Commit Graph

40 Commits

Author SHA1 Message Date
Guy Harris
4ef024c8e9 CVE-2016-7992/When comparing against an LLC+SNAP header, check only the bytes we have.
Fixes a heap overflow found with American Fuzzy Lop by Hanno Böck.

Fix a length value to be unsigned while we're at it.
2017-01-18 09:16:35 +01:00
Francois-Xavier Le Bail
11d3a01319 Move the printer summaries from INSTALL.txt to each printer
with the tag '\summary:' for greping.
Remark: Currently some printers have no summary line.

Moreover:
Summarize all printers with a single line in INSTALL.txt
2016-08-14 17:03:43 +02:00
Francois-Xavier Le Bail
99c91c3aec Rename 'tcpdump-stdinc.h' to 'netdissect-stdinc.h'
Get the full log via: git log --follow netdissect-stdinc.h
2015-09-10 08:50:40 +02:00
Francois-Xavier Le Bail
c1c3c77463 Printers must include 'netdissect.h', not 'interface.h' 2015-09-05 23:35:58 +02:00
Guy Harris
bd00116d80 Skip the LLC and SNAP headers with -x.
Have llc_print() return the length of the LLC header, plus the length of
the SNAP header, if available - or, if it couldn't dissect the payload,
return the *negative* of that sum.  Use that return value in link-layer
printers.
2015-04-17 23:42:22 -07:00
Guy Harris
59864b113d Clean up printing of LLC packets.
Don't print LLC header information for SNAP packets; if we have a SNAP
header, just call snap_print() and return its return value, regardless
of whether it's 1 or 0, don't fall into the code to print raw LLC header
information - and don't print it with -e, either.

If llc_print() returns 0, just call the default packet printer, don't
print the MAC-layer header or the extracted ethertype - llc_print() will
print the source and destination MAC addresses and whatever type
information is in the LLC or SNAP headers.

If we don't know the DSAP/LSAP, and it's an information frame (numbered
or not) and not an XID frame, return 0, so that we give a hex dump of
the raw payload.

In addition, print the length when printing SNAP header information with
-e.
2015-04-17 18:38:46 -07:00
Denis Ovsienko
38700c7f24 dismiss NETDISSECT_REWORKED macro
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
2015-03-22 10:06:15 +00:00
Denis Ovsienko
979fc38d03 make use of ND_DEFAULTPRINT() 2014-03-26 18:52:40 +04:00
Denis Ovsienko
d1cffd99e6 NDOize LLC decoder 2014-03-15 15:32:15 +04:00
Denis Ovsienko
1fe6e66ece make use of NETDISSECT_REWORKED
Update the already converted decoders to define the macro and to include
interface.h instead of netdissect.h. Fix incurred compile errors.
2014-03-15 14:19:49 +04:00
Denis Ovsienko
207f31f2bd NDOize CIP, IPComp and IPFC decoders
Also remove some unneeded includes while at it.
2014-02-28 18:42:47 +04:00
Denis Ovsienko
88e479b75e don't include pcap.h needlessly
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
2014-02-28 18:11:09 +04:00
Denis Ovsienko
fe3253b9b8 remove tcpdump's own CVS keywords
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
2014-01-03 00:59:08 +04:00
Denis Ovsienko
d8b3af528a make more array declarations static/const 2013-12-19 14:25:01 +04:00
guy
d953299b94 Add a flag to suppress the "default_print()" call made in various
link-layer print routines if no other print routine claimed the packet.
Test whether that flag is set rather than testing whether neither of -x
or -q were specified, and have -x, -q, *and* -X set that flag, so that
-X suppresses it just as -x does.  That way you don't get those pckets
dumped twice if -X was specified.
2005-07-07 01:22:15 +00:00
mcr
4189fb7df6 refactored ip_print() so that chained header parser (ESP/AH) can
more easily call the inner parts.
2005-04-06 21:32:38 +00:00
guy
fb1b6d808f Fix up a bunch of comments - the on-the-wire length field in a
pcap_pkthdr is "len", not "length".
2004-03-17 23:24:35 +00:00
guy
bbc1cfa669 Have the configure script arrange that the Makefile define _U_
appropriately, and that GNUmakefile and the MSVC++ project file define
it apppriately, as we do with libpcap, rather than defining it in
"interface.h".

