The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
Use EXTRACT_U_1() as required by those changes. Remove
no-longer-necessary & operators from other EXTRACT_ calls.
While we're at it, add MAC_ADDR_LEN to netdissect.h, and use it instead
of ETHER_ADDR_LEN; eliminate ETHER_ADDR_LEN.
Move the maximum Ethernet length field value to ethertype.h, under the
name MAX_ETHERNET_LENGTH_VAL.
Move the Ethernet header structure, and the #define for the Ethernet
header length, to print-ether.c; in non-Ethernet dissectors that were
using the Ethernet header structure, just declare two nd_mac_addr
variables for the source and destination MAC addresses and use them
instead of the Ethernet header (we don't need the type field there).
These changes leave nothing in ether.h, so eliminate it.
Now all the macros have a name meaning a count in bytes.
With _S_: signed, _U_: unsigned
e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4
and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8 -> EXTRACT_S_1
This fixes a buffer over-read discovered by Kamil Frankowicz.
Don't pass the remaining caplen - that's too hard to get right, and we
were getting it wrong in at least one case; just use ND_TTEST().
Add a test using the capture file supplied by the reporter(s).
An XID could have no payload, e.g. an SNA "short form" XID.
If it *does* have a payload, and it's a "basic form" XID, it needs to be
at least 3 bytes long, not 2 bytes long.
If a protocol that runs under a link-layer protocol would print the
link-layer addresses for the packet as source and destination addresses
for the packet, don't have it blithely assume those link-layer addresses
are present or are at a particular offset from the beginning of that
protocol's data; Ethertypes, for example, are used by a number of
protocols, not all of which have Ethernet headers and not all of which
have any MAC headers.
Instead, pass the printers for those protocols structures with a pointer
to the address data and a pointer to a routine that prints the address.
Fixes some heap overflows found with American Fuzzy Lop by Hanno Böck.
with the tag '\summary:' for greping.
Remark: Currently some printers have no summary line.
Moreover:
Summarize all printers with a single line in INSTALL.txt
Have llc_print() return the length of the LLC header, plus the length of
the SNAP header, if available - or, if it couldn't dissect the payload,
return the *negative* of that sum. Use that return value in link-layer
printers.
Don't print LLC header information for SNAP packets; if we have a SNAP
header, just call snap_print() and return its return value, regardless
of whether it's 1 or 0, don't fall into the code to print raw LLC header
information - and don't print it with -e, either.
If llc_print() returns 0, just call the default packet printer, don't
print the MAC-layer header or the extracted ethertype - llc_print() will
print the source and destination MAC addresses and whatever type
information is in the LLC or SNAP headers.
If we don't know the DSAP/LSAP, and it's an information frame (numbered
or not) and not an XID frame, return 0, so that we give a hex dump of
the raw payload.
In addition, print the length when printing SNAP header information with
-e.
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
Check both the captured length and the on-the-wire length (the latter
*should* be greater than or equal to the former, but that's not
guaranteed).
Add some additional length checks, so neither caplen nor length
underflow.
If we stop dissecting because the packet is too short, return 1, not 0,
as we've "dissected" what we can; 0 means "this is LLC+SNAP with an OUI
of 0 and an unknown Ethertype".
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.
Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
