| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
"sa_length" instead, so as not to have compilation fail on those
platforms. Do the same with "osa_len" while we're at it.
|
| |
|
|
| |
one version of HP's C compiler complains otherwise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ndo_error, and ndo_warning function pointers in a netdissect_options
structure.
Fix some errors adding that caught.
Have the RRCP dissector extract fields itself, with the EXTRACT_ macros
and a u_char pointer, rather than printing numbers from a structure
which doesn't put structure members on natural boundaries
(__attribute__((packed)) doesn't help, as not all compilers support it)
- note also that not all processors support dereferencing unaligned
pointers, e.g. SPARC - and assuming some fields are in the "right" byte
order. Also have it check whether data is available in the packet
before referring to it.
|
| |
|
|
|
| |
at least with the GCC definition of _U_, you can put it before a
variable.)
|
| |
|
|
| |
Fix a typo.
|
| | |
|
| |
|
|
|
|
|
| |
when optimization is not on, glibc6 doesn't define ntohs(), and our attempt
to optimize it for x86 doesn't work --- the functions need to be static, not
extern.
added decryption of IKE v2 payloads, when keys are provided by -E.
|
| |
|
|
| |
emit length from transform payload.
|
| | |
|
| | |
|
| |
|
|
|
| |
Only payloads commonly seen in PARENT_SAs are presently decoded.
Encrypted payload support will come later, aka print-esp.c
|
| | |
|
| | |
|
| |
|
|
| |
printer.
|
| | |
|
| |
|
|
|
| |
use npfunc[np[ (and if it's not known to be null, we can't safely use
NPFUNC(np)), so do so.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
the captured data in the packet.
Have "rawprint()" return a success-or-failure indication and have its
callers (if they don't know that it can't fail) print a truncation
indication if it fails.
|
| |
|
|
|
|
|
|
|
|
|
| |
various payload types. Use that in those routines rather than getting
the length ourselves (which fixes a case where we were getting it
incorrectly, forgetting to "ntohs()" it).
In "isakmp_id_print()", if the item length is less than the size of the
fixed-length portion of the payload, don't subtract the latter from the
former and use it as the length of the variable-length portion, just set
the length in question to 0.
|
| |
|
|
| |
squelch a compiler warning.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The first critical piece of code is found in print-isakmp.c:332. The
function rawprint() does not check its arguments thus it's easy for
an attacker to pass a big 'len' or a bogus 'loc' leading to a
segmentation fault in the for loop.
The second bug is located in print-radius.c:471. The for loop of
print_attr_string() is written in an unsafe manner. 'length'
and 'data' should be checked.
|
| |
|
|
| |
the flags and the payload if we're printing the payload.
|
| | |
|
| |
|
|
| |
to process the payload type.
|
| |
|
|
|
|
|
|
|
|
| |
appropriately, and that GNUmakefile and the MSVC++ project file define
it apppriately, as we do with libpcap, rather than defining it in
"interface.h".
Undo the rcsid-shuffling and addition of extra #includes, as we no
longer need to arrange that "interface.h" be included before using _U_
in an RCS ID or copyright.
|
| |
|
|
|
|
|
|
|
|
|
| |
use "_U_" in the definitions of "rcsid[]", to eliminate
complaints about those variables being unused;
move the definitions after the include of "interface.h", or add
an include of "interface.h", so that "_U_" is defined.
Include "config.h" before including "tcpdump-stdinc.h" in
"missing/datalinks.c".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
compile with Sun C, as "interface.h" isn't being included before the
structures are being declared.
Furthermore, in the files that Sun C *can* compile, it doesn't cause Sun
C to generate code that's safe with unaligned accesses, as
"__attribute__" is defined as a do-nothing macro with compilers that
don't support it.
Therefore, we get rid of that tag on the structures to which it was
added, and instead use "EXTRACT_16BIT()" and "EXTRACT_32BIT()" to fetch
16-bit and 32-bit big-endian quantities from packets. We also fix some
other references to multi-byte quantities to get rid of code that tries
to do unaligned loads on platforms that don't support them.
We also throw in a hack that makes those macros use
"__attribute__((packed))" on structures containing only one 16-bit or
32-bit integer to get the compiler to generate unaligned-safe code
rather than doing it by hand. (GCC on SPARC produces the same code that
doing it by hand does; I don't know if GCC on any other big-endian
strict-alignment processor generates better code for that case. On
little-endian processors, as "ntohs()" and "ntohl()" might be functions,
that might actually produce worse code.)
Fix some places to use "%u" rather than "%d" to print unsigned
quantities.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
unused-parameter problems reported by GCC. Add an _U_ tag to label
parameters as unused if the function is called through a pointer (so
that you can't change its signature by removing parameters) or if there
are unused parameters only because the function isn't complete.
Add some additional bounds checks the necessity for which was revealed
while cleaning up unused-parameter problems.
Make some routines static.
