Commit Graph

61 Commits

Author SHA1 Message Date
Francois-Xavier Le Bail
ba8936b39b Print truncations with nd_print_trunc() instead of tstr[] strings
Remove the tstr[] strings.
Update the output of some tests accordingly.

Moreover:
Add or update some ndo_protocol fields.
2018-05-04 13:47:49 +02:00
Francois-Xavier Le Bail
546558eabd Add the ndo_protocol field in the netdissect_options structure
Update this field in printer entry functions.
It will be used for some printings.
2018-03-16 19:44:47 +01:00
Guy Harris
fb2479d733 Always include <config.h> rather than "config.h".
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options.  This way, we always pick up the
same config.h, in the build directory.
2018-01-21 12:27:28 -08:00
Francois-Xavier Le Bail
513f782ae1 Use quoted include netdissect-stdinc.h instead of angle-bracketed one 2018-01-21 10:28:15 +01:00
Guy Harris
09e4f5dd4b Window changes in compressed SLIP are signed.
If the first byte has a non-zero value, it is a positive value of the
change from 1 to 255.  If it's zero, the next two bytes are a signed
big-endian value.
2018-01-14 14:32:28 -08:00
Guy Harris
64677b0d78 Clean up signed vs. unsigned. 2018-01-11 11:52:30 -08:00
Francois-Xavier Le Bail
e2982e7f6f Update ND_PRINT() as a variadic macro 2018-01-07 13:36:41 +01:00
Francois-Xavier Le Bail
5cea270318 Remove all storage class specifier 'register'
Let the compiler do the optimizations (or not) based on build options.

Avoid 'value has been optimized out' messages in gdb using '-O0'.
2017-12-13 19:17:47 +01:00
Guy Harris
3f3f2505f2 Make nd_uint8_t and nd_int8_t arrays, to catch direct references.
This catches direct references, so we can change them to use EXTRACT_U_1
or EXTRACT_S_1.

Also, change some structures to use the nd_ types that weren't already
using them.

Then make the appropriate EXTRACT_{U,S}_1() changes.
2017-12-10 16:23:34 -08:00
Francois-Xavier Le Bail
e44bc94ad0 Use pointer expressions like in most similar cases 2017-12-10 15:17:06 +01:00
Francois-Xavier Le Bail
07ac438e08 Use more the EXTRACT_U_1() macro (52/n)
Assignment, p[n]
2017-12-09 14:05:25 +01:00
Francois-Xavier Le Bail
03a2d9c4c1 Use more the EXTRACT_U_1() macro (47/n)
In: if (... *(p) ...) ...
2017-12-05 10:45:44 +01:00
Francois-Xavier Le Bail
4166458a2a Use more the EXTRACT_U_1() macro (46/n)
In: if (... p[n] ...) ...
2017-12-03 21:51:36 +01:00
Francois-Xavier Le Bail
10a52254ae Use more the EXTRACT_U_1() macro (44/n)
In: switch (... p[n] ...) ...
2017-12-03 14:00:15 +01:00
Francois-Xavier Le Bail
e83dfd9b16 Simplify some expressions
This will also help some future scripted code updates.
2017-12-02 20:52:22 +01:00
Francois-Xavier Le Bail
1a90fd99d2 Use more the EXTRACT_U_1() macro (28/n)
In ND_PRINT() macro call(s) (step 7).

p[n] ...
2017-11-26 15:44:43 +01:00
Francois-Xavier Le Bail
da20bc56d6 Rename EXTRACT_ macros
Now all the macros have a name meaning a count in bytes.

With _S_: signed, _U_: unsigned

e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4

and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8  -> EXTRACT_S_1
2017-11-22 23:54:09 +01:00
Francois-Xavier Le Bail
a7a76012a1 Use more the EXTRACT_8BITS() macro to fetch a one-byte value (17/n)
Assignment, *p++ -> EXTRACT_8BITS(p); p++;

Partial list.
2017-11-21 20:30:12 +01:00
Francois-Xavier Le Bail
577621026d Rename EXTRACT_nBITS() macros to EXTRACT_BE_nBITS()
It indicates clearly that these macros are used to extract big-endian
integral values.
2017-11-18 13:56:40 +01:00
Guy Harris
7039327875 CVE-2017-11543/Make sure the SLIP direction octet is valid.
Report if it's not, and don't use it as an out-of-bounds index into an
array.

This fixes a buffer overflow discovered by Wilfried Kirsch.

