#include <grp.h>
#endif /* _WIN32 */
+/*
+ * Pathname separator.
+ * Use this in pathnames, but do *not* use it in URLs.
+ */
+#ifdef _WIN32
+#define PATH_SEPARATOR '\\'
+#else
+#define PATH_SEPARATOR '/'
+#endif
+
/* capabilities convenience library */
/* If a code depends on HAVE_LIBCAP_NG, it depends also on HAVE_CAP_NG_H.
* If HAVE_CAP_NG_H is not defined, undefine HAVE_LIBCAP_NG.
#include <sys/sysctl.h>
#endif /* __FreeBSD__ */
+#include "netdissect-stdinc.h"
#include "netdissect.h"
#include "interface.h"
#include "addrtoname.h"
#endif
/* Forwards */
-static NORETURN void error(FORMAT_STRING(const char *), ...) PRINTFLIKE(1, 2);
-static void warning(FORMAT_STRING(const char *), ...) PRINTFLIKE(1, 2);
-static NORETURN void exit_tcpdump(int);
static void (*setsignal (int sig, void (*func)(int)))(int);
static void cleanup(int);
static void child_cleanup(int);
-static void print_version(void);
-static void print_usage(void);
-#ifdef HAVE_PCAP_SET_TSTAMP_TYPE
-static NORETURN void show_tstamp_types_and_exit(pcap_t *, const char *device);
-#endif
-static NORETURN void show_dlts_and_exit(pcap_t *, const char *device);
-#ifdef HAVE_PCAP_FINDALLDEVS
-static NORETURN void show_devices_and_exit(void);
-#endif
-#ifdef HAVE_PCAP_FINDALLDEVS_EX
-static NORETURN void show_remote_devices_and_exit(void);
-#endif
+static void print_version(FILE *);
+static void print_usage(FILE *);
static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
static void dump_packet_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *);
static void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
-static void droproot(const char *, const char *);
#ifdef SIGNAL_REQ_INFO
static void requestinfo(int);
void pcap_set_optimizer_debug(int);
#endif
+static void NORETURN
+exit_tcpdump(const int status)
+{
+ nd_cleanup();
+ exit(status);
+}
+
/* VARARGS */
-static void
-error(const char *fmt, ...)
+static void NORETURN PRINTFLIKE(1, 2)
+error(FORMAT_STRING(const char *fmt), ...)
{
va_list ap;
}
/* VARARGS */
-static void
-warning(const char *fmt, ...)
+static void PRINTFLIKE(1, 2)
+warning(FORMAT_STRING(const char *fmt), ...)
{
va_list ap;
}
}
-static void
-exit_tcpdump(int status)
-{
- nd_cleanup();
- exit(status);
-}
-
#ifdef HAVE_PCAP_SET_TSTAMP_TYPE
-static void
+static void NORETURN
show_tstamp_types_and_exit(pcap_t *pc, const char *device)
{
int n_tstamp_types;
device);
exit_tcpdump(S_SUCCESS);
}
- fprintf(stderr, "Time stamp types for %s (use option -j to set):\n",
+ fprintf(stdout, "Time stamp types for %s (use option -j to set):\n",
device);
for (i = 0; i < n_tstamp_types; i++) {
tstamp_type_name = pcap_tstamp_type_val_to_name(tstamp_types[i]);
if (tstamp_type_name != NULL) {
- (void) fprintf(stderr, " %s (%s)\n", tstamp_type_name,
+ (void) fprintf(stdout, " %s (%s)\n", tstamp_type_name,
pcap_tstamp_type_val_to_description(tstamp_types[i]));
} else {
- (void) fprintf(stderr, " %d\n", tstamp_types[i]);
+ (void) fprintf(stdout, " %d\n", tstamp_types[i]);
}
}
pcap_free_tstamp_types(tstamp_types);
}
#endif
-static void
+static void NORETURN
show_dlts_and_exit(pcap_t *pc, const char *device)
{
int n_dlts, i;
* monitor mode might be different from the ones available when
* not in monitor mode).
*/
+ (void) fprintf(stdout, "Data link types for ");
if (supports_monitor_mode)
- (void) fprintf(stderr, "Data link types for %s %s (use option -y to set):\n",
+ (void) fprintf(stdout, "%s %s",
device,
Iflag ? "when in monitor mode" : "when not in monitor mode");
else
- (void) fprintf(stderr, "Data link types for %s (use option -y to set):\n",
+ (void) fprintf(stdout, "%s",
device);
+ (void) fprintf(stdout, " (use option -y to set):\n");
for (i = 0; i < n_dlts; i++) {
dlt_name = pcap_datalink_val_to_name(dlts[i]);
if (dlt_name != NULL) {
- (void) fprintf(stderr, " %s (%s)", dlt_name,
+ (void) fprintf(stdout, " %s (%s)", dlt_name,
pcap_datalink_val_to_description(dlts[i]));
/*
* OK, does tcpdump handle that type?
