SMB: Add two missing bounds checks

[tcpdump] / tcpdump.c

diff --git a/tcpdump.c b/tcpdump.c
index 3b4d84f9ae85e6ad7ebc59d108e4971d5c63be0a..52af74af5fbdcb581c0d555cd53e93a99383e55d 100644 (file)
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -81,7 +81,7 @@ The Regents of the University of California.  All rights reserved.\n";
  * in the opposite order works fine.
  */
 #ifdef HAVE_CAPSICUM
-#include <sys/capability.h>
+#include <sys/capsicum.h>
 #include <sys/ioccom.h>
 #include <net/bpf.h>
 #include <libgen.h>
@@ -92,6 +92,19 @@ The Regents of the University of California.  All rights reserved.\n";
 #endif /* HAVE_CASPER */
 #endif /* HAVE_CAPSICUM */
 #ifdef HAVE_PCAP_OPEN
+/*
+ * We found pcap_open() in the capture library, so we'll be using
+ * the remote capture APIs; define PCAP_REMOTE before we include pcap.h,
+ * so we get those APIs declared, and the types and #defines that they
+ * use defined.
+ *
+ * WinPcap's headers require that PCAP_REMOTE be defined in order to get
+ * remote-capture APIs declared and types and #defines that they use
+ * defined.
+ *
+ * (Versions of libpcap with those APIs, and thus Npcap, which is based on
+ * those versions of libpcap, don't require it.)
+ */
 #define HAVE_REMOTE
 #endif
 #include <pcap.h>
@@ -179,6 +192,7 @@ static char *remote_interfaces_source;      /* list available devices from this sourc
  * dflag but, instead, *if* built with optimizer debugging code,
  * *export* a routine to set that flag.
  */
+extern int dflag;
 int dflag;                             /* print filter code */
 static int Gflag;                      /* rotate dump files after this many seconds */
 static int Gflag_count;                        /* number of files created with Gflag rotation */
@@ -624,6 +638,10 @@ show_remote_devices_and_exit(void)
 #define J_FLAG
 #endif /* PCAP_ERROR_TSTAMP_TYPE_NOTSUP */
 
+#ifdef USE_LIBSMI
+#define m_FLAG_USAGE "[ -m module ] ..."
+#endif
+
 #ifdef HAVE_PCAP_SETDIRECTION
 #define Q_FLAG "Q:"
 #define Q_FLAG_USAGE " [ -Q in|out|inout ]"
@@ -665,6 +683,8 @@ show_remote_devices_and_exit(void)
 #define OPTION_IMMEDIATE_MODE          130
 #define OPTION_PRINT                   131
 #define OPTION_LIST_REMOTE_INTERFACES  132
+#define OPTION_TSTAMP_MICRO            133
+#define OPTION_TSTAMP_NANO             134
 
 static const struct option longopts[] = {
 #if defined(HAVE_PCAP_CREATE) || defined(_WIN32)
@@ -684,6 +704,8 @@ static const struct option longopts[] = {
        { "list-time-stamp-types", no_argument, NULL, 'J' },
 #endif
 #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION
+       { "micro", no_argument, NULL, OPTION_TSTAMP_MICRO},
+       { "nano", no_argument, NULL, OPTION_TSTAMP_NANO},
        { "time-stamp-precision", required_argument, NULL, OPTION_TSTAMP_PRECISION},
 #endif
        { "dont-verify-checksums", no_argument, NULL, 'K' },
@@ -713,7 +735,7 @@ static const struct option longopts[] = {
 };
 
 #ifdef HAVE_PCAP_FINDALLDEVS_EX
-#define LIST_REMOTE_INTERFACES_USAGE "[ --list-remote-interfaces remote-source  ]"
+#define LIST_REMOTE_INTERFACES_USAGE "[ --list-remote-interfaces remote-source ]"
 #else
 #define LIST_REMOTE_INTERFACES_USAGE
 #endif
@@ -724,12 +746,6 @@ static const struct option longopts[] = {
 #define IMMEDIATE_MODE_USAGE ""
 #endif
 
-#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION
-#define TIME_STAMP_PRECISION_USAGE " [ --time-stamp-precision precision ]"
-#else
-#define TIME_STAMP_PRECISION_USAGE
-#endif
-
 #ifndef _WIN32
 /* Drop root privileges and chroot if necessary */
 static void
@@ -1184,9 +1200,10 @@ _U_
 
 #ifdef HAVE_PCAP_OPEN
 /*
- * Prefix for rpcap URLs.
+ * Prefixes for rpcap URLs.
  */
 static char rpcap_prefix[] = "rpcap://";
+static char rpcap_ssl_prefix[] = "rpcaps://";
 #endif
 
 static pcap_t *
@@ -1202,7 +1219,8 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf)
        /*
         * Is this an rpcap URL?
         */
-       if (strncmp(device, rpcap_prefix, sizeof(rpcap_prefix) - 1) == 0) {
+       if (strncmp(device, rpcap_prefix, sizeof(rpcap_prefix) - 1) == 0 ||
+           strncmp(device, rpcap_ssl_prefix, sizeof(rpcap_ssl_prefix) - 1) == 0) {
                /*
                 * Yes.  Open it with pcap_open().
                 */
@@ -1853,6 +1871,16 @@ main(int argc, char **argv)
                        print = 1;
                        break;
 
+#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION
+               case OPTION_TSTAMP_MICRO:
+                       ndo->ndo_tstamp_precision = PCAP_TSTAMP_PRECISION_MICRO;
+                       break;
+
+               case OPTION_TSTAMP_NANO:
+                       ndo->ndo_tstamp_precision = PCAP_TSTAMP_PRECISION_NANO;
+                       break;
+#endif
+
                default:
                        print_usage();
                        exit_tcpdump(S_ERR_HOST_PROGRAM);
@@ -2264,7 +2292,7 @@ DIAG_ON_CLANG(assign-enum)
                if (pdd == NULL)
                        error("%s", pcap_geterr(pd));
 #ifdef HAVE_CAPSICUM
-               set_dumper_capsicum_rights(p);
+               set_dumper_capsicum_rights(pdd);
 #endif
                if (Cflag != 0 || Gflag != 0) {
 #ifdef HAVE_CAPSICUM
@@ -3059,15 +3087,21 @@ print_usage(void)
 #ifdef HAVE_PCAP_FINDALLDEVS_EX
        (void)fprintf(stderr,
 "\t\t" LIST_REMOTE_INTERFACES_USAGE "\n");
+#endif
+#ifdef USE_LIBSMI
+       (void)fprintf(stderr,
+"\t\t" m_FLAG_USAGE "\n");
 #endif
        (void)fprintf(stderr,
 "\t\t[ -M secret ] [ --number ] [ --print ]" Q_FLAG_USAGE "\n");
        (void)fprintf(stderr,
-"\t\t[ -r file ] [ -s snaplen ]" TIME_STAMP_PRECISION_USAGE "\n");
+"\t\t[ -r file ] [ -s snaplen ] [ -T type ] [ --version ]\n");
        (void)fprintf(stderr,
-"\t\t[ -T type ] [ --version ] [ -V file ] [ -w file ]\n");
+"\t\t[ -V file ] [ -w file ] [ -W filecount ] [ -y datalinktype ]\n");
+#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION
        (void)fprintf(stderr,
-"\t\t[ -W filecount ] [ -y datalinktype ]\n");
+"\t\t[ --time-stamp-precision precision ] [ --micro ] [ --nano ]\n");
+#endif
        (void)fprintf(stderr,
 "\t\t[ -z postrotate-command ] [ -Z user ] [ expression ]\n");
 }