Francois-Xavier Le Bail [Sat, 25 Dec 2021 15:01:11 +0000 (16:01 +0100)]
GRE: Modernize packet parsing
Enable ND_LONGJMP_FROM_TCHECK.
Use ND_LCHECK_U() for length checks.
Add and use many standard "invalid" sections.
Remove the redundant ND_TCHECK*() instances.
Add a bounds check before the addrtostr() call.
Remove two now useless comments.
Denis Ovsienko [Thu, 2 Dec 2021 20:31:34 +0000 (20:31 +0000)]
Treat "msys" as Windows for test exit statuses. [skip ci]
As far as it was possible to tell in GH pull request #653, exit statuses
have the same semantics in "msys" as they do in "MSWin32". Although
other OS-specific parts of TESTrun may require including or excluding
"msys" too, this would need to be established by running a current
revision of the script on the actual system.
Francois-Xavier Le Bail [Sat, 6 Nov 2021 15:58:42 +0000 (16:58 +0100)]
IPX: Add two length checks
This change fixes some undefined behaviors at runtime.
The errors were like:
print-ipx.c:160:12: runtime error: unsigned integer overflow:
1 - 2 cannot be represented in type 'unsigned int'
print-ipx.c:233:12: runtime error: unsigned integer overflow:
1 - 2 cannot be represented in type 'unsigned int'
Francois-Xavier Le Bail [Fri, 5 Nov 2021 20:48:31 +0000 (21:48 +0100)]
Ethernet: Add a length check
This fix some undefined behaviors at runtime.
The errors were like:
print-ether.c:241:11: runtime error: unsigned integer overflow:
1 - 2 cannot be represented in type 'unsigned int'
print-ether.c:242:11: runtime error: unsigned integer overflow:
1 - 2 cannot be represented in type 'unsigned int'
Guy Harris [Tue, 16 Nov 2021 07:52:08 +0000 (23:52 -0800)]
802.15.4: fix some compiler warnings.
C's type conversion rules are a barrel of fun. Did you know that if you
add "2" to an "unsigned short", the result has the type "int", even
though, at least on a machine where "unsigned int" is longer than
"unsigned short", the result is always >= 0?
Add "2U" instead, so that one of the operands is an "unsigned int",
making the result an "unsigned int".
Guy Harris [Tue, 16 Nov 2021 07:42:04 +0000 (23:42 -0800)]
802.15.4: fix various length checks and other issues.
Fix some length checks done before subtracting from a length value to
test whether the length value is < the full amount to be subtracted from
it, not just part of that amount.
Add some such checks where they were needed but not present.
Make some values unsigned if they're never negative.
This should fix some issues detected by undefined-behavior sanitizers.
Guy Harris [Mon, 15 Nov 2021 22:33:10 +0000 (14:33 -0800)]
BGP: make sure the path attributes don't go past the end of the packet.
This fixes some undefined behavior in which we subtract the remaining
length of the path attributes from the remaining length of the packet,
where the former is greater than the latter and they're both unsigned.
Denis Ovsienko [Sun, 14 Nov 2021 13:25:47 +0000 (13:25 +0000)]
Update eapon1-v.out to match the change to the EAP dissector.
The Buildbot workers build exactly what is in the tcpdump git repository
at the given revision, also every build (which consists of a single run
of build_matrix.sh) starts in a freshly cloned repository to keep any
effects of earlier builds out of the problem space.
So the only non-deterministic factors in a tcpdump build should be
libpcap revision, which is the latest master branch, and the host system
effects, such as network connectivity, disk space, RAM, compilers
randomly segfaulting for no reason, package updates and the likes.
In this case commit fd5f8f8 changed print-eap.c but not any tests, so
the build matrix failed at the first step that runs "make check", that
is, has BUILD_LIBPCAP=yes (for example, step 9 on linux-s390x and step 5
on openbsd-amd64). That step had SMB=no, so the eapon1-v-nosmb test
failed. This was correctly addressed in commit 6841a40, so the
previously failed step passed, but the next step (step 10 on linux-s390x
and step 6 on openbsd-amd64) had SMB=yes and the eapon1-v test failed.
Update the latter and have the full matrix pass again.