Add a test using the capture file supplied by the reporter(s), modified
so the capture file won't be rejected as an invalid capture.
2017-09-02 21:36:44 +01:00
Guy Harris
c4744fc29a CVE-2016-7925/Add more bounds checks.
Fixes a heap overflow found with American Fuzzy Lop by Hanno Böck.
2017-01-18 09:16:35 +01:00
Francois-Xavier Le Bail
11d3a01319 Move the printer summaries from INSTALL.txt to each printer
with the tag '\summary:' for greping.
Remark: Currently some printers have no summary line.

Moreover:
Summarize all printers with a single line in INSTALL.txt
2016-08-14 17:03:43 +02:00
Francois-Xavier Le Bail
99c91c3aec Rename 'tcpdump-stdinc.h' to 'netdissect-stdinc.h'
Get the full log via: git log --follow netdissect-stdinc.h
2015-09-10 08:50:40 +02:00
Francois-Xavier Le Bail
b638c78b40 Remove obsolete comments 2015-09-07 15:01:46 +02:00
Francois-Xavier Le Bail
c1c3c77463 Printers must include 'netdissect.h', not 'interface.h' 2015-09-05 23:35:58 +02:00
Guy Harris
69cb46af91 Fix a bunch of de-constifications. 2015-04-26 17:24:42 -07:00
Denis Ovsienko
38700c7f24 dismiss NETDISSECT_REWORKED macro
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
2015-03-22 10:06:15 +00:00
Guy Harris
d7516761f9 Do more length checking. From OpenBSD. 2014-12-18 14:48:08 -08:00
Guy Harris
a6f81d534d Leave it up to ip6_print() to handle non-IPv6-capable systems.
Always define and declare ip6_print(), always compile print-ip6.c, and
always call it if we recognize a payload as IPv6.  If INET6 isn't
defined, ip6_print() will just print the length and note that printing
isn't supported.

That way, we don't do weird dissection of IPv6 packets on systems
without IPv6 support, due to, for example, ethertype_print() returning 0
("not dissected") for IPv6 packets on those systems (IPv6-over-Frame
Relay was dissected weirdly due to this).
2014-10-01 15:32:11 -07:00
Denis Ovsienko
779bcfb73a convert some stray printf()'s 2014-04-02 18:55:50 +04:00
Denis Ovsienko
49ccafc4bc NDOize 7 more small decoders
This change converts DVMRP, DLT_ENC, EGP, GeoNet, NetFlow, SLIP and TFTP
decoders.
2014-03-21 18:33:12 +04:00
Denis Ovsienko
88e479b75e don't include pcap.h needlessly
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
2014-02-28 18:11:09 +04:00
Denis Ovsienko
69f6f4392a don't include addrtoname.h needlessly 2014-02-25 17:53:08 +04:00
Denis Ovsienko
fe3253b9b8 remove tcpdump's own CVS keywords
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
2014-01-03 00:59:08 +04:00
Guy Harris
27d428c0a1 Pull a bunch of headers into the only source file that includes them.
For headers included in only one source file, put the header contents in
the source file in question, and get rid of a bunch of stuff from the
header not used in the source file.
2013-12-30 22:52:15 -08:00
Denis Ovsienko
d8acd8f5d0 make consistent use of the "tstr" idiom
For each decoder that has more than one instance of truncation signaling
and prints the same string in each instance make sure that the string is
declared as "static const char tstr[]" right after the initial includes
block. Where necessary, replace fputs(s, stdout) with equivalent
printf("%s", s).
2013-12-26 18:19:50 +04:00
Guy Harris
a91d20cc84 Convert the IPv6 printer to use netdissect. 2010-11-07 12:50:16 -08:00
mcr
4189fb7df6 refactored ip_print() so that chained header parser (ESP/AH) can
more easily call the inner parts.
2005-04-06 21:32:38 +00:00
guy
bbc1cfa669 Have the configure script arrange that the Makefile define _U_
appropriately, and that GNUmakefile and the MSVC++ project file define
it apppriately, as we do with libpcap, rather than defining it in
"interface.h".

Undo the rcsid-shuffling and addition of extra #includes, as we no
longer need to arrange that "interface.h" be included before using _U_
in an RCS ID or copyright.
2003-11-16 09:36:07 +00:00
guy
3824a6c041 From Neil Spring:
use "_U_" in the definitions of "rcsid[]", to eliminate
	complaints about those variables being unused;

	move the definitions after the include of "interface.h", or add
	an include of "interface.h", so that "_U_" is defined.