"lcp_print()", defined in "print-lcp.c", isn't called anywhere -
"print-ppp.c" has the code to dissect LCP. Get rid of "print-lcp.c".
|
| |
|
|
|
|
|
|
|
|
|
| |
Check for zero-length items in "isakmp_sub0_print()", and return NULL if
one is seen. Have "isakmp_sub_print()" check for that and break out of
the loop and return NULL if "isakmp_sub0_print()" returns NULL, so we
don't loop forever printing the same item. Have callers of
"isakmp_sub_print()" check for NULL and return NULL as well.
Have "isakmp_sub_print()" take the depth as an argument, rather than
have it as a static variable, for cleanliness.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From Neil T. Spring: fixes for many of those warnings:
addrtoname.c, configure.in: Linux needs netinet/ether.h for
ether_ntohost
print-*.c: change char *foo = "bar" to const char *foo = "bar"
to appease -Wwrite-strings; should affect no run-time behavior.
print-*.c: make some variables unsigned.
print-bgp.c: plen ('prefix len') is unsigned, no reason to
validate by comparing to zero.
print-cnfp.c, print-rx.c: use intoa, provided by addrtoname,
instead of inet_ntoa.
print-domain.c: unsigned int l; (l=foo()) < 0 is guaranteed to
be false, so check for (u_int)-1, which represents failure,
explicitly.
print-isakmp.c: complete initialization of attrmap objects.
print-lwres.c: "if(x); print foo;" seemed much more likely to be
intended to be "if(x) { print foo; }".
print-smb.c: complete initialization of some structures.
In addition, add some fixes for the signed vs. unsigned comparison
warnings:
extract.h: cast the result of the byte-extraction-and-combining,
as, at least for the 16-bit version, C's integral promotions
will turn "u_int16_t" into "int" if there are other "int"s
nearby.
print-*.c: make some more variables unsigned, or add casts to an
unsigned type of signed values known not to be negative, or add
casts to "int" of unsigned values known to fit in an "int", and
make other changes needed to handle the aforementioned variables
now being unsigned.
print-isakmp.c: clean up the handling of error/status indicators
in notify messages.
print-ppp.c: get rid of a check that an unsigned quantity is >=
0.
print-radius.c: clean up some of the bounds checking.
print-smb.c: extract the word count into a "u_int" to avoid the
aforementioned problems with C's integral promotions.
print-snmp.c: change a check that an unsigned variable is >= 0
to a check that it's != 0.
Also, fix some formats to use "%u" rather than "%d" for unsigned
quantities.
|
| | |
|
| | |
|
| |
|
|
|
| |
rtentry", and unneded includes of <sys/uio.h>, <sys/file.h>, and
<sys/ioctl.h>.
|
| | |
|
| |
|
|
| |
that we have a packet of type %s that we can't print.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
ip6.h is almost normal RFC2292 header.
icmp6.h has couple of extensions (not covered by RFC2292),
like MLD, ICMPv6 nodeinfo, and router renumber.
XXX how to synchronize with future kame changes?
|
| | |
|
| |
|
|
|
| |
XXX memcpy() can be optimized in wacky way. not sure if the use of
safememcpy() is enough...
|
| |
|
|
|
|
| |
come with exact size. while at it, correct signedness of ip/udp header field.
nuke most of the use of bitfield.
TODO: bitfield in namser.h
|
| |
|
|
| |
"n_long", and "n_time", defined in that file, with other types.
|
| | |
|
| |
|
|
|
|
|
|
| |
throughout it; get rid of the use of the "__P()" macro, as, at least on
some platforms with some compilers, that macro doesn't expand to its
argument, causing the functions not to be declared with function
prototypes, which then causes the compiler to warn about the prototype
declaration and the function definition disagreeing.
|
| |
|
|
|
|
|
|
|
|
|
| |
have dissectors include them rather than <netinet/ip.h> or
<netinet/ip_var.h>, if they actually need that stuff.
Put the declarations of the ICMP stuff directly into "print-icmp.c".
Remove all unnecessary includes of <netinet/ip*.h> files.
Copy the byte-order stuff from "nameser.h" into "tcp.h".
|
| |
|
|
|
|
|
|
|
| |
by dissectors, and have dissectors include them rather than
<netinet/udp.h>, <netinet/udp_var.h>, or <netinet/tcp.h>, if they
actually need that stuff.
Remove all unnecessary includes of <netinet/udp*.h> or <netinet/tcp*.h>
files.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"linux-includes/netinet/if_ether.h" to "ethertype.h".
Move other stuff used by dissectors from <netinet/if_ether.h> to
"ether.h", along the lines of "fddi.h" and "token.h".
Move ARP declarations from BSD include files to "print-arp.c".
Remove from dissectors includes of <netinet/if_ether.h>, and add
includes of "ethertype.h" and/or "ether.h" as necessary.
Get rid of configuration options that test declarations now made in
"ether.h" or "print-arp.c", as those declarations are now under our
control, not the OS's control.
|
| | |
|