*/
if (!has_printer(dlts[i]))
- (void) fprintf(stderr, " (printing not supported)");
- fprintf(stderr, "\n");
+ (void) fprintf(stdout, " (printing not supported)");
+ fprintf(stdout, "\n");
} else {
- (void) fprintf(stderr, " DLT %d (printing not supported)\n",
+ (void) fprintf(stdout, " DLT %d (printing not supported)\n",
dlts[i]);
}
}
}
#ifdef HAVE_PCAP_FINDALLDEVS
-static void
+static void NORETURN
show_devices_and_exit(void)
{
pcap_if_t *dev, *devlist;
#endif /* HAVE_PCAP_FINDALLDEVS */
#ifdef HAVE_PCAP_FINDALLDEVS_EX
-static void
+static void NORETURN
show_remote_devices_and_exit(void)
{
pcap_if_t *dev, *devlist;
{
char *filename = malloc(PATH_MAX + 1);
if (filename == NULL)
- error("Makefilename: malloc");
+ error("%s: malloc", __func__);
/* Process with strftime if Gflag is set. */
if (Gflag != 0) {
/* Convert Gflag_time to a usable format */
if ((local_tm = localtime(&Gflag_time)) == NULL) {
- error("MakeTimedFilename: localtime");
+ error("%s: localtime", __func__);
}
/* There's no good way to detect an error in strftime since a return
* necessary to make the standard I/O library work with an fdopen()ed
* FILE * from that descriptor.
*
- * A long time ago, in a galaxy far far away, AT&T decided that, instead
+ * A long time ago in a galaxy far, far away, AT&T decided that, instead
* of providing separate APIs for getting and setting the FD_ flags on a
* descriptor, getting and setting the O_ flags on a descriptor, and
* locking files, they'd throw them all into a kitchen-sink fcntl() call
buf = (char *)malloc(len);
if (buf == NULL)
- error("copy_argv: malloc");
+ error("%s: malloc", __func__);
p = argv;
dst = buf;
int i, fd;
ssize_t cc;
char *cp;
- struct stat buf;
+ our_statb buf;
fd = open(fname, O_RDONLY|O_BINARY);
if (fd < 0)
error("can't open %s: %s", fname, pcap_strerror(errno));
- if (fstat(fd, &buf) < 0)
+ if (our_fstat(fd, &buf) < 0)
error("can't stat %s: %s", fname, pcap_strerror(errno));
+ /*
+ * Reject files whose size doesn't fit into an int; a filter
+ * *that* large will probably be too big.
+ */
+ if (buf.st_size > INT_MAX)
+ error("%s is too large", fname);
+
cp = malloc((u_int)buf.st_size + 1);
if (cp == NULL)
error("malloc(%d) for %s: %s", (u_int)buf.st_size + 1,
if (cc < 0)
error("read %s: %s", fname, pcap_strerror(errno));
if (cc != buf.st_size)
- error("short read %s (%zd != %d)", fname, cc, (int)buf.st_size);
+ error("short read %s (%d != %d)", fname, (int) cc,
+ (int)buf.st_size);
close(fd);
/* replace "# comment" with spaces */
int yflag_dlt = -1;
const char *yflag_dlt_name = NULL;
int print = 0;
+ long Cflagmult = 1000000;
netdissect_options Ndo;
netdissect_options *ndo = &Ndo;
VFile = NULL;
WFileName = NULL;
dlt = -1;
- if ((cp = strrchr(argv[0], '/')) != NULL)
+ if ((cp = strrchr(argv[0], PATH_SEPARATOR)) != NULL)
ndo->program_name = program_name = cp + 1;
else
ndo->program_name = program_name = argv[0];
case 'C':
errno = 0;
+ if (optarg[strlen(optarg)-1] == 'k') {
+ Cflagmult = 1024;
+ optarg[strlen(optarg)-1] = '\0';
+ }
+ if (optarg[strlen(optarg)-1] == 'm') {
+ Cflagmult = 1024*1024;
+ optarg[strlen(optarg)-1] = '\0';
+ }
+ if (optarg[strlen(optarg)-1] == 'g') {
+ Cflagmult = 1024*1024*1024;
+ optarg[strlen(optarg)-1] = '\0';
+ }
#ifdef HAVE_PCAP_DUMP_FTELL64
Cflag = strtoint64_t(optarg, &endp, 10);
#else
|| Cflag <= 0)
error("invalid file size %s", optarg);
/*
- * Will multiplying it by 1000000 overflow?
