This means we get the same behavior in Turkish locales (where, if we
aren't in the C locale, we might get lower-case "i" mapped to upper-case
"I with dot" and upper-case "I" mapped to lower-case "i without dot),
and may also suppress some shortening warnings from MSVC.
This is an update to packet header timestamps printing based on
Guy Harris's proposal.
Theses timestamps are outside the 1970-2038 range; This happens on some
fuzzed captures.
This will allow to have the same printing on Windows and UN*X.
Update needed before 2038.
Using seconds offset from GMT to local time to compute local time give
errors when printing times outside the same daylight saving time period.
Use the localtime() function for default and -tttt cases.
Use the gmtime() function for -ttt and -ttttt cases.
Rename ts_hmsfrac_print() to ts_date_hmsfrac_print().
Remove some variables now useless.
Update some comments.
Just directly print them. This means:
1) we don't have to worry about making a big enough buffer;
2) we don't get annoying warnings about string truncation
due to invalid timestamp values;
3) we use a constant string as a format, so that the compiler
can more easily do format string vs. format argument checks.
This function print a null-terminated string, filtering out non-printable
characters.
DON'T USE IT with a pointer on the packet buffer because there is no
truncation check. For this use, see the nd_printX() functions.
The functions are: nd_print, nd_printztn, nd_printn and nd_printzp.
Trying to make it clearer that they currently have to be used only on part
of the packet buffer.
Update some comments.
Some versions of the MSVC runtime library have a non-C99-compliant
vsnprintf(), which we want to avoid. On Windows, use snprintf() and
vsnprintf() for VS 2015 and later, where they both exist in
C99-compliant forms, and wrap _{v}snprintf_s() otherwise (they're
guaranteed to do the null termination that we want).
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
Also, make the buffer bigger.
This fixes a buffer overflow discovered by Bhargava Shastry,
SecT/TU Berlin.
Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.
safeputs() doesn't do packet bounds checking of its own; it assumes that
the caller has checked the availability in the packet data of all maxlen
bytes of data. This means we should check that we're within the
specified limit before looking at the byte.
This fixes a buffer over-read discovered by Kamil Frankowicz.
Add a test using the capture file supplied by the reporter(s).
-2147483648 provokes warnings, for various reasons involving the
definition of a constant in C, the rules of picking the type of a
constant, and the rules for determining the type of an expression
involving an integral value and the - operator. (Note that
-2147483648isn't a decimal-constant in C90 or C99, as a decimal-constant
can't contain a -. Therefore, it's a constant expression, consisting of
the - operator applied to the constant 2147483648.)
So we use INT32_MIN, which should at least make an effort to avoid those
warnings.
If it's not < 0, it's not -2147483648; check for negative values first.
Don't calculate the value for -2147483648 by hand, print a - and then
have unsigned_relts_print() calculate the value for 2147483648.
Have signed_relts_print() just call unsigned_relts_print() to do the
formatting, once it's ensured that the value is positive and printed a
leading minus sign if necessary.
Have separate routines for signed and unsigned relative time stamps.
Have the routine for signed time stamps handle the case of -2^31, where
you can't negate it and have the result fit in a 32-bit signed integer.
There are currently no users of the signed relative time stamp routine,
but it's there in case anybody needs it (and is passing 32-bit
quantitites, so that there's a risk that a packet might contain -2^31 as
the time stamp).
Fixes an array overflow found with American Fuzzy Lop by Hanno Böck.
It can't be told to stop at the end of the packet data. Add a
fn_printztn() that prints null-terminated strings, with a length check,
and which returns the number of bytes processed, or 0 if we ran out of
data. That means it does the scanning we need, but safely.
Use it in the TFTP and BOOTP printers.
Fixes a heap overflow found with American Fuzzy Lop by Hanno Böck.
As the string in question is passed as a constant from a printer, it
*shouldn't* contain any non-ASCII characters, but squelching the warning
is harmless and, on modern processors, a non-sign-extending byte load
shouldn't be any worse than a sign-extending byte load.
Have our own routines to convert between IPv4/IPv6 addresses and
strings; that helps if, for example, we want to build binary versions of
tcpdump for Windows that can run both on NT 5 (W2K/WXP), which doesn't
have inet_ntop() or inet_pton(), and NT 6 (Vista/7/8/10), which do. It
also means that we don't require IPv6 library support on UN*X to print
addresses (if somebody wants to build tcpdump for older UN*Xes lacking
IPv6 support in the system library or in add-on libraries).
Get rid of files in the missing directory that we don't need, and
various no-longer-necessary autoconf tests.
When I needed to print a string and didn't remember which of the three
functions fn_print(), fn_printn() and fn_printzp() was the right one
for the data, every time it would end up in reading through all of them
and forgetting the difference shortly after the commit.
Just having it explained in the comments should work better.
- Fix display of some nanoseconds timestamps
For example, bad print 00:-16:-2.000851566 is now 00:00:00.037851566
- Fix display of timestamp of a packet when it is lower than previous one
For example, bad print 00:00:-1.000999790 is now -00:00:00.000000210
Switch RRCP and BGP functions from tok2strbuf() to tok2str() to avoid
unnecessary local buffer management. The latter function does it in a
way to allow up to 4 calls to itself from printf(). After that
tok2strbuf() remains used by tok2str() only and can be refined later.
Remove a duplicate macro and place the remaining definition into the
right file.
