Define ND_LONGJMP_FROM_TCHECK and remove a 'trunc' label.
Make a bounds check conditional.
Use ND_ICHECK_U() for a length test.
Fix a bounds check, not invalid, but truncated.
(The bounds check is done by hex_print_with_offset() via hex_print().)
Use ND_TTEST_LEN() instead of testing ndo->ndo_snapend.
Remove an useless variable ('packet_iterator' same as 'bp').
Remove/update some comments.
Fix some indentations.
Remove some extra blank lines.
Update the outputs of two tests accordingly.
Expand the "still support old versions of CMake, for the benefit of
people with older versions, but avoid deprecation warnings/errors"
section to handle the deprecation of pre-3.10 versions by 3.31.
Based on https://cirrus-ci.org/guide/macOS/.
This will avoid the warning:
Only ghcr.io/cirruslabs/macos-runner:sonoma is allowed. Automatically
upgraded.
Test setup:
ip link add link vethA type veth peer name vethB
ip link set dev vethA up
ip link set dev vethB up
ptp4l -2 -P -S -i vethA &
tcpdump -i vethA 'ether[14] = 0xD' -w ptp_management.pcap &
Tcpdump filtering on only management packets (0xD) to skip capturing
other traffic that is already covered by other tests.
Sending management requests (which ptp4l responds to):
pmc -b 3 -2 -i vethB 'get current_data_set'
pmc -b 3 -2 -i vethB 'get port_data_set'
pmc -b 3 -2 -i vethB 'get default_data_set'
pmc -b 3 -2 -i vethB 'get parent_data_set'
pmc -b 3 -2 -i vethB 'get clock_description'
Sidenote: the management packets contains a TLV at the end and I
included 5 of them (out of the total ~50 listed in the
standard). Tcpdump currently does not print the TLV.
Signed-off-by: Casper Andersson <casper.casan@gmail.com>
`bp` was modified inside the function but the change was not
reflected back outside, resulting in the fields afterwards accessing
the wrong part of the packet.
Signed-off-by: Casper Andersson <casper.casan@gmail.com>
When a received RST segment contains data, this is diagnostic data that
explains the cause of the RST.
So we have to stop processing, even if we don't print the data (no "-v").
Rename two test outputs, with "-v" in the names.
Add two test cases (existing pcap printed without "-v").
With this change, we can write/print some contiguous packets from a file.
We can also skip some packets doing a live capture.
The '--skip 0' option is allowed to help some loop in a shell script.
Examples:
Skip 3 packets when printing:
tcpdump -#n --skip 3 -r in.pcap
Write the sixth packet, if any:
tcpdump --skip 5 -c 1 -r in.pcap -w out.pcap
Write up to 5 packets after skipping 3:
tcpdump --skip 3 -c 5 -r in.pcap -w out.pcap
It displays the reason for the "invalid" case.
Before:
1 2015-05-19 13:34:16.720640 (invalid)
After:
1 2015-05-19 13:34:16.720640 [cookie length 10 > 8] (invalid)
This is a follow-up to 8c7221d39b.
Add the poc test file from GitHub issue #783 (first packet).
Moreover:
Remove some extra blank lines.
Avoid warnings such as in the following case:
if (...)
ND_TCHECK_LEN(...);
else
With gcc:
source.c:X:12: warning: suggest explicit braces to avoid ambiguous
'else' [-Wdangling-else]
X | if (...)
| ^
With clang:
source.c:Y:2: warning: add explicit braces to avoid dangling else
[-Wdangling-else]
else
^
Avoid errors such as in the following case:
if (...)
ND_ICHECKMSG_U(...);
else
source.c:X:9: error: 'else' without a previous 'if'
X | else
| ^~~~
with gcc, or "error: expected expression" with clang.
This avoids the need to use explicit braces (dangling else).
Same for ND_ICHECK_U, ND_ICHECKMSG_ZU and ND_ICHECK_ZU.
Currently the printing with '-tt' option (unix time) is incorrect.
Some examples:
1) test: time_2106_overflow-tt
0.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56
Should be:
4294967296.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56
2) test: time_2107-tt
28315904.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56
Should be:
4323283200.000000 IP 192.168.1.11.43966 > 209.87.249.18.53: UDP, length 56
Two build examples:
64-bit build: tv->tv_sec has type '__time_t' (aka 'long').
32-bit build with _TIME_BITS=64: tv->tv_sec has type '__time64_t'
(aka 'long long').
Using 'unsigned' cast is incorrect for these 64-bit data.
Thus convert to 'int64_t' and print with '"%" PRId64'.
Add two test cases (existing pcapng printed with -tt).
Each capture file contains one packet.
time_2038.pcap: 2038-01-01 00:00:00
time_2038_max.pcap: 2038-01-19 03:14:07
time_2038_overflow.pcap: 2038-01-19 03:14:08
time_2039.pcap: 2039-01-01 00:00:00
time_2106.pcap: 2106-01-01 00:00:00
time_2106_max.pcap: 2106-02-07 06:28:15
time_2106_overflow.pcapng: 2106-02-07 06:28:16
time_2107.pcapng: 2107-01-01 00:00:00
The packet time when > 2038-01-19T03:14:07Z cannot be correctly printed
if time_t size is 32 bits (overflow).
Some tests are run only if HAVE_TIME_T_64 is set. it depends on the
output of "./tcpdump --time-t-size" (32 or 64).
A 32-bit unsigned time_t goes until 2106-02-07T06:28:15Z.
All values above require a pcapng file.