X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/6fc4beef8213322d50d6859d14d9dd71e3d613f4..refs/heads/tcpdump-4.9:/tcpdump.c

diff --git a/tcpdump.c b/tcpdump.c
index d9c7f7ab..8f27ba2a 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -108,6 +108,7 @@ The Regents of the University of California.  All rights reserved.\n";
 #endif /* HAVE_CAP_NG_H */
 #endif /* HAVE_LIBCAP_NG */
 
+#include "netdissect-stdinc.h"
 #include "netdissect.h"
 #include "interface.h"
 #include "addrtoname.h"
@@ -607,11 +608,10 @@ droproot(const char *username, const char *chroot_dir)
 #ifdef HAVE_LIBCAP_NG
 		{
 			int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
-			if (ret < 0) {
-				fprintf(stderr, "error : ret %d\n", ret);
-			} else {
+			if (ret < 0)
+				error("capng_change_id(): return %d\n", ret);
+			else
 				fprintf(stderr, "dropped privs to %s\n", username);
-			}
 		}
 #else
 		if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
@@ -700,13 +700,15 @@ static char *
 get_next_file(FILE *VFile, char *ptr)
 {
 	char *ret;
+	size_t len;
 
 	ret = fgets(ptr, PATH_MAX, VFile);
 	if (!ret)
 		return NULL;
 
-	if (ptr[strlen(ptr) - 1] == '\n')
-		ptr[strlen(ptr) - 1] = '\0';
+	len = strlen (ptr);
+	if (len > 0 && ptr[len - 1] == '\n')
+		ptr[len - 1] = '\0';
 
 	return ret;
 }
@@ -860,15 +862,22 @@ read_infile(char *fname)
 {
 	register int i, fd, cc;
 	register char *cp;
-	struct stat buf;
+	our_statb buf;
 
 	fd = open(fname, O_RDONLY|O_BINARY);
 	if (fd < 0)
 		error("can't open %s: %s", fname, pcap_strerror(errno));
 
-	if (fstat(fd, &buf) < 0)
+	if (our_fstat(fd, &buf) < 0)
 		error("can't stat %s: %s", fname, pcap_strerror(errno));
 
+	/*
+	 * Reject files whose size doesn't fit into an int; a filter
+	 * *that* large will probably be too big.
+	 */
+	if (buf.st_size > INT_MAX)
+		error("%s is too large", fname);
+
 	cp = malloc((u_int)buf.st_size + 1);
 	if (cp == NULL)
 		error("malloc(%d) for %s: %s", (u_int)buf.st_size + 1,
@@ -877,7 +886,8 @@ read_infile(char *fname)
 	if (cc < 0)
 		error("read %s: %s", fname, pcap_strerror(errno));
 	if (cc != buf.st_size)
-		error("short read %s (%d != %d)", fname, cc, (int)buf.st_size);
+		error("short read %s (%d != %d)", fname, (int) cc,
+		    (int)buf.st_size);
 
 	close(fd);
 	/* replace "# comment" with spaces */
@@ -1023,6 +1033,10 @@ open_interface(const char *device, netdissect_options *ndo, char *ebuf)
 		if (status < 0)
 			error("%s: Can't set time stamp type: %s",
 		              device, pcap_statustostr(status));
+		else if (status > 0)
+			warning("When trying to set timestamp type '%s' on %s: %s",
+				pcap_tstamp_type_val_to_name(jflag), device,
+				pcap_statustostr(status));
 	}
 #endif
 	status = pcap_activate(pc);