2 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from the Stanford/CMU enet packet filter,
6 * (net/enet.c) distributed as part of 4.3BSD, and code contributed
7 * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * @(#)bpf.c 7.5 (Berkeley) 7/15/91
41 #if !(defined(lint) || defined(KERNEL) || defined(_KERNEL))
42 static const char rcsid[] _U_ =
43 "@(#) $Header: /tcpdump/master/libpcap/bpf/net/bpf_filter.c,v 1.45.2.1 2008/01/02 04:22:16 guy Exp $ (LBL)";
52 #include <pcap-stdinc.h>
56 #include <sys/param.h>
57 #include <sys/types.h>
60 #define SOLARIS (defined(sun) && (defined(__SVR4) || defined(__svr4__)))
61 #if defined(__hpux) || SOLARIS
62 # include <sys/sysmacros.h>
63 # include <sys/stream.h>
65 # define m_next b_cont
66 # define MLEN(m) ((m)->b_wptr - (m)->b_rptr)
67 # define mtod(m,t) ((t)(m)->b_rptr)
69 # define MLEN(m) ((m)->m_len)
76 #if !defined(KERNEL) && !defined(_KERNEL)
80 #define int32 bpf_int32
81 #define u_int32 bpf_u_int32
85 * XXX - IA-64? If not, this probably won't work on Win64 IA-64
86 * systems, unless LBL_ALIGN is defined elsewhere for them.
87 * XXX - SuperH? If not, this probably won't work on WinCE SuperH
88 * systems, unless LBL_ALIGN is defined elsewhere for them.
90 #if defined(sparc) || defined(__sparc__) || defined(mips) || \
91 defined(ibm032) || defined(__alpha) || defined(__hpux) || \
99 #include <netinet/in.h>
102 #define EXTRACT_SHORT(p) ((u_short)ntohs(*(u_short *)p))
103 #define EXTRACT_LONG(p) (ntohl(*(u_int32 *)p))
105 #define EXTRACT_SHORT(p)\
107 ((u_short)*((u_char *)p+0)<<8|\
108 (u_short)*((u_char *)p+1)<<0))
109 #define EXTRACT_LONG(p)\
110 ((u_int32)*((u_char *)p+0)<<24|\
111 (u_int32)*((u_char *)p+1)<<16|\
112 (u_int32)*((u_char *)p+2)<<8|\
113 (u_int32)*((u_char *)p+3)<<0)
116 #if defined(KERNEL) || defined(_KERNEL)
117 # if !defined(__hpux) && !SOLARIS
118 #include <sys/mbuf.h>
120 #define MINDEX(len, _m, _k) \
123 while ((_k) >= len) { \
125 (_m) = (_m)->m_next; \
134 register struct mbuf *m;
135 register int k, *err;
138 register u_char *cp, *np;
139 register struct mbuf *m0;
142 cp = mtod(m, u_char *) + k;
145 return EXTRACT_LONG(cp);
148 if (m0 == 0 || MLEN(m0) + len - k < 4)
151 np = mtod(m0, u_char *);
155 return (cp[0] << 24) | (np[0] << 16) | (np[1] << 8) | np[2];
158 return (cp[0] << 24) | (cp[1] << 16) | (np[0] << 8) | np[1];
161 return (cp[0] << 24) | (cp[1] << 16) | (cp[2] << 8) | np[0];
170 register struct mbuf *m;
171 register int k, *err;
175 register struct mbuf *m0;
178 cp = mtod(m, u_char *) + k;
181 return EXTRACT_SHORT(cp);
187 return (cp[0] << 8) | mtod(m0, u_char *)[0];
195 * Execute the filter program starting at pc on the packet p
196 * wirelen is the length of the original packet
197 * buflen is the amount of data present
198 * For the kernel, p is assumed to be a pointer to an mbuf if buflen is 0,
199 * in all other cases, p is a pointer to a buffer and buflen is its size.
202 bpf_filter(pc, p, wirelen, buflen)
203 register const struct bpf_insn *pc;
204 register const u_char *p;
206 register u_int buflen;
208 register u_int32 A, X;
210 int32 mem[BPF_MEMWORDS];
211 #if defined(KERNEL) || defined(_KERNEL)
216 m = (struct mbuf *)p;
217 p = mtod(m, u_char *);
225 * No filter means accept all.
