| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
As discussed on tcpdump-workers, it was a place for a potential clash
with non-macros.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace more calls to ipaddr_string()/ip6addr_string() with calls to
GET_IPADDR_STRING()/GET_IP6ADDR_STRING() macros performing bounds
checking.
Add similar bounds-checking inline functions and macros to wrap
linkaddr_string(), etheraddr_string(), and isonsap_string() and convert
calls to them to use the macros as well.
Shuffle the inline functions in addrtoname.h around a bit, so that the
inline functions, external declarations, and macros are all in the same
order.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add a ND_BYTES_AVAILABLE_AFTER() macro to find the number of bytes
available in the captured data, starting at the byte pointed to by the
argument. It returns a u_int rather than a ptrdiff_t, so it'll be
32 bits on LP64 and LLP64 platforms as well as on ILP32 platforms. Use
that macro.
Make size-of-buffer arguments size_t.
Cast some size_t and ptrdiff_t values to u_int or int.
|
| |
|
|
|
|
|
| |
The exceptions are currently:
Some EXTRACT_ in print-juniper.c, not used on packet buffer pointer.
An EXTRACT_BE_U_3 in addrtoname.c, not always used on packet buffer
pointer.
|
| | |
|
| |
|
|
|
|
|
| |
Update the output of some tests accordingly.
Moreover:
Add a ndo_protocol field assignment.
|
| |
|
|
|
|
|
| |
The functions are: nd_print, nd_printztn, nd_printn and nd_printzp.
Trying to make it clearer that they currently have to be used only on part
of the packet buffer.
Update some comments.
|
| | |
|
| |
|
|
|
| |
Update this field in printer entry functions.
It will be used for some printings.
|
| |
|
|
|
|
| |
That also means we do one less decrement, so it's not as if testing
exp-- rather than testing exp and separately decrementing it is an
optimization.
|
| |
|
|
| |
Also, use it, and nd_ipv4, in sizeof() operations.
|
| |
|
|
|
|
|
|
| |
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
ND_TTEST2(var, l) -> ND_TTEST_LEN(p, l)
ND_TCHECK2(var, l) -> ND_TCHECK_LEN(p, l)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now all the macros have a name meaning a count in bytes.
With _S_: signed, _U_: unsigned
e.g.:
EXTRACT_BE_32BITS -> EXTRACT_BE_U_4
EXTRACT_LE_32BITS -> EXTRACT_LE_U_4
...
EXTRACT_BE_INT32 -> EXTRACT_BE_S_4
and have:
EXTRACT_8BITS -> EXTRACT_U_1
EXTRACT_INT8 -> EXTRACT_S_1
|
| |
|
|
|
| |
It indicates clearly that these macros are used to extract big-endian
integral values.
|
| |
|
|
|
|
|
|
|
|
|
| |
While we're at it, clean up some other bounds checks, so we check that
we have a complete IPv4 message header if it's IPv4 and a complete IPv6
message header if it's IPv6.
This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.
Add tests using the capture files supplied by the reporter(s).
|
| | |
|
| |
|
|
|
|
|
| |
Moreover:
Remove some redundant comments
Update some summary comments
Update the specification URL for ATA over Ethernet (AoE) protocol
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Have our own routines to convert between IPv4/IPv6 addresses and
strings; that helps if, for example, we want to build binary versions of
tcpdump for Windows that can run both on NT 5 (W2K/WXP), which doesn't
have inet_ntop() or inet_pton(), and NT 6 (Vista/7/8/10), which do. It
also means that we don't require IPv6 library support on UN*X to print
addresses (if somebody wants to build tcpdump for older UN*Xes lacking
IPv6 support in the system library or in add-on libraries).
Get rid of files in the missing directory that we don't need, and
various no-longer-necessary autoconf tests.
|
| |
|
|
| |
Get the full log via: git log --follow netdissect-stdinc.h
|
| | |
|
| |
|
|
|
| |
The complete warnings were:
ISO C90 does not support the '%lf' gnu_printf format [-Wformat=]
|
| |
|
|
|
| |
Avoid too long lines.
Not all C compilers accept C++/C99 comments by default.
|
| |
|
|
| |
Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
|
| |
|
|
| |
Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
|
| | |
|
| |
|
|
|
|
|
| |
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
|
| |
|
|
|
|
|
| |
The bounds check is already done before by ND_TCHECK2(*msg_data, addr_size +
name_entry_len + name_entry_padding).
So we are deliberately ignoring the return values of fn_printn with last
argument NULL (no bounds check).
|
| |
|
|
|
|
|
| |
Don't run past the end of the captured data, and don't run past the end
of the packet (i.e., don't make the length variable go negative).
Also, stop dissecting if the message length isn't valid.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
|
| | |
|
| |
|
|
|
|
|
|
| |
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.
Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Make sure all of them are declared const and most of them -- static.
Proper declaration of token arrays is a common review point for new code
that is based on existing decoders. Thus fix the issue at its root.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
interface address, not just the *first* interface address.
For the name service message:
add length checking, both against truncated packets and bogus
lengths;
use fn_printn to print the name, to protect against control
characters, etc. in the name.
|
| |
|
|
|
| |
(irrelevant, but true for the way C works) signed vs. unsigned
comparison warning. It also probably produces better machine code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately OLSR uses the same IDs for IPv4 and IPv6 packets, even
though the size of "messages" differ. The version of the internet protocol
is therefore handed to the "olsr_print" function.
The code isn't very nice, due to a high density of #ifdef INET6'es. If
IPv6-support really should be optional, I'm afraid this is inevitable.
Both, compilation with and without IPv6 support has been tested.
The patch addresses fixes other issues, too. The length given in the packet
was used for pointer arithmetic without checking if the value was in a
reasonable range first in several places. It should now be possible to
decode more than one "namespace message" within a single packet. Other
changes remove trailing whitespace or fix lines indented with tabs (the
majority of the file is indented using spaces).
Signed-off-by: Florian Forster <octo@leeloo.lan.home.verplant.org>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Especially not to do pointer arithmetic.
This is a real problem even without malicious people around if you use
OLSR via IPv6, because the message IDs didn't change but addresses are
now longer than four bytes.
Signed-off-by: Florian Forster <octo@leeloo.lan.home.verplant.org>
|
| | |
|