+ * Will multiplying it by multiplier overflow?
*/
#ifdef HAVE_PCAP_DUMP_FTELL64
- if (Cflag > INT64_T_CONSTANT(0x7fffffffffffffff) / 1000000)
+ if (Cflag > INT64_T_CONSTANT(0x7fffffffffffffff) / Cflagmult)
#else
- if (Cflag > LONG_MAX / 1000000)
+ if (Cflag > LONG_MAX / Cflagmult)
#endif
error("file size %s is too large", optarg);
- Cflag *= 1000000;
+ Cflag *= Cflagmult;
break;
case 'd':
/* Grab the current time for rotation use. */
if ((Gflag_time = time(NULL)) == (time_t)-1) {
- error("main: can't get current time: %s",
- pcap_strerror(errno));
+ error("%s: can't get current time: %s",
+ __func__, pcap_strerror(errno));
}
break;
case 'h':
- print_usage();
+ print_usage(stdout);
exit_tcpdump(S_SUCCESS);
break;
ndo->ndo_packettype = PT_PTP;
else if (ascii_strcasecmp(optarg, "someip") == 0)
ndo->ndo_packettype = PT_SOMEIP;
+ else if (ascii_strcasecmp(optarg, "domain") == 0)
+ ndo->ndo_packettype = PT_DOMAIN;
else
error("unknown packet type `%s'", optarg);
break;
break;
case OPTION_VERSION:
- print_version();
+ print_version(stdout);
exit_tcpdump(S_SUCCESS);
break;
break;
default:
- print_usage();
+ print_usage(stderr);
exit_tcpdump(S_ERR_HOST_PROGRAM);
/* NOTREACHED */
}
show_remote_devices_and_exit();
#endif
+#if defined(DLT_LINUX_SLL2) && defined(HAVE_PCAP_SET_DATALINK)
+/* Set default linktype DLT_LINUX_SLL2 when capturing on the "any" device */
+ if (device != NULL &&
+ strncmp (device, "any", strlen("any")) == 0
+ && yflag_dlt == -1)
+ yflag_dlt = DLT_LINUX_SLL2;
+#endif
+
switch (ndo->ndo_tflag) {
case 0: /* Default */
}
#endif
(void)fprintf(stderr, "%s: data link type %s\n",
- program_name, yflag_dlt_name);
+ program_name,
+ pcap_datalink_val_to_name(yflag_dlt));
(void)fflush(stderr);
}
i = pcap_snapshot(pd);
}
if (print) {
dlt = pcap_datalink(pd);
- ndo->ndo_if_printer = get_if_printer(ndo, dlt);
+ ndo->ndo_if_printer = get_if_printer(dlt);
dumpinfo.ndo = ndo;
} else
dumpinfo.ndo = NULL;
#endif
} else {
dlt = pcap_datalink(pd);
- ndo->ndo_if_printer = get_if_printer(ndo, dlt);
+ ndo->ndo_if_printer = get_if_printer(dlt);
callback = print_packet;
pcap_userdata = (u_char *)ndo;
}
(void)setsignal(SIGNAL_FLUSH_PCAP, flushpcap);
#endif
- if (ndo->ndo_vflag > 0 && WFileName && !print) {
+ if (ndo->ndo_vflag > 0 && WFileName && RFileName == NULL && !print) {
/*
* When capturing to a file, if "--print" wasn't specified,
*"-v" means tcpdump should, once per second,
* "v"erbosely report the number of packets captured.
+ * Except when reading from a file, because -r, -w and -v
+ * together used to make a corner case, in which pcap_loop()
+ * errored due to EINTR (see GH #155 for details).
*/
#ifdef _WIN32
/*
*/
if (!ndo->ndo_vflag && !WFileName) {
(void)fprintf(stderr,
- "%s: verbose output suppressed, use -v or -vv for full protocol decode\n",
+ "%s: verbose output suppressed, use -v[v]... for full protocol decode\n",
program_name);
} else
(void)fprintf(stderr, "%s: ", program_name);
* the new DLT.
