ESP: Delete a useless custom bounds check

The two GET_BE_U_4() perform the bounds checks.

Print the protocol name, with nd_print_protocol_caps(), before any
check.

Add a test file with a truncated ESP packet.

Author: fxlb

print-esp.c

@@ -747,8 +747,8 @@ esp_print(netdissect_options *ndo,
 	  u_int ttl_hl USED_IF_LIBCRYPTO)
 {
 	const struct newesp *esp;
-	const u_char *ep;
 #ifdef HAVE_LIBCRYPTO
+	const u_char *ep;
 	const struct ip *ip;
 	struct sa_list *sa = NULL;
 	const struct ip6_hdr *ip6 = NULL;
@@ -764,18 +764,16 @@ esp_print(netdissect_options *ndo,
 	ndo->ndo_protocol = "esp";
 	esp = (const struct newesp *)bp;
 
-	/* 'ep' points to the end of available data. */
-	ep = ndo->ndo_snapend;
+	nd_print_protocol_caps(ndo);
 
-	if ((const u_char *)(esp + 1) >= ep) {
-		nd_print_trunc(ndo);
-		return;
-	}
-	ND_PRINT("ESP(spi=0x%08x", GET_BE_U_4(esp->esp_spi));
+	ND_PRINT("(spi=0x%08x", GET_BE_U_4(esp->esp_spi));
 	ND_PRINT(",seq=0x%x)", GET_BE_U_4(esp->esp_seq));
 	ND_PRINT(", length %u", length);
 
 #ifdef HAVE_LIBCRYPTO
+	/* 'ep' points to the end of available data. */
+	ep = ndo->ndo_snapend;
+
 	/* initialize SAs */
 	if (ndo->ndo_sa_list_head == NULL) {
 		if (!ndo->ndo_espsecret)

tests/TESTLIST

@@ -110,6 +110,7 @@ edsa-high-vid-e	edsa-high-vid.pcap	edsa-high-vid-e.out	-e
 
 # ESP tests
 esp0		02-sunrise-sunset-esp.pcap	esp0.out
+esp_truncated esp_truncated.pcap esp_truncated.out
 # more ESP tests in crypto.tests
 
 # ISAKMP tests

tests/esp_truncated.out

@@ -0,0 +1 @@
+    1  2020-11-19 12:07:26.999999 IP 0.254.92.182.4500 > 255.127.255.121.8472: UDP-encap: ESP(spi=0xc0f7d4c3 [|esp]