From: Philippe Antoine <pantoine@oisf.net>
Date: Mon, 19 Feb 2024 09:53:02 +0000 (+0100)
Subject: decode/pppoe: pointer cast consistency
X-Git-Tag: suricata-8.0.0-beta1~1660
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2db8bfdca7c2483f51c35a726d73f1912638199;p=thirdparty%2Fsuricata.git

decode/pppoe: pointer cast consistency

Ticket: 6787

To do pointer arithmetic, we need to use uint8_t* pointer :
Pointer arithmetic in C is automatically scaled according
to the size of the data type.

Also simplifies the loop condition
---

diff --git a/src/decode-pppoe.c b/src/decode-pppoe.c
index f884085c65..cb6eccb6b4 100644
--- a/src/decode-pppoe.c
+++ b/src/decode-pppoe.c
@@ -83,7 +83,7 @@ int DecodePPPOEDiscovery(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
     /* parse any tags we have in the packet */
 
     uint32_t tag_length = 0;
-    PPPOEDiscoveryTag* pppoedt = (PPPOEDiscoveryTag*) (p->pppoedh +  PPPOE_DISCOVERY_HEADER_MIN_LEN);
+    const uint8_t* pkt_pppoedt = pkt + PPPOE_DISCOVERY_HEADER_MIN_LEN;
 
     uint32_t pppoe_length = SCNtohs(p->pppoedh->pppoe_length);
     uint32_t packet_length = len - PPPOE_DISCOVERY_HEADER_MIN_LEN ;
@@ -97,28 +97,24 @@ int DecodePPPOEDiscovery(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
         return TM_ECODE_OK;
     }
 
-    while (pppoedt < (PPPOEDiscoveryTag*) (pkt + (len - sizeof(PPPOEDiscoveryTag))) && pppoe_length >=4 && packet_length >=4)
+    // packet_length >= pppoe_length so we have enough data
+    while (pppoe_length >= sizeof(PPPOEDiscoveryTag))
     {
+        PPPOEDiscoveryTag* pppoedt = (PPPOEDiscoveryTag*)pkt_pppoedt;
 #ifdef DEBUG
         uint16_t tag_type = SCNtohs(pppoedt->pppoe_tag_type);
 #endif
+        // upgrade to u32 to avoid u16 overflow
         tag_length = SCNtohs(pppoedt->pppoe_tag_length);
 
         SCLogDebug ("PPPoE Tag type %x, length %"PRIu32, tag_type, tag_length);
 
         if (pppoe_length >= (4 + tag_length)) {
             pppoe_length -= (4 + tag_length);
+            pkt_pppoedt = pkt_pppoedt + (4 + tag_length);
         } else {
             pppoe_length = 0; // don't want an underflow
         }
-
-        if (packet_length >= 4 + tag_length) {
-            packet_length -= (4 + tag_length);
-        } else {
-            packet_length = 0; // don't want an underflow
-        }
-
-        pppoedt = pppoedt + (4 + tag_length);
     }
 
     return TM_ECODE_OK;