*/
dlt = new_dlt;
- ndo->ndo_if_printer = get_if_printer(ndo, dlt);
+ ndo->ndo_if_printer = get_if_printer(dlt);
if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0)
error("%s", pcap_geterr(pd));
}
while (ret != NULL);
if (count_mode && RFileName != NULL)
- fprintf(stderr, "%u packet%s\n", packets_captured,
+ fprintf(stdout, "%u packet%s\n", packets_captured,
PLURAL_SUFFIX(packets_captured));
free(cmdbuf);
/* Get the current time */
if ((t = time(NULL)) == (time_t)-1) {
- error("dump_and_trunc_packet: can't get current_time: %s",
- pcap_strerror(errno));
+ error("%s: can't get current_time: %s",
+ __func__, pcap_strerror(errno));
}
free(dump_info->CurrentFileName);
dump_info->CurrentFileName = (char *)malloc(PATH_MAX + 1);
if (dump_info->CurrentFileName == NULL)
- error("dump_packet_and_trunc: malloc");
+ error("%s: malloc", __func__);
MakeFilename(dump_info->CurrentFileName, dump_info->WFileName, Cflag_count, WflagChars);
#ifdef HAVE_LIBCAP_NG
capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE);
USES_APPLE_DEPRECATED_API
static void
-print_version(void)
+print_version(FILE *f)
{
#ifndef HAVE_PCAP_LIB_VERSION
#ifdef HAVE_PCAP_VERSION
#endif /* HAVE_PCAP_LIB_VERSION */
const char *smi_version_string;
- (void)fprintf(stderr, "%s version " PACKAGE_VERSION "\n", program_name);
+ (void)fprintf(f, "%s version " PACKAGE_VERSION "\n", program_name);
#ifdef HAVE_PCAP_LIB_VERSION
- (void)fprintf(stderr, "%s\n", pcap_lib_version());
+ (void)fprintf(f, "%s\n", pcap_lib_version());
#else /* HAVE_PCAP_LIB_VERSION */
- (void)fprintf(stderr, "libpcap version %s\n", pcap_version);
+ (void)fprintf(f, "libpcap version %s\n", pcap_version);
#endif /* HAVE_PCAP_LIB_VERSION */
#if defined(HAVE_LIBCRYPTO) && defined(SSLEAY_VERSION)
- (void)fprintf (stderr, "%s\n", SSLeay_version(SSLEAY_VERSION));
+ (void)fprintf (f, "%s\n", SSLeay_version(SSLEAY_VERSION));
#endif
smi_version_string = nd_smi_version_string();
if (smi_version_string != NULL)
- (void)fprintf (stderr, "SMI-library: %s\n", smi_version_string);
+ (void)fprintf (f, "SMI-library: %s\n", smi_version_string);
#if defined(__SANITIZE_ADDRESS__)
- (void)fprintf (stderr, "Compiled with AddressSanitizer/GCC.\n");
+ (void)fprintf (f, "Compiled with AddressSanitizer/GCC.\n");
#elif defined(__has_feature)
# if __has_feature(address_sanitizer)
- (void)fprintf (stderr, "Compiled with AddressSanitizer/CLang.\n");
+ (void)fprintf (f, "Compiled with AddressSanitizer/Clang.\n");
+# elif __has_feature(memory_sanitizer)
+ (void)fprintf (f, "Compiled with MemorySanitizer/Clang.\n");
# endif
#endif /* __SANITIZE_ADDRESS__ or __has_feature */
}
USES_APPLE_RST
static void
-print_usage(void)
+print_usage(FILE *f)
{
- print_version();
- (void)fprintf(stderr,
+ print_version(f);
+ (void)fprintf(f,
"Usage: %s [-Abd" D_FLAG "efhH" I_FLAG J_FLAG "KlLnNOpqStu" U_FLAG "vxX#]" B_FLAG_USAGE " [ -c count ] [--count]\n", program_name);
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]\n");
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t[ -i interface ]" IMMEDIATE_MODE_USAGE j_FLAG_USAGE "\n");
#ifdef HAVE_PCAP_FINDALLDEVS_EX
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t" LIST_REMOTE_INTERFACES_USAGE "\n");
#endif
#ifdef USE_LIBSMI
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t" m_FLAG_USAGE "\n");
#endif
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t[ -M secret ] [ --number ] [ --print ]" Q_FLAG_USAGE "\n");
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t[ -r file ] [ -s snaplen ] [ -T type ] [ --version ]\n");
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t[ -V file ] [ -w file ] [ -W filecount ] [ -y datalinktype ]\n");
#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t[ --time-stamp-precision precision ] [ --micro ] [ --nano ]\n");
#endif
- (void)fprintf(stderr,
+ (void)fprintf(f,
"\t\t[ -z postrotate-command ] [ -Z user ] [ expression ]\n");
}
projects / tcpdump / blobdiff