Include "config.h" before including "tcpdump-stdinc.h" in
"missing/datalinks.c".
2003-11-15 00:39:12 +00:00
guy
4bec97f457 Hoist a bunch of stuff that should be done by all if_print routines into
tcpdump.c.  Have if_print routines return the length of the link-layer
header, so that the common code knows how to skip the link-layer header
when printing the packet in hex/ASCII.
2002-12-19 09:39:10 +00:00
guy
cfabfb053b Add a new routine "default_print_packet()", which takes a pointer to the
beginning of the raw packet data, the captured length of the raw packet
data, and the length of the link-layer header, and:

	if "-e" was specified, prints all the raw packet data;

	if "-e" was not specified, prints all the raw packet data past
	the link-layer header, if there is any.

Use that routine in all the "xxx_if_print()" routines if "-x" was
specified.

Make "arcnet_encap_print()" static - it's not used outside
"print-arcnet.c".

Add missing info printing code to "atm_if_print()".

Print the packet data in "lane_if_print()", not in "lane_print()", as
"lane_print()" can be called from other "xxx_if_print()" routines, and
those routines will also print the packet data if "-x" was specified -
no need to print it twice.
2002-12-18 09:41:13 +00:00
guy
e070cf232f We no longer use "packetp" for anything, so eliminate it. (If any
dissector really needs source and destination MAC addresses, we should
make global pointers to them - which would be null for packets lacking
MAC addresses, so dissectors that need them will need to do something
sensible if those pointers are null.)

Don't fake up an Ethernet header if there aren't any MAC addresses to
use when faking it up.

"bp_chaddr" in "print-bootp.c" is an array, so "bp->bp_chaddr" cannot be
null, and there's no need to test for it not being null.
2002-12-18 08:53:18 +00:00
guy
c422d3ab0f Get rid of the "-Wno-unused" flag, and fix up most of the
unused-parameter problems reported by GCC.  Add an _U_ tag to label
parameters as unused if the function is called through a pointer (so
that you can't change its signature by removing parameters) or if there
are unused parameters only because the function isn't complete.

Add some additional bounds checks the necessity for which was revealed
while cleaning up unused-parameter problems.

Make some routines static.

"lcp_print()", defined in "print-lcp.c", isn't called anywhere -
"print-ppp.c" has the code to dissect LCP.  Get rid of "print-lcp.c".
2002-09-05 21:25:34 +00:00
risso
3d932490b8 Added support for Win32, based on WinPcap. 2002-08-01 08:52:55 +00:00
guy
176a3e4986 Put the infodelay wrapping into the remaining "XXX_if_print()" routines.
Split the Cisco HDLC printer into "chdlc_if_print()", which does the
stuff expected of a low-level print routine (printing the time stamp,
printing the final newline, doing the infodelay stuff) and
"chdlc_print()", which doesn't do that stuff.  This lets us clean up
"ppp_hdlc_if_print()" a bit - it can just print the time stamp at the
beginning, and do the infodelay stuff at the end, without having to
treat Cisco HDLC specially by skipping the time stamp printing.  (This
also ensures that the time stamp is always printed, which wasn't the
case before.)

Print the missing final newline in "pppoe_if_print()".
2001-07-05 18:54:13 +00:00
guy
e521675238 64-bit cleanup - cast the difference between two pointers to "long" and
print it with "%ld".
2000-10-10 05:06:10 +00:00
guy
f685a42c3d Pull the "linux-include" versions of "slip.h" and "slcompress.h" up to
the top-level directory, remove from them all stuff not needed by
tcpdump, include them rather than the system's header files, and get rid
of assorted unnecessary include files.

This means you don't need to check for "slip.h" when building
"print-sl.c", stubbing it out on systems that don't have "slip.h".  We
also don't need to build the stuff in "print-vjc.c" only on BSD/OS.

Use "u_int32_t" and "u_int16_t" rather than "u_int" and "u_short" for
structure members in "print-chdlc.c".

Move PPP_HDRLEN from "print-ppp.c" to "ppp.h", as per the XXX comment in
"print-ppp.c".
2000-10-09 01:53:19 +00:00
itojun
fb75d3cd5a always use u_intXX_t for protocol format declaration. char/short/int may not
come with exact size.  while at it, correct signedness of ip/udp header field.
nuke most of the use of bitfield.
TODO: bitfield in namser.h
2000-10-03 02:54:54 +00:00
itojun
cdaba7de64 do not use integer bitfield when we care about the resulting member size.
u_int x:4, y:4; will occupy sizeof(int) on some platforms, while it occupy
1 byte on some platforms.  use macro to decode th_off.
2000-10-03 02:26:53 +00:00