Same bugfixes than in previous commit, based on a code inspection.
Update the output of a test accordingly.
Moreover:
Clean up whitespaces/indentation.
The error was:
print-isoclns.c:2822:7: runtime error: unsigned integer overflow:
4 - 6 cannot be represented in type 'unsigned int'
Update the output of a test accordingly.
Moreover:
Clean up whitespaces/indentation.
Add two shortcuts (as long-options) for setting the time stamp
precision: --micro and --nano. While adding these options, reshuffle
the usage message to group up the options related to time stamp, and
removing the macro TIME_STAMP_PRECISION_USAGE.
If setting the time stamp precision is not supported by the available
libpcap, the usage won't mention these options (including
--time-stamp-precision), but they will still be presented in the
manpage.
The warnings were:
implicit declaration of function 'malloc' [-Wimplicit-function-declaration]
incompatible implicit declaration of built-in function 'malloc'
implicit declaration of function 'free' [-Wimplicit-function-declaration]
incompatible implicit declaration of built-in function 'free'
If a dissector has to process its input - decryption, decompression,
etc. - rather than dissect the raw input, it should push the processed
input onto the buffer stack. As soon as the dissection is done, the
stack should be popped, to free the buffer into which the processing was
done, and restore the "pointer to packet data" and "pointer to end of
packet data" members of the netdissect_options structure, so the code
can go back to dissecting the original data.
The stack will get everything popped off it when dissection is done.
Use this mechanism in the ESP decryption code rather than scribbling on
top of the input packet data.
"ivoff" is a pointer to the IV, not the offset of the IV; call it ivptr.
Have a variable that points to the beginning of the ciphertext, and use
that.
Fix the check that makes sure the authentication data/integrity check
value length isn't too big - it needs to make sure that it doesn't go
before the beginning of the ciphertext, i.e. doesn't overlap with the
IV.
Don't bother with a variable pointing to the secret, just pass
sa->secret.
Fix the check that makes sure the padding length isn't too big - make
sure it, plus 2 for the padding length and next header bytes, isn't
bigger than the ciphertext length.
Update a test to reflect the stricter length checks.
Just check whether the pointer to it is within the available packet data
- and, if it's not, report truncation.
While we're at it:
Make the initialization vector length unsigned; it's either zero or a
positive number.
Rename a variable used for the ciphertext len to ctlen.
If we can't decrypt the payload, we can't dissect it, so don't try -
just give up immediately.
While we're at it:
If EVP_CIPHER_CTX_new() fails, it means a memory allocation failed;
treat that as such.
Use some of the arguments we're passed rather than re-fetching them from
the IP header.
Add some comments.
Call nd_print_trunc() for failed length sanity checks, and note that
they can fail due to the decryption being done with the wrong key.
Update one test's output; it is, I think, being decrypted with the wrong
key.
The checksum calculation for IPv6 packets is based on a pseudo
header that includes the packet's final Destination Address (DA).
If the IPv6 packet contains a Routing header, the final DA is the
last element of the Routing header [RFC8200].
Currently, tcpdump supports Routing header types 0 and 2.
IPv6 Segment Routing Header (SRH) is a new Routing header type (4).
SRH is defined in draft-ietf-6man-segment-routing-header [1].
This patch fix the checksum calculation for SRv6 packets. It allows
tcpdump to get the final DA value from SRv6 packets.
[1] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-17
The error was:
print-802_15_4.c:442:9: runtime error: implicit conversion from type
'int' of value 15840046 (32-bit, signed) to type 'uint16_t' (aka
'unsigned short') changed the value to 45870 (16-bit, unsigned)
Proposal of fix by Guy Harris:
"Those shifted values will be converted (in the C abstract machine) to
int, but they'll all be in the range 0 to 65535, as will be the XOR of
all 4 of them; converting that to a uint16_t isn't undefined behavior."
That means less duplication of functionality - and less chance that
XXX-over-IPv4 will be handled but XXX-over-IPv6 won't be handled, or
*vice versa*. (CARP and VRRP were being handled over IPv4 but not over
IPv6; this fixes that.)
The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
Add GET_{BE|HE|LE}_, GET_U_1, GET_S_1, GET_IPV4_TO_HOST_ORDER,
GET_IPV4_TO_NETWORK_ORDER macros and
get_{be|he|le}_, get_u_1, get_s_1, get_ipv4_to_host_order,
get_ipv4_to_network_order inline functions,
with setjmp/longjmp logic to do better and easier data fetch with
bounds checking.
Based on Guy Harris's idea and code.
Add a folded 'cat Makefile' (without the mkdep part for autotools).
Add a folded 'cat config.h'.
Add a folded 'cat config.log' (for autotools).
The 'sleep 10' command is a workaround for a display problem on osx.
The error was:
print-lmp.c:1132:13: runtime error: unsigned integer overflow: 249 - 516
cannot be represented in type 'unsigned int'
Update the output of a test accordingly.
