| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
The XID is a multi-byte field, and, if it's not aligned, it must be
copied with UNALIGNED_MEMCPY().
This should fix GitHub issue #395.
|
| |
|
|
|
|
|
|
|
| |
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.
Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
|
| |
|
|
|
|
|
|
|
|
|
| |
Change the UDP NFS printing format to match the current format of TCP
NFS printing (this complements commits f3051bc and 29d83db).
Update the man page to use the new format (this complements commit
2c86c75).
Restore printing of NFS packet length, which was broken in commit
68fe98a.
|
| | |
|
| |
|
|
|
| |
It was necessary in other cases where we copied IP addresses from the IP
header, so it's probably necessary here as well.
|
| |
|
|
|
|
| |
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
|
| |
|
|
|
|
|
|
| |
For each decoder that has more than one instance of truncation signaling
and prints the same string in each instance make sure that the string is
declared as "static const char tstr[]" right after the initial includes
block. Where necessary, replace fputs(s, stdout) with equivalent
printf("%s", s).
|
| |
|
|
| |
dst/src addresses
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFS file handle is an opaque server-issued sequence of bytes. Parse_fh()
function implements heuristics to decode file handles generated by some
NFS servers, among other information extracting the node (inode) number.
It decodes only 32-bit node numbers.
NFS implementations use ino_t C type to represent the node number. The
type size may vary across implementations/encodings and may be missing
during compile time.
Tcpdump used to have its own typedef for ino_t. Gisle Vanem points that
it caused a problem with MSVC v.16.00.40219.01 for 80x86, which defines
the same type in <sys/types.h>. This change fixes tcpdump code to use
u_int32_t and removes the typedef.
|
| |
|
|
|
|
| |
Make sure all of them are declared const and most of them -- static.
Proper declaration of token arrays is a common review point for new code
that is based on existing decoders. Thus fix the issue at its root.
|
| |
|
|
|
|
| |
'int32_t' isn't 'int' for all targets. Some Windows targets have
it defined as 'signed int' in <win32/Include/bittypes.h>. So print-nfs.c
does not compile cleanly; conflicting definition of xid_map_find().
|
| |
|
|
|
|
|
|
| |
When debugging NFS operations one may find it easier to get the actual access
flags decoded rather than having to look up the NFS access flags to find which
permissions were requested by the client.
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
items in the RPC header.
When dissecting NFS over TCP, fetch the fragment header length, use it
to limit the dissection of the request or reply (in case there's more
than one request or reply in the packet), and do the same
direction-plus-port checks that are done for NFS over UDP. Also
eliminate the bounds check for the RPC header in the TCP dissector code,
and do checks for the fields it looks at (other checks are done by the
NFS dissector).
|
| |
|
|
| |
it is (a reply status).
|
| |
|
|
| |
reply as a possible NFS reply if it got MSG_DENIED.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
with a maximum length, where a string shorter than that length is padded
with NULs), as "fn_print()" won't handle the maximum length *and* the
snapshot length and "fn_printn()" won't stop on a null string. Use it
where appropriate.
Always pass "snapend" to "fn_print()" and "fn_printn()" if they're
passed a pointer into the packet data; only pass NULL if they're being
handed a pointer into a buffer that's not part of the packet data.
Always check the return value of "fn_print()", "fn_printn()", and
"fn_printzp()" if they're passed "snapend", and do the appropriate
string termination and "packet truncated" indication if they return 1.
|
| | |
|
| |
|
|
| |
the data being written, just as we do for NFSv2 writes.
|
| |
|
|
|
|
|
|
| |
EXTRACT_64BITS() to directly extract and print 64-bit integers.
Add some more bounds checking.
Fix the dissection of the arguments to v3 WRITE.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
the wire; the definitions in many systems use u_long, which is 64 bits
long on many platforms - that's OK for in-memory structures, but it
doesn't match what's on the wire. Use headers based on the Sun ones,
but use u_int32_t for fields, and otherwise make the structures match
what's on the wire, and change some names to avoid collision with
<rpc/rpc.h>, which print-sunrpc.c includes to declare "getrpcbynumber()"
and the structure it returns.
Record whether "getrpcbynumber()" is found, and use it only if it's
found, rather than basing the decisison on whether we're building for
Win32 or not.
|
| |
|
|
|
| |
we get the fast implementations if we are on a processor that doesn't
require alignment.
|
| |
|
|
|
|
|
| |
recent configure script changes.
On UN*X, include <inttypes.h> in "tcpdump-stdinc.h" if it defines the
PRI[duxo]64 macros.
|
| |
|
|
|
|
|
|
|
|
| |
appropriately, and that GNUmakefile and the MSVC++ project file define
it apppriately, as we do with libpcap, rather than defining it in
"interface.h".
Undo the rcsid-shuffling and addition of extra #includes, as we no
longer need to arrange that "interface.h" be included before using _U_
in an RCS ID or copyright.
|
| |
|
|
|
|
|
|
|
|
|
| |
use "_U_" in the definitions of "rcsid[]", to eliminate
complaints about those variables being unused;
move the definitions after the include of "interface.h", or add
an include of "interface.h", so that "_U_" is defined.
Include "config.h" before including "tcpdump-stdinc.h" in
"missing/datalinks.c".
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
compile with Sun C, as "interface.h" isn't being included before the
structures are being declared.
Furthermore, in the files that Sun C *can* compile, it doesn't cause Sun
C to generate code that's safe with unaligned accesses, as
"__attribute__" is defined as a do-nothing macro with compilers that
don't support it.
