X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/a979288a11762528e777e1df70946f382c650d3c..817aadf8bb2f67efced4c26f7335db0f64d67783:/tcpdump.c

diff --git a/tcpdump.c b/tcpdump.c
index 4cf74849..e0237061 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -56,11 +56,6 @@ The Regents of the University of California.  All rights reserved.\n";
 
 #include <netdissect-stdinc.h>
 
-#ifdef _WIN32
-#define off_t long
-#define uint UINT
-#endif /* _WIN32 */
-
 #ifdef USE_LIBSMI
 #include <smi.h>
 #endif
@@ -135,7 +130,19 @@ The Regents of the University of California.  All rights reserved.\n";
 static int Cflag;			/* rotate dump files after this many bytes */
 static int Cflag_count;			/* Keep track of which file number we're writing */
 static int Dflag;			/* list available devices and exit */
-static int dflag;			/* print filter code */
+/*
+ * This is exported because, in some versions of libpcap, if libpcap
+ * is built with optimizer debugging code (which is *NOT* the default
+ * configuration!), the library *imports*(!) a variable named dflag,
+ * under the expectation that tcpdump is exporting it, to govern
+ * how much debugging information to print when optimizing
+ * the generated BPF code.
+ *
+ * This is a horrible hack; newer versions of libpcap don't import
+ * dflag but, instead, *if* built with optimizer debugging code,
+ * *export* a routine to set that flag.
+ */
+int dflag;				/* print filter code */
 static int Gflag;			/* rotate dump files after this many seconds */
 static int Gflag_count;			/* number of files created with Gflag rotation */
 static time_t Gflag_time;		/* The last time_t the dump file was rotated. */
@@ -214,6 +221,57 @@ struct dump_info {
 #endif
 };
 
+#if defined(HAVE_PCAP_SET_PARSER_DEBUG)
+/*
+ * We have pcap_set_parser_debug() in libpcap; declare it (it's not declared
+ * by any libpcap header, because it's a special hack, only available if
+ * libpcap was configured to include it, and only intended for use by
+ * libpcap developers trying to debug the parser for filter expressions).
+ */
+#ifdef _WIN32
+__declspec(dllimport)
+#else /* _WIN32 */
+extern
+#endif /* _WIN32 */
+void pcap_set_parser_debug(int);
+#elif defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
+/*
+ * We don't have pcap_set_parser_debug() in libpcap, but we do have
+ * pcap_debug or yydebug.  Make a local version of pcap_set_parser_debug()
+ * to set the flag, and define HAVE_PCAP_SET_PARSER_DEBUG.
+ */
+static void
+pcap_set_parser_debug(int value)
+{
+#ifdef HAVE_PCAP_DEBUG
+	extern int pcap_debug;
+
+	pcap_debug = value;
+#else /* HAVE_PCAP_DEBUG */
+	extern int yydebug;
+
+	yydebug = value;
+#endif /* HAVE_PCAP_DEBUG */
+}
+
+#define HAVE_PCAP_SET_PARSER_DEBUG
+#endif
+
+#if defined(HAVE_PCAP_SET_OPTIMIZER_DEBUG)
+/*
+ * We have pcap_set_optimizer_debug() in libpcap; declare it (it's not declared
+ * by any libpcap header, because it's a special hack, only available if
+ * libpcap was configured to include it, and only intended for use by
+ * libpcap developers trying to debug the optimizer for filter expressions).
+ */
+#ifdef _WIN32
+__declspec(dllimport)
+#else /* _WIN32 */
+extern
+#endif /* _WIN32 */
+void pcap_set_optimizer_debug(int);
+#endif
+
 #ifdef HAVE_PCAP_SET_TSTAMP_TYPE
 static void
 show_tstamp_types_and_exit(const char *device)
@@ -304,23 +362,21 @@ show_dlts_and_exit(const char *device)
 static void
 show_devices_and_exit (void)
 {
-	pcap_if_t *devpointer;
+	pcap_if_t *dev, *devlist;
 	char ebuf[PCAP_ERRBUF_SIZE];
 	int i;
 