236 #if defined(KERNEL) || defined(_KERNEL)
247 case BPF_LD|BPF_W|BPF_ABS:
249 if (k + sizeof(int32) > buflen) {
250 #if defined(KERNEL) || defined(_KERNEL)
253 A = m_xword(m, k, &merr);
261 A = EXTRACT_LONG(&p[k]);
264 case BPF_LD|BPF_H|BPF_ABS:
266 if (k + sizeof(short) > buflen) {
267 #if defined(KERNEL) || defined(_KERNEL)
270 A = m_xhalf(m, k, &merr);
278 A = EXTRACT_SHORT(&p[k]);
281 case BPF_LD|BPF_B|BPF_ABS:
284 #if defined(KERNEL) || defined(_KERNEL)
289 A = mtod(n, u_char *)[k];
298 case BPF_LD|BPF_W|BPF_LEN:
302 case BPF_LDX|BPF_W|BPF_LEN:
306 case BPF_LD|BPF_W|BPF_IND:
308 if (k + sizeof(int32) > buflen) {
309 #if defined(KERNEL) || defined(_KERNEL)
312 A = m_xword(m, k, &merr);
320 A = EXTRACT_LONG(&p[k]);
323 case BPF_LD|BPF_H|BPF_IND:
325 if (k + sizeof(short) > buflen) {
326 #if defined(KERNEL) || defined(_KERNEL)
329 A = m_xhalf(m, k, &merr);
337 A = EXTRACT_SHORT(&p[k]);
340 case BPF_LD|BPF_B|BPF_IND:
343 #if defined(KERNEL) || defined(_KERNEL)
348 A = mtod(n, u_char *)[k];
357 case BPF_LDX|BPF_MSH|BPF_B:
360 #if defined(KERNEL) || defined(_KERNEL)
365 X = (mtod(n, char *)[k] & 0xf) << 2;
371 X = (p[pc->k] & 0xf) << 2;
378 case BPF_LDX|BPF_IMM:
386 case BPF_LDX|BPF_MEM:
402 case BPF_JMP|BPF_JGT|BPF_K:
403 pc += (A > pc->k) ? pc->jt : pc->jf;
406 case BPF_JMP|BPF_JGE|BPF_K:
407 pc += (A >= pc->k) ? pc->jt : pc->jf;
410 case BPF_JMP|BPF_JEQ|BPF_K:
411 pc += (A == pc->k) ? pc->jt : pc->jf;
414 case BPF_JMP|BPF_JSET|BPF_K:
415 pc += (A & pc->k) ? pc->jt : pc->jf;
418 case BPF_JMP|BPF_JGT|BPF_X:
419 pc += (A > X) ? pc->jt : pc->jf;
422 case BPF_JMP|BPF_JGE|BPF_X:
423 pc += (A >= X) ? pc->jt : pc->jf;
426 case BPF_JMP|BPF_JEQ|BPF_X:
427 pc += (A == X) ? pc->jt : pc->jf;
430 case BPF_JMP|BPF_JSET|BPF_X:
431 pc += (A & X) ? pc->jt : pc->jf;
434 case BPF_ALU|BPF_ADD|BPF_X:
438 case BPF_ALU|BPF_SUB|BPF_X:
442 case BPF_ALU|BPF_MUL|BPF_X:
446 case BPF_ALU|BPF_DIV|BPF_X:
452 case BPF_ALU|BPF_AND|BPF_X:
456 case BPF_ALU|BPF_OR|BPF_X:
460 case BPF_ALU|BPF_LSH|BPF_X:
464 case BPF_ALU|BPF_RSH|BPF_X:
468 case BPF_ALU|BPF_ADD|BPF_K:
472 case BPF_ALU|BPF_SUB|BPF_K:
476 case BPF_ALU|BPF_MUL|BPF_K:
480 case BPF_ALU|BPF_DIV|BPF_K:
484 case BPF_ALU|BPF_AND|BPF_K:
488 case BPF_ALU|BPF_OR|BPF_K:
492 case BPF_ALU|BPF_LSH|BPF_K:
496 case BPF_ALU|BPF_RSH|BPF_K:
500 case BPF_ALU|BPF_NEG:
504 case BPF_MISC|BPF_TAX:
508 case BPF_MISC|BPF_TXA:
516 * Return true if the 'fcode' is a valid filter program.
517 * The constraints are that each jump be forward and to a valid
518 * code, that memory accesses are within valid ranges (to the
519 * extent that this can be checked statically; loads of packet
520 * data have to be, and are, also checked at run time), and that
521 * the code terminates with either an accept or reject.
523 * The kernel needs to be able to verify an application's filter code.
524 * Otherwise, a bogus program could easily crash the system.
528 const struct bpf_insn *f;
532 const struct bpf_insn *p;
537 * There's no maximum program length in userland.
539 #if defined(KERNEL) || defined(_KERNEL)
540 if (len > BPF_MAXINSNS)
544 for (i = 0; i < len; ++i) {
546 switch (BPF_CLASS(p->code)) {
548 * Check that memory operations use valid addresses.
552 switch (BPF_MODE(p->code)) {
559 * There's no maximum packet data size
560 * in userland. The runtime packet length
563 #if defined(KERNEL) || defined(_KERNEL)
565 * More strict check with actual packet length
568 if (p->k >= bpf_maxbufsize)
573 if (p->k >= BPF_MEMWORDS)
584 if (p->k >= BPF_MEMWORDS)
588 switch (BPF_OP(p->code)) {
600 * Check for constant division by 0.
602 if (BPF_RVAL(p->code) == BPF_K && p->k == 0)
611 * Check that jumps are within the code block,
612 * and that unconditional branches don't go
613 * backwards as a result of an overflow.
614 * Unconditional branches have a 32-bit offset,
615 * so they could overflow; we check to make
616 * sure they don't. Conditional branches have
617 * an 8-bit offset, and the from address is <=
618 * BPF_MAXINSNS, and we assume that BPF_MAXINSNS
619 * is sufficiently small that adding 255 to it
622 * We know that len is <= BPF_MAXINSNS, and we
623 * assume that BPF_MAXINSNS is < the maximum size
624 * of a u_int, so that i + 1 doesn't overflow.
626 * For userland, we don't know that the from
627 * or len are <= BPF_MAXINSNS, but we know that
628 * from <= len, and, except on a 64-bit system,
629 * it's unlikely that len, if it truly reflects
630 * the size of the program we've been handed,
631 * will be anywhere near the maximum size of
632 * a u_int. We also don't check for backward
633 * branches, as we currently support them in
634 * userland for the protochain operation.
637 switch (BPF_OP(p->code)) {
639 #if defined(KERNEL) || defined(_KERNEL)
640 if (from + p->k < from || from + p->k >= len)
642 if (from + p->k >= len)
650 if (from + p->jt >= len || from + p->jf >= len)
665 return BPF_CLASS(f[len - 1].code) == BPF_RET;
projects / dragonfly.git / blob