Remove all ND_TCHECK*() instances because they are redundant. Let
nd_printzp() guard the snapshot end. Report invalid packets as invalid,
not truncated. Make functions that always return the same value void.
ND_TCHECK_BRIDGE_ID() is not used anymore, so remove it. Update a test.
Remove a number of instances that do not match common patterns and have
the only substantial effect on the code flow that a truncated packet
triggers "goto trunc" instead of longjmp(). (In a few cases this change
can increase the number of fields printed before giving up.)
ND_TCHECK_n(e), n in { 1, 2, 3, 4, 8 }.
They are redundant because they are followed by a GET_.*_n(e) call,
same n, same e, which do the bounds check.
Remove unused 'trunc' labels and most associated codes.
Update the outputs of some tests accordingly.
We require an environment with a C99-compatible snprintf(), so we don't
need to work around older implementations. Make the configuration
process fail if we don't have snprintf() and vsnprintf().
We require at least VS 2015, so we don't have to check for _MSC_VER >=
1400. Make the build fail if we don't have at least VS 2015.
We apparently do, however, have to use __inline, as the VS 2015
documentation doesn't meaning plain old "inline". Update a comment.
... with the ND_TCHECK_SIZE() macro.
The ND_TCHECK_SIZE() macro is defined by:
#define ND_TCHECK_SIZE(p) ND_TCHECK_LEN(p, sizeof(*(p)))
Example (in print-pptp.c):
struct pptp_msg_sccrp {
[...]
nd_byte hostname[64];
[...]
}
nd_byte is defined in netdissect.h:
typedef unsigned char nd_byte;
ptr is defined as: struct pptp_msg_sccrp *ptr.
As pointer values, ptr->hostname and &ptr->hostname are the same. Thus
the first parameter of ND_TCHECK_LEN() is the same with or without '&'.
When doing:
ND_TCHECK_SIZE(ptr->hostname);
The sizeof(*(p)) gives sizeof(*(ptr->hostname)),
Thus sizeof(unsigned char) is 1.
The check is wrong.
When doing:
ND_TCHECK_SIZE(&ptr->hostname);
The sizeof(*(p)) gives sizeof(*(&ptr->hostname)),
Thus sizeof(unsigned char [64]) is 64.
The check is right.
Thus, when using ND_TCHECK_SIZE with a nd_byte type array struct member,
we need the '&'.
This change revert partially 1b081ef03b.
The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
The functions are: nd_print, nd_printztn, nd_printn and nd_printzp.
Trying to make it clearer that they currently have to be used only on part
of the packet buffer.
Update some comments.
Some versions of the MSVC runtime library have a non-C99-compliant
vsnprintf(), which we want to avoid. On Windows, use snprintf() and
vsnprintf() for VS 2015 and later, where they both exist in
C99-compliant forms, and wrap _{v}snprintf_s() otherwise (they're
guaranteed to do the null termination that we want).
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
Now all the macros have a name meaning a count in bytes.
With _S_: signed, _U_: unsigned
e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4
and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8 -> EXTRACT_S_1
Check whether the flags are in the captured data before printing them in
an MSTP BPDU.
Check whether V4 length is in the captured data before fetching it.
This fixes a vulnerability discovered by Kamil Frankowicz.
Include a test for the "check whether the V4 length is..." fix, using
the capture supplied by Kamil Frankowicz.
Use fn_printzp().
Moreover:
Add a missing comma in output.
Use ND_TCHECK_32BITS instead of ND_TTEST_32BITS.
Add a test for spb_bpduv4.pcap with verbose output.
The bounds checks fix some heap overflows found with American Fuzzy Lop
by Hanno Böck.
Add some ND_TTEST_/ND_TCHECK_ macros to extract.h to simplify writing
bounds checks for code that uses the other macros in that file.
Fix the printing of the SPB BPDU agreement digest - I don't think the
intent was to print the value of the first 4 bytes, that value + 4, that
value + 8, etc., I suspect it was to print the first 4 bytes, the next 4
bytes, etc..
with the tag '\summary:' for greping.
Remark: Currently some printers have no summary line.
Moreover:
Summarize all printers with a single line in INSTALL.txt
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
Make sure all of them are declared const and most of them -- static.
Proper declaration of token arrays is a common review point for new code
that is based on existing decoders. Thus fix the issue at its root.
Before the previous change, we didn't print it; restore that behavior.
Also update a comment - DEFAULT_SNAPLEN is now pretty large, so we
should capture the entire packet by default.
Make the offsets and lengths 32-bit, so that they don't overflow.
Pull the handling of V4 fields into its own routine. Call it only if
the packet's been identified as a V4 packet and the length is sane; call
the routine to handle V3 fields before we do any V4 work.