-	if (pcap_findalldevs(&devpointer, ebuf) < 0)
+	if (pcap_findalldevs(&devlist, ebuf) < 0)
 		error("%s", ebuf);
-	else {
-		for (i = 0; devpointer != NULL; i++) {
-			printf("%d.%s", i+1, devpointer->name);
-			if (devpointer->description != NULL)
-				printf(" (%s)", devpointer->description);
-			if (devpointer->flags != 0)
-				printf(" [%s]", bittok2str(status_flags, "none", devpointer->flags));
-			printf("\n");
-			devpointer = devpointer->next;
-		}
+	for (i = 0, dev = devlist; dev != NULL; i++, dev = dev->next) {
+		printf("%d.%s", i+1, dev->name);
+		if (dev->description != NULL)
+			printf(" (%s)", dev->description);
+		if (dev->flags != 0)
+			printf(" [%s]", bittok2str(status_flags, "none", dev->flags));
+		printf("\n");
 	}
+	pcap_freealldevs(devlist);
 	exit(0);
 }
 #endif /* HAVE_PCAP_FINDALLDEVS */
@@ -460,7 +516,7 @@ static const struct option longopts[] = {
 #ifdef HAVE_PCAP_SET_IMMEDIATE_MODE
 	{ "immediate-mode", no_argument, NULL, OPTION_IMMEDIATE_MODE },
 #endif
-#if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
+#ifdef HAVE_PCAP_SET_PARSER_DEBUG
 	{ "debug-filter-parser", no_argument, NULL, 'Y' },
 #endif
 	{ "relinquish-privileges", required_argument, NULL, 'Z' },
@@ -721,7 +777,7 @@ main(int argc, char **argv)
 	char *ret = NULL;
 	char *end;
 #ifdef HAVE_PCAP_FINDALLDEVS
-	pcap_if_t *devpointer;
+	pcap_if_t *dev, *devlist;
 	int devnum;
 #endif
 	int status;
@@ -888,22 +944,20 @@ main(int argc, char **argv)
 				if (devnum < 0)
 					error("Invalid adapter index");
 
-				if (pcap_findalldevs(&devpointer, ebuf) < 0)
+				if (pcap_findalldevs(&devlist, ebuf) < 0)
 					error("%s", ebuf);
-				else {
-					/*
-					 * Look for the devnum-th entry
-					 * in the list of devices
-					 * (1-based).
-					 */
-					for (i = 0;
-					    i < devnum-1 && devpointer != NULL;
-					    i++, devpointer = devpointer->next)
-						;
-					if (devpointer == NULL)
-						error("Invalid adapter index");
-				}
-				device = devpointer->name;
+				/*
+				 * Look for the devnum-th entry in the
+				 * list of devices (1-based).
+				 */
+				for (i = 0, dev = devlist;
+				    i < devnum-1 && dev != NULL;
+				    i++, dev = dev->next)
+					;
+				if (dev == NULL)
+					error("Invalid adapter index");
+				device = strdup(dev->name);
+				pcap_freealldevs(devlist);
 				break;
 			}
 #endif /* HAVE_PCAP_FINDALLDEVS */
@@ -1113,30 +1167,20 @@ main(int argc, char **argv)
 				error("invalid data link type %s", yflag_dlt_name);
 			break;
 