Therefore, we get rid of that tag on the structures to which it was
added, and instead use "EXTRACT_16BIT()" and "EXTRACT_32BIT()" to fetch
16-bit and 32-bit big-endian quantities from packets. We also fix some
other references to multi-byte quantities to get rid of code that tries
to do unaligned loads on platforms that don't support them.
We also throw in a hack that makes those macros use
"__attribute__((packed))" on structures containing only one 16-bit or
32-bit integer to get the compiler to generate unaligned-safe code
rather than doing it by hand. (GCC on SPARC produces the same code that
doing it by hand does; I don't know if GCC on any other big-endian
strict-alignment processor generates better code for that case. On
little-endian processors, as "ntohs()" and "ntohl()" might be functions,
that might actually produce worse code.)
Fix some places to use "%u" rather than "%d" to print unsigned
quantities.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From Neil T. Spring: fixes for many of those warnings:
addrtoname.c, configure.in: Linux needs netinet/ether.h for
ether_ntohost
print-*.c: change char *foo = "bar" to const char *foo = "bar"
to appease -Wwrite-strings; should affect no run-time behavior.
print-*.c: make some variables unsigned.
print-bgp.c: plen ('prefix len') is unsigned, no reason to
validate by comparing to zero.
print-cnfp.c, print-rx.c: use intoa, provided by addrtoname,
instead of inet_ntoa.
print-domain.c: unsigned int l; (l=foo()) < 0 is guaranteed to
be false, so check for (u_int)-1, which represents failure,
explicitly.
print-isakmp.c: complete initialization of attrmap objects.
print-lwres.c: "if(x); print foo;" seemed much more likely to be
intended to be "if(x) { print foo; }".
print-smb.c: complete initialization of some structures.
In addition, add some fixes for the signed vs. unsigned comparison
warnings:
extract.h: cast the result of the byte-extraction-and-combining,
as, at least for the 16-bit version, C's integral promotions
will turn "u_int16_t" into "int" if there are other "int"s
nearby.
print-*.c: make some more variables unsigned, or add casts to an
unsigned type of signed values known not to be negative, or add
casts to "int" of unsigned values known to fit in an "int", and
make other changes needed to handle the aforementioned variables
now being unsigned.
print-isakmp.c: clean up the handling of error/status indicators
in notify messages.
print-ppp.c: get rid of a check that an unsigned quantity is >=
0.
print-radius.c: clean up some of the bounds checking.
print-smb.c: extract the word count into a "u_int" to avoid the
aforementioned problems with C's integral promotions.
print-snmp.c: change a check that an unsigned variable is >= 0
to a check that it's != 0.
Also, fix some formats to use "%u" rather than "%d" for unsigned
quantities.
|
| |
|
|
|
|
|
|
| |
parsefattr misuses nfsv2 version members for v3.
print_int64 prints at least 9 digits unnecessarily.
-u flag doesn't always suppress decoding handles.
from Takashi Yamamoto <yamt@mwd.biglobe.ne.jp>.
|
| | |
|
| | |
|
| |
|
|
|
| |
rtentry", and unneded includes of <sys/uio.h>, <sys/file.h>, and
<sys/ioctl.h>.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the request header and the file handle.
"parsestatus()" should only return NULL if the packet was truncated, so
that its callers can distinguish "packet truncated" from "NFS reply
status reports an error".
NFS-request-or-reply parsing routines that call "parsestatus()" should
not return 0 if "parsestatus()" returns a non-zero NFS reply status, so
that non-truncated packets with a non-zero NFS reply status aren't
printed as truncated NFS packets.
Fix some "TCHECK2()" calls to pass an object, not a pointer to an
object, as the first argument (the TCHECK/TTEST macros take objects, not
addresses, as the test argument).
NFS-request-or-reply parsing routines should return 0 for truncated
packets and 1 for non-truncated packets, not *vice versa*.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Submitted by: nathanw@MIT.EDU (Nathan J. Williams)
|
| |
|
|
|
|
|
|
| |
ip6.h is almost normal RFC2292 header.
icmp6.h has couple of extensions (not covered by RFC2292),
like MLD, ICMPv6 nodeinfo, and router renumber.
XXX how to synchronize with future kame changes?
|
| |
|
|
|
|
| |
come with exact size. while at it, correct signedness of ip/udp header field.
nuke most of the use of bitfield.
TODO: bitfield in namser.h
|
| |
|
|
| |
"n_long", and "n_time", defined in that file, with other types.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
have dissectors include them rather than <netinet/ip.h> or
<netinet/ip_var.h>, if they actually need that stuff.
Put the declarations of the ICMP stuff directly into "print-icmp.c".
Remove all unnecessary includes of <netinet/ip*.h> files.
Copy the byte-order stuff from "nameser.h" into "tcp.h".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"linux-includes/netinet/if_ether.h" to "ethertype.h".
Move other stuff used by dissectors from <netinet/if_ether.h> to
"ether.h", along the lines of "fddi.h" and "token.h".
Move ARP declarations from BSD include files to "print-arp.c".
Remove from dissectors includes of <netinet/if_ether.h>, and add
includes of "ethertype.h" and/or "ether.h" as necessary.
Get rid of configuration options that test declarations now made in
"ether.h" or "print-arp.c", as those declarations are now under our
control, not the OS's control.
|
| |
|
|
|
|
|
|
|
| |
rather than using "pcap_strerror()", as
1) not all NFS error statuses are UNIX errno values;
2) even those that are UNIX errno values aren't necessarily
errno values for the system on which you're running tcpdump.
|
