>Number:         3883
>Category:       bin
>Synopsis:       tcpdump prints uninitialized buffer if it gets an unknown ICMP code (take 2)
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jul 17 22:20:00 1997
>Last-Modified:
>Originator:     Dave Huang
>Organization:
Name: Dave Huang     |   Mammal, mammal / their names are called /
INet: khym@bga.com   |   they raise a paw / the bat, the cat /
FurryMUCK: Dahan     |   dolphin and dog / koala bear and hog -- TMBG
Dahan: Hani G Y+C 21 Y++ L+++ W- C++ T++ A+ E+ S++ V++ F- Q+++ P+ B+ PA+ PL++
>Release:        NetBSD-current as of July 17, 1997
>Environment:
	
System: NetBSD dahan.metonymy.com 1.2G NetBSD 1.2G (SPIFF) #63: Tue Jul 15 19:30:39 CDT 1997 khym@dahan.metonymy.com:/usr/src.local/sys/arch/i386/compile/SPIFF i386


>Description:
Oops, there's a line missing from my patch for PR bin/3882... thanks to
Brian Grayson <bgrayson@ece.utexas.edu> for noticing this!

See bin/3882 for the description of the bug...
>How-To-Repeat:
>Fix:
--- /usr/src/usr.sbin/tcpdump/print-icmp.c	Sun Mar 16 06:31:16 1997
+++ print-icmp.c	Fri Jul 18 00:09:36 1997
@@ -135,6 +135,57 @@
 				"%s unreachable - source route failed",
 				ipaddr_string(&dp->icmp_ip.ip_dst));
 			break;
+		case ICMP_UNREACH_NET_UNKNOWN:
+			(void)sprintf(buf, "destination net %s unknown",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case ICMP_UNREACH_HOST_UNKNOWN:
+			(void)sprintf(buf, "destination host %s unknown",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case ICMP_UNREACH_ISOLATED:
+			(void)sprintf(buf,
+			    "%s unreachable - source host isolated",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case ICMP_UNREACH_NET_PROHIB:
+			(void)sprintf(buf,
+			    "communication with net %s administratively "
+			    "prohibited", ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case ICMP_UNREACH_HOST_PROHIB:
+			(void)sprintf(buf,
+			    "communication with host %s administratively "
+			    "prohibited", ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case ICMP_UNREACH_TOSNET:
+			(void)sprintf(buf, "net %s unreachable for TOS",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case ICMP_UNREACH_TOSHOST:
+			(void)sprintf(buf, "host %s unreachable for TOS",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case 13:
+			(void)sprintf(buf,
+			    "%s unreachable - communication prohibited",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case 14:
+			(void)sprintf(buf,
+			    "%s unreachable - host precedence violation",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		case 15:
+			(void)sprintf(buf,
+			    "%s unreachable - precedence cutoff",
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		default:
+			(void)sprintf(buf,
+			    "%s unreachable - unknown code %d",
+			    ipaddr_string(&dp->icmp_ip.ip_dst),
+			    dp->icmp_code);
 		}
 		break;
 	case ICMP_SOURCEQUENCH:
@@ -163,6 +214,13 @@
 				       ipaddr_string(&dp->icmp_ip.ip_dst),
 				       ipaddr_string(&dp->icmp_gwaddr));
 			break;
+		default:
+			(void)sprintf(buf,
+			    "redirect-unknown code %d - %s to %s",
+			    dp->icmp_code,
+			    ipaddr_string(&dp->icmp_ip.ip_dst),
+			    ipaddr_string(&dp->icmp_gwaddr));
+			break;
 		}
 		break;
 	case ICMP_ECHO:
@@ -177,6 +235,9 @@
 		case ICMP_TIMXCEED_REASS:
 			str = "ip reassembly time exceeded";
 			break;
+		default:
+			(void)sprintf(buf, "time exceeded - unknown code %d",
+			    dp->icmp_code);
 		}
 		break;
 	case ICMP_PARAMPROB:

>Audit-Trail:
>Unformatted: