing
387
   * subtlvs.
388
   */
389
  switch (msg->ae)
385 390
  {
391
  case BABEL_AE_IP4:
392
    if (TLV_OPT_LENGTH(tlv) < 4)
393
      return PARSE_ERROR;
394
    state->current_tlv_endpos += 4;
395
    break;
396

  
397
  case BABEL_AE_IP6:
398
    if (TLV_OPT_LENGTH(tlv) < 16)
399
      return PARSE_ERROR;
400
    state->current_tlv_endpos += 16;
401
    break;
402

  
403
  case BABEL_AE_IP6_LL:
386 404
    if (TLV_OPT_LENGTH(tlv) < 8)
387 405
      return PARSE_ERROR;
388 406

  
389 407
    msg->addr = ipa_from_ip6(get_ip6_ll(&tlv->addr));
408
    state->current_tlv_endpos += 8;
409
    break;
390 410
  }
391 411

  
392 412
  return PARSE_SUCCESS;
......
463 483
      return PARSE_ERROR;
464 484

  
465 485
    state->next_hop_ip4 = ipa_from_ip4(get_ip4(&tlv->addr));
486
    state->current_tlv_endpos += sizeof(ip4_addr);
466 487
    return PARSE_IGNORE;
467 488

  
468 489
  case BABEL_AE_IP6:
......
470 491
      return PARSE_ERROR;
471 492

  
472 493
    state->next_hop_ip6 = ipa_from_ip6(get_ip6(&tlv->addr));
494
    state->current_tlv_endpos += sizeof(ip6_addr);
473 495
    return PARSE_IGNORE;
474 496

  
475 497
  case BABEL_AE_IP6_LL:
......
477 499
      return PARSE_ERROR;
478 500

  
479 501
    state->next_hop_ip6 = ipa_from_ip6(get_ip6_ll(&tlv->addr));
502
    state->current_tlv_endpos += 8;
480 503
    return PARSE_IGNORE;
481 504

  
482 505
  default:
......
639 662

  
640 663
  msg->router_id = state->router_id;
641 664
  msg->sender = state->saddr;
665
  state->current_tlv_endpos += len;
642 666

  
643 667
  return PARSE_SUCCESS;
644 668
}
......
765 789
      return PARSE_ERROR;
766 790

  
767 791
    read_ip4_px(&msg->net, tlv->addr, tlv->plen);
792
    state->current_tlv_endpos += BYTES(tlv->plen);
768 793
    return PARSE_SUCCESS;
769 794

  
770 795
  case BABEL_AE_IP6:
......
775 800
      return PARSE_ERROR;
776 801

  
777 802
    read_ip6_px(&msg->net, tlv->addr, tlv->plen);
803
    state->current_tlv_endpos += BYTES(tlv->plen);
778 804
    return PARSE_SUCCESS;
779 805

  
780 806
  case BABEL_AE_IP6_LL:
......
851 877
      return PARSE_ERROR;
852 878

  
853 879
    read_ip4_px(&msg->net, tlv->addr, tlv->plen);
880
    state->current_tlv_endpos += BYTES(tlv->plen);
854 881
    return PARSE_SUCCESS;
855 882

  
856 883
  case BABEL_AE_IP6:
......
861 888
      return PARSE_ERROR;
862 889

  
863 890
    read_ip6_px(&msg->net, tlv->addr, tlv->plen);
891
    state->current_tlv_endpos += BYTES(tlv->plen);
864 892
    return PARSE_SUCCESS;
865 893

  
866 894
  case BABEL_AE_IP6_LL:
......
908 936
}
909 937

  
910 938
static inline int
939
babel_read_subtlvs(struct babel_tlv *hdr,
940
		   union babel_msg *msg UNUSED,
941
		   struct babel_parse_state *state)
942
{
943
  struct babel_tlv *tlv;
944

  
945
  for (tlv = (void *) hdr + state->current_tlv_endpos;
946
       tlv < hdr + TLV_LENGTH(hdr);
947
       tlv = NEXT_TLV(tlv))
948
  {
949
    /*
950
     * The subtlv type space is non-contiguous (due to the mandatory bit), so
951
     * use a switch for dispatch instead of the mapping array we use for TLVs
952
     */
953
    switch (tlv->type)
954
    {
955
    case BABEL_SUBTLV_PAD1:
956
    case BABEL_SUBTLV_PADN:
957
      /* FIXME: Framing errors in PADN are silently ignored, see babel_process_packet() */
958
      break;
959

  
960
    default:
961
      /* Unknown mandatory subtlv; PARSE_IGNORE ignores the whole TLV */
962
      if (tlv->type > 128)
963
      {
964
	DBG("Babel: Mandatory subtlv %d found; skipping TLV\n", tlv->type);
965
	return PARSE_IGNORE;
966
      }
967
      break;
968
    }
969
  }
970

  
971
  return PARSE_SUCCESS;
972
}
973

  
974
static inline int
911 975
babel_read_tlv(struct babel_tlv *hdr,
912 976
               union babel_msg *msg,
913 977
               struct babel_parse_state *state)
......
920 984
  if (TLV_LENGTH(hdr) < tlv_data[hdr->type].min_length)
921 985
    return PARSE_ERROR;
922 986

  
987
  state->current_tlv_endpos = tlv_data[hdr->type].min_length;
923 988
  memset(msg, 0, sizeof(*msg));
924
  return tlv_data[hdr->type].read_tlv(hdr, msg, state);
989

  
990
  int res = tlv_data[hdr->type].read_tlv(hdr, msg, state);
991
  if (res != PARSE_SUCCESS)
992
    return res;
993

  
994
  return babel_read_subtlvs(hdr, msg, state);
925 995
}
926 996

  
927 997
static uint

Also available in: Unified diff