-#if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
+#ifdef HAVE_PCAP_SET_PARSER_DEBUG
 		case 'Y':
 			{
 			/* Undocumented flag */
-#ifdef HAVE_PCAP_DEBUG
-			extern int pcap_debug;
-			pcap_debug = 1;
-#else
-			extern int yydebug;
-			yydebug = 1;
-#endif
+			pcap_set_parser_debug(1);
 			}
 			break;
 #endif
 		case 'z':
-			zflag = strdup(optarg);
-			if (zflag == NULL)
-				error("Unable to allocate memory for -z argument");
+			zflag = optarg;
 			break;
 
 		case 'Z':
-			username = strdup(optarg);
-			if (username == NULL)
-				error("Unable to allocate memory for -Z argument");
+			username = optarg;
 			break;
 
 		case '#':
@@ -1256,7 +1300,7 @@ main(int argc, char **argv)
 				VFile = fopen(VFileName, "r");
 
 			if (VFile == NULL)
-				error("Unable to open file: %s\n", strerror(errno));
+				error("Unable to open file: %s\n", pcap_strerror(errno));
 
 			ret = get_next_file(VFile, VFileLine);
 			if (!ret)
@@ -1296,7 +1340,15 @@ main(int argc, char **argv)
 		 * We're doing a live capture.
 		 */
 		if (device == NULL) {
+#ifdef HAVE_PCAP_FINDALLDEVS
+			if (pcap_findalldevs(&devlist, ebuf) >= 0 &&
+			    devlist != NULL) {
+				device = strdup(devlist->name);
+				pcap_freealldevs(devlist);
+			}
+#else /* HAVE_PCAP_FINDALLDEVS */
 			device = pcap_lookupdev(ebuf);
+#endif
 			if (device == NULL)
 				error("%s", ebuf);
 		}
@@ -1423,7 +1475,8 @@ main(int argc, char **argv)
 #endif /* HAVE_PCAP_SETDIRECTION */
 #else
 		*ebuf = '\0';
-		pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf);
+		pd = pcap_open_live(device, ndo->ndo_snaplen, !pflag, 1000,
+		    ebuf);
 		if (pd == NULL)
 			error("%s", ebuf);
 		else if (*ebuf)
@@ -1480,12 +1533,16 @@ main(int argc, char **argv)
 	else
 		cmdbuf = copy_argv(&argv[optind]);
 
+#ifdef HAVE_PCAP_SET_OPTIMIZER_DEBUG
+	pcap_set_optimizer_debug(dflag);
+#endif
 	if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0)
 		error("%s", pcap_geterr(pd));
 	if (dflag) {
 		bpf_dump(&fcode, dflag);
 		pcap_close(pd);
 		free(cmdbuf);
+		pcap_freecode(&fcode);
 		exit(0);
 	}
 	init_print(ndo, localnet, netmask, timezone_offset);
@@ -1555,7 +1612,7 @@ main(int argc, char **argv)
 		error("%s", pcap_geterr(pd));
 #ifdef HAVE_CAPSICUM
 	if (RFileName == NULL && VFileName == NULL) {
-		static const unsigned long cmds[] = { BIOCGSTATS };
+		static const unsigned long cmds[] = { BIOCGSTATS, BIOCROTZBUF };
 
 		cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
 		if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 &&
@@ -1782,6 +1839,7 @@ main(int argc, char **argv)
 	while (ret != NULL);
 
 	free(cmdbuf);
+	pcap_freecode(&fcode);
 	exit(status == -1 ? 1 : 0);
 }
 
@@ -1841,14 +1899,14 @@ child_cleanup(int signo _U_)
 static void
 info(register int verbose)
 {
-	struct pcap_stat stat;
+	struct pcap_stat stats;
 
