Check whether the flags are in the captured data before printing them in
an MSTP BPDU.
Check whether V4 length is in the captured data before fetching it.
This fixes a vulnerability discovered by Kamil Frankowicz.
Include a test for the "check whether the V4 length is..." fix, using
the capture supplied by Kamil Frankowicz.
Make src and dst "const void *"s to squelch
taking address of packed member 'ip6_dst' of class or structure
'ip6_hdr' may result in an unaligned pointer value
[-Waddress-of-packed-member]
warnings from some versions of Clang.
Make dst_addr a "const void *" to squelch
taking address of packed member 'ip6_dst' of class or structure
'ip6_hdr' may result in an unaligned pointer value
[-Waddress-of-packed-member]
warnings from some versions of Clang.
Add a break at the end of the RSVP_OBJ_LABEL_SET case block as it fully
deals with class number 36 (LABEL_SET) from RFC 3473 Section 2.6 and is
not related to the class in next case block.
Add a break at the end of the RSVP_OBJ_S2L case block as it fully deals
with class number 50 (S2L_SUB_LSP) from RFC 4875 Section 19.3 and does
not need to fall through to the default case block.
The source code comment explains it should fall through but GCC does not
pick it up, that's what the new macro is for.
./print-fr.c: In function ‘mfr_print’:
./print-fr.c:510:20: warning: this statement may fall through [-Wimplicit-fallthrough=]
if (ie_len == sizeof(struct timeval)) {
^
./print-fr.c:521:13: note: here
case MFR_CTRL_IE_VENDOR_EXT:
^~~~
The documentation claims that recent GCC is now better by default at
spotting cases of code flow falling through (which is true) and that it
avoids false positives by matching nearby source code comments with
regexps. However, the latter feature doesn't seem to work as reliably
as the manual describes it, so let's have a macro for this purpose.
Tested to work on:
* x86_64, Fedora 26, GCC 7.1.1 (w/__attribute__, w/fallthrough)
* x86_64, Ubuntu 16.04, GCC 5.4.0 (w/__attribute__, w/o fallthrough)
* x86_64, FreeBSD 11.0, CLang 3.8.0 (w/__attribute__, w/o fallthrough)
* SPARC, Solaris 10, SolStudio 12.4 (w/__attribute__, w/o fallthrough)
* SPARC, Solaris 10, SunStudio 11 (w/o __attribute__)
This squelches a warning in format_256(), make a similar change to
format_nid() while at it.
$ gcc --version
gcc (GCC) 7.1.1 20170622 (Red Hat 7.1.1-3)
./print-hncp.c: In function ‘format_256’:
./print-hncp.c:175:26: warning: ‘%016lx’ directive output truncated writing 16 bytes into a region of size 12 [-Wformat-truncation=]
snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
^~~~~~
./print-hncp.c:175:41: note: format string is defined here
snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
./print-hncp.c:175:26: note: using the range [0, 18446744073709551615] for directive argument
snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
^~~~~~
./print-hncp.c:175:26: note: using the range [0, 18446744073709551615] for directive argument
./print-hncp.c:175:26: note: using the range [0, 18446744073709551615] for directive argument
./print-hncp.c:175:5: note: ‘snprintf’ output 65 bytes into a destination of size 28
snprintf(buf[i], 28, "%016" PRIx64 "%016" PRIx64 "%016" PRIx64 "%016" PRIx64,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
EXTRACT_64BITS(data),
~~~~~~~~~~~~~~~~~~~~~
EXTRACT_64BITS(data + 8),
~~~~~~~~~~~~~~~~~~~~~~~~~
EXTRACT_64BITS(data + 16),
~~~~~~~~~~~~~~~~~~~~~~~~~~
EXTRACT_64BITS(data + 24)
~~~~~~~~~~~~~~~~~~~~~~~~~
);
~
crypto.sh ran its tests as expected but only indicated a failure
upstream when the last test failed. Add necessary checks and modify
the other "complex" tests in a similar manner to make sure the same
bug does not creep into these scripts later. Fix some indentation
while at it.
These tests may be performed in an arbitrary time zone, so they *must*
run tcpdump with an option to print the time in a time-zone-independent
fashion. Force -t on in TESTonce, just as we do for -n, and remove it
from TESTLIST and the conditional test scripts.
That leaves it up to libpcap to choose an appropriate snapshot length,
which it'll do. With upcoming versions, it'll choose, when capturing on
a D-Bus interface, a very large snapshot length, to handle the maximum
D-Bus message size of 128MB.
(For older versions, we still use 262144, as those versions won't pick a
default value.)
It's *not* the length of the captured data in the packet, it's the
snapshot length for the live capture or the savefile - the length of the
captured data in the packet could be less.
Check the packet length as well as the captured length.
Don't have separate "non-verbose" and "verbose" cases, so we don't
duplicate the length checks.
Print the right value for some length check errors.
Clean up the TLV parsing code - keep parsing until we completely run out
of data, but make sure, before we look at the TLV header, that we
haven't run past the end of the packet as well as that we haven't run
past the end of the captured data.
In the OSI checksum routine:
Have it take an unsigned length, so we don't have to worry about it
being negative.
Use ND_TTEST2 to check whether the checksum offset is within the
bounds of the packet.
If we don't have all the packet data to checksum, just report
"unverified", don't return a "truncated" error.
Put the information about the time stamp first, and put in a more
detailed description of IPv4 header information before TCP header
information is described.
Update the description of TCP header informaton to reflect current
reality.
More updating is probably needed.
The "tcp" in "tcpdump" is historical; these days, it's a general-purpose
network analyzer. Don't claim tcpdump will not be of much use to you if
you don't know TCP.
1) the condition where the shutdown communication length field
claims to be longer then the BGP NOTIFICATION Cease message
actually can accomodate.
2) if the shutdown communication payload contains \0 (NUL) we
should be able to print that rather then stop printing the
string.
The draft-ietf-idr-shutdown-07 document specifies a mechanism to
transmit a short free form UTF-8 [RFC3629] message as part of a Cease
NOTIFICATION message [RFC4486] to inform the peer why the BGP session is
being shutdown or reset.
Hat tip to Peter van Dijk <peter.van.dijk@powerdns.com>
Add a comment about a minor nit and squelch a compiler warning:
./tcpdump.c:1104:4: warning: implicit declaration of function
'sysctlbyname' is invalid in C99
[-Wimplicit-function-declaration]
sysctlbyname(sysctl, parent, &s, NULL, 0);
monitor mode VAP, tcpdump will print an error message saying rfmon is
not supported.
Give a concise explanation as to how one might solve this problem by
creating a monitor mode VAP.
The interesting part is whether the build has picked up the optional
libraries that were present and whether AddressSanitizer was enabled
(this is yet to be sorted in some reasonable way).
As far as modern OSPF implementations are concerned, packet type 0 is
not a valid value, so let's print it as such. Also for an invalid packet
type tell its decimal value.