Undo the rcsid-shuffling and addition of extra #includes, as we no
longer need to arrange that "interface.h" be included before using _U_
in an RCS ID or copyright.
2003-11-16 09:36:07 +00:00
guy
3824a6c041 From Neil Spring:
use "_U_" in the definitions of "rcsid[]", to eliminate
	complaints about those variables being unused;

	move the definitions after the include of "interface.h", or add
	an include of "interface.h", so that "_U_" is defined.

Include "config.h" before including "tcpdump-stdinc.h" in
"missing/datalinks.c".
2003-11-15 00:39:12 +00:00
guy
4bec97f457 Hoist a bunch of stuff that should be done by all if_print routines into
tcpdump.c.  Have if_print routines return the length of the link-layer
header, so that the common code knows how to skip the link-layer header
when printing the packet in hex/ASCII.
2002-12-19 09:39:10 +00:00
guy
e070cf232f We no longer use "packetp" for anything, so eliminate it. (If any
dissector really needs source and destination MAC addresses, we should
make global pointers to them - which would be null for packets lacking
MAC addresses, so dissectors that need them will need to do something
sensible if those pointers are null.)

Don't fake up an Ethernet header if there aren't any MAC addresses to
use when faking it up.

"bp_chaddr" in "print-bootp.c" is an array, so "bp->bp_chaddr" cannot be
null, and there's no need to test for it not being null.
2002-12-18 08:53:18 +00:00
guy
c422d3ab0f Get rid of the "-Wno-unused" flag, and fix up most of the
unused-parameter problems reported by GCC.  Add an _U_ tag to label
parameters as unused if the function is called through a pointer (so
that you can't change its signature by removing parameters) or if there
are unused parameters only because the function isn't complete.

Add some additional bounds checks the necessity for which was revealed
while cleaning up unused-parameter problems.

Make some routines static.

"lcp_print()", defined in "print-lcp.c", isn't called anywhere -
"print-ppp.c" has the code to dissect LCP.  Get rid of "print-lcp.c".
2002-09-05 21:25:34 +00:00
risso
3d932490b8 Added support for Win32, based on WinPcap. 2002-08-01 08:52:55 +00:00
itojun
111ff8a61d whitespace cleanup 2002-06-11 17:08:37 +00:00
guy
c23f7b7dcf There's no link-layer header on Linux ARPHRD_ATM packets; there's
apparently (as per the previous version of this code) either an 802.2
LLC header (as per RFC 1483 and RFC 2225), or there's no header at all,
and just an IP packet.

As such, no link-layer header should be printed.

In addition, for packets with an LLC header, we should call the LLC
printer, rather than assuming that it's SNAP-encapsulated (RFC 1483
says they're not always SNAP-encapsulated) and printing the header
ourselves.  For packets without an LLC header, we should just call the
IP print routine.

This means that the LLC print routine may be called with null source and
destination MAC addresses; make it handle them.
2001-09-23 21:52:38 +00:00
fenner
c672f00276 Eliminate some unused parameters.
Use const more.
Use EXTRACT_* macros more.
Use TCHECK* more.
Use tok2str() to replace some home-grown workalikes.
smb:
 - Get rid of private types, use tcpdump-defined types
 - Rename fdata and fdata1 to smb_fdata and smb_fdata1 to avoid conflict
   with IRIX library function.
2001-09-17 21:57:50 +00:00
guy
176a3e4986 Put the infodelay wrapping into the remaining "XXX_if_print()" routines.
Split the Cisco HDLC printer into "chdlc_if_print()", which does the
stuff expected of a low-level print routine (printing the time stamp,
printing the final newline, doing the infodelay stuff) and
"chdlc_print()", which doesn't do that stuff.  This lets us clean up
"ppp_hdlc_if_print()" a bit - it can just print the time stamp at the
beginning, and do the infodelay stuff at the end, without having to
treat Cisco HDLC specially by skipping the time stamp printing.  (This
also ensures that the time stamp is always printed, which wasn't the
case before.)