 	/*
 	 * Older versions of libpcap didn't set ps_ifdrop on some
 	 * platforms; initialize it to 0 to handle that.
 	 */
-	stat.ps_ifdrop = 0;
-	if (pcap_stats(pd, &stat) < 0) {
+	stats.ps_ifdrop = 0;
+	if (pcap_stats(pd, &stats) < 0) {
 		(void)fprintf(stderr, "pcap_stats: %s\n", pcap_geterr(pd));
 		infoprint = 0;
 		return;
@@ -1863,38 +1921,52 @@ info(register int verbose)
 		fputs(", ", stderr);
 	else
 		putc('\n', stderr);
-	(void)fprintf(stderr, "%u packet%s received by filter", stat.ps_recv,
-	    PLURAL_SUFFIX(stat.ps_recv));
+	(void)fprintf(stderr, "%u packet%s received by filter", stats.ps_recv,
+	    PLURAL_SUFFIX(stats.ps_recv));
 	if (!verbose)
 		fputs(", ", stderr);
 	else
 		putc('\n', stderr);
-	(void)fprintf(stderr, "%u packet%s dropped by kernel", stat.ps_drop,
-	    PLURAL_SUFFIX(stat.ps_drop));
-	if (stat.ps_ifdrop != 0) {
+	(void)fprintf(stderr, "%u packet%s dropped by kernel", stats.ps_drop,
+	    PLURAL_SUFFIX(stats.ps_drop));
+	if (stats.ps_ifdrop != 0) {
 		if (!verbose)
 			fputs(", ", stderr);
 		else
 			putc('\n', stderr);
 		(void)fprintf(stderr, "%u packet%s dropped by interface\n",
-		    stat.ps_ifdrop, PLURAL_SUFFIX(stat.ps_ifdrop));
+		    stats.ps_ifdrop, PLURAL_SUFFIX(stats.ps_ifdrop));
 	} else
 		putc('\n', stderr);
 	infoprint = 0;
 }
 
 #if defined(HAVE_FORK) || defined(HAVE_VFORK)
+#ifdef HAVE_FORK
+#define fork_subprocess() fork()
+#else
+#define fork_subprocess() vfork()
+#endif
 static void
 compress_savefile(const char *filename)
 {
-# ifdef HAVE_FORK
-	if (fork())
-# else
-	if (vfork())
-# endif
+	pid_t child;
+
+	child = fork_subprocess();
+	if (child == -1) {
+		fprintf(stderr,
+			"compress_savefile: fork failed: %s\n",
+			pcap_strerror(errno));
+		return;
+	}
+	if (child != 0) {
+		/* Parent process. */
 		return;
+	}
+
 	/*
-	 * Set to lowest priority so that this doesn't disturb the capture
+	 * Child process.
+	 * Set to lowest priority so that this doesn't disturb the capture.
 	 */
 #ifdef NZERO
 	setpriority(PRIO_PROCESS, 0, NZERO - 1);
@@ -1903,15 +1975,15 @@ compress_savefile(const char *filename)
 #endif
 	if (execlp(zflag, zflag, filename, (char *)NULL) == -1)
 		fprintf(stderr,
-			"compress_savefile:execlp(%s, %s): %s\n",
+			"compress_savefile: execlp(%s, %s) failed: %s\n",
 			zflag,
 			filename,
-			strerror(errno));
-# ifdef HAVE_FORK
+			pcap_strerror(errno));
+#ifdef HAVE_FORK
 	exit(1);
-# else
+#else
 	_exit(1);
-# endif
+#endif
 }
 #else  /* HAVE_FORK && HAVE_VFORK */
 static void
@@ -2199,17 +2271,13 @@ RETSIGTYPE requestinfo(int signo _U_)
 void CALLBACK verbose_stats_dump (UINT timer_id _U_, UINT msg _U_, DWORD_PTR arg _U_,
 				  DWORD_PTR dw1 _U_, DWORD_PTR dw2 _U_)
 {
-	struct pcap_stat stat;
-
-	if (infodelay == 0 && pcap_stats(pd, &stat) >= 0)
+	if (infodelay == 0)
 		fprintf(stderr, "Got %u\r", packets_captured);
 }
 #elif defined(HAVE_ALARM)
 static void verbose_stats_dump(int sig _U_)
 {
-	struct pcap_stat stat;
-
-	if (infodelay == 0 && pcap_stats(pd, &stat) >= 0)
+	if (infodelay == 0)
 		fprintf(stderr, "Got %u\r", packets_captured);
 	alarm(1);
 }