Print the missing final newline in "pppoe_if_print()".
2001-07-05 18:54:13 +00:00
guy
6e07bc747c Get rid of definitions of "packetp" and "snapend" outside
"print-ether.c" - the one in "print-ether.c" is sufficient.
2001-06-08 04:48:23 +00:00
guy
2a579c6b18 Patches from Michael Madore <mmadore@turbolinux.com> to include
<string.h> in "print-cip.c" and "print-radius.c" to properly declare
"memcmp()" and "strcpy()".
2001-03-19 03:58:10 +00:00
guy
737c58073a Put the LINUX_SLL_P_ definitions back, and check for at least some of
them in "print-sll.c" - as a cooked-mode capture may be reading from
non-Ethernet, non-802.x devices, it may well see some
ETH_P_/LINUX_SLL_P_ types that don't mean "this is an 802.2 LLC frame".

We currently assume that the ETH_P_ values won't change in the kernel,
so we don't have to explicitly map them.

In various link-layer packet printers, if we don't handle the next layer
up of packet type, and are printing the link-layer header, use the
correct pointer to that header (i.e., if we've stepped "p" past the
link-layer header, don't use "p", use a pointer to the beginning of the
packet), and use the correct length (i.e., if we've subtracted the
length of the link-layer header, add it back in, so that we always print
the full packet length).
2000-12-22 22:45:09 +00:00
guy
7c4458eb6a Making "extracted_ethertype" static to "print-ether.c" broke other
dissectors that expected calls to "llc_print()" to set it.  (Thanks and
a tip of the hat to Olaf Kirch <okir@caldera.de> for noticing this.)

Make "ether_encap_print()" and "llc_print()" take a pointer to an
extracted-Ethertype variable as an argument, have "llc_print()" pass it
to "ether_encap_print()", and have "ether_encap_print()" set what it
points to rather than setting a static "extracted_ethertype" variable.

Get rid of said static "extracted_ethertype" variable in favor of one
local to "ether_if_print()", just as other link-layer dissectors have
local "extracted_ethertype" variables.
2000-12-18 05:41:58 +00:00
guy
cf53dc05f1 Get rid of includes of <netinet/in_systm.h>, and replace "n_short",
"n_long", and "n_time", defined in that file, with other types.
2000-09-29 04:58:33 +00:00
guy
8b67f77134 Get rid of unneeded includes of <net/if.h>. 2000-09-28 06:42:55 +00:00
guy
536f512583 Add an "ip.h" header, to declare the IP stuff needed by dissectors, and
have dissectors include them rather than <netinet/ip.h> or
<netinet/ip_var.h>, if they actually need that stuff.

Put the declarations of the ICMP stuff directly into "print-icmp.c".

Remove all unnecessary includes of <netinet/ip*.h> files.

Copy the byte-order stuff from "nameser.h" into "tcp.h".
2000-09-23 08:54:24 +00:00
guy
7b50febe28 Add "tcp.h" and "udp.h" headers, to declare the TCP and UDP stuff needed
by dissectors, and have dissectors include them rather than
<netinet/udp.h>, <netinet/udp_var.h>, or <netinet/tcp.h>, if they
actually need that stuff.

Remove all unnecessary includes of <netinet/udp*.h> or <netinet/tcp*.h>
files.
2000-09-23 08:26:30 +00:00
guy
e894092542 Add definitions of Ethernet types from
"linux-includes/netinet/if_ether.h" to "ethertype.h".

Move other stuff used by dissectors from <netinet/if_ether.h> to
"ether.h", along the lines of "fddi.h" and "token.h".

Move ARP declarations from BSD include files to "print-arp.c".

Remove from dissectors includes of <netinet/if_ether.h>, and add
includes of "ethertype.h" and/or "ether.h" as necessary.

Get rid of configuration options that test declarations now made in
"ether.h" or "print-arp.c", as those declarations are now under our
control, not the OS's control.
2000-09-23 08:03:27 +00:00
itojun
c8592c4742 -Wall -Werror clean. fix uninitialized variables. 2000-04-28 11:34:12 +00:00
assar
069d6e270a remove <netinet/tcpip.h>. including this header causes errors with
Kame V6 stack and nothing from it was used anyway.
2000-01-09 09:59:15 +00:00
fenner
b9ac23ce92 Switch to config.h instead of passing defines in DEFS. 1999-11-21 09:36:43 +00:00
assar
77b2a44055 print of ATM LanEmulation. From Marko Kiiskila <carnil@cs.tut.fi> by way of <kuznet@ms2.inr.ac.ru> 1999-11-21 03:52:11 +00:00