A simple way not to make this feedback loop longer than it needs to be
is to run the full matrix locally before pushing the changes (the stdout
can be redirected to /dev/null to see the most important messages only):
Guy Harris [Sun, 14 Nov 2021 06:20:08 +0000 (22:20 -0800)]
EAP: back out the two trailing-comma changes.
Hopefully this provokes one more build on the buildbots, with a matching
print-eap.c and tests/eapon1-v-nosmb.out, so that "make check" succeeds.
Step 2 is to check the new versions back in, in one commit, in the hopes
that "make check" succeeds.
It appears that, on all the buildbots, print-esp.c is up to date but
tests/eapon1-v-nosmb.out isn't; I have *NO* idea how that happened, but
it again reminds me that I hate software.
Guy Harris [Sun, 14 Nov 2021 02:50:02 +0000 (18:50 -0800)]
EAP: add some more length checks.
Check to make sure we don't go past the length value in the header.
Note that the string in an Identity message is optional (so we just
don't bother printing it if it's zero-length), but the string in a
notification message isn't (so report an error if it's zero-length).
Guy Harris [Sun, 14 Nov 2021 02:44:57 +0000 (18:44 -0800)]
EAP: label length mismatch as a possible EAP fragment.
In some cases, EAP fragmentation/reassembly is done at a layer above
EAP, e.g. when EAP messages are contained within a RADIUS message and
are broken up into multiple TLVs in the message. In those cases, the
length handed to eap_print() will be different from the length in the
first fragment's header, and the remaining fragments won't *have* a
header, so the "length" will be garbage and thus unlikely to be equal to
the length handed to us.
Francois-Xavier Le Bail [Thu, 4 Nov 2021 21:56:37 +0000 (22:56 +0100)]
EAP: Fix some undefined behaviors at runtime
The errors were like:
print-eap.c:179:25: runtime error: unsigned integer overflow:
2 - 5 cannot be represented in type 'unsigned int'
print-eap.c:181:50: runtime error: unsigned integer overflow:
2 - 5 cannot be represented in type 'unsigned int'
print-eap.c:186:25: runtime error: unsigned integer overflow:
2 - 5 cannot be represented in type 'unsigned int'
print-eap.c:188:50: runtime error: unsigned integer overflow:
2 - 5 cannot be represented in type 'unsigned int'
Mingrui [Thu, 4 Nov 2021 01:07:23 +0000 (09:07 +0800)]
[bugfix]configure: fix error when cross-compile
While cross-compile, ./configure --host=xxx will output:
"checking whether printf(3) supports the z length modifier...
configure: error: in `/${path_to_tcpdump}/tcpdump':"
That is casued by AC_RUN_IFELSE, as describe in
"https://www.gnu.org/software/autoconf/manual/autoconf-2.63/html_node/Runtime.html"
, if AC_RUN_IFELSE do not have cross-compile option, configure prints an error message and exits.
Francois-Xavier Le Bail [Tue, 2 Nov 2021 08:34:45 +0000 (09:34 +0100)]
lwres: Update a variable type
This should address two AppVeyor/Visual Studio 2019/x64 warnings:
print-lwres.c(197,23): warning C4267: 'function': conversion from
'size_t' to 'u_int', possible loss of data
print-lwres.c(201,14): warning C4267: 'return': conversion from
'size_t' to 'unsigned int', possible loss of data
IEEE 802.11: Add a test to check the 802.11s Mesh ID in management frames
The newly added pcap file contains a Mesh Beacon frame, a Wildcard Probe
Request and a Mesh Probe Response. The test case checks if the "Mesh ID"
field is properly parsed by the IEEE 802.11 printer.
Guy Harris [Wed, 11 Aug 2021 10:18:54 +0000 (03:18 -0700)]
Add a space at the end of the first line, to provoke a build.
(There doesn't appear to be an obvious way to force a rebuild, and a
change to libpcap doesn't force a rebuild of programs such as tcpdump
for which the CI build includes a build with the tip of the main branch
of libpcap.)
Guy Harris [Wed, 11 Aug 2021 08:44:51 +0000 (01:44 -0700)]
Get rid of duplicate definition of __has_attribute.
compiler-tests.h already checks whether __has_attribute and, if not,
defines it as a macro that always returns 0 (so that we use the "what
version of the compiler is this?" fallback checks for a given
attribute). We include compiler-tests.h before we define
__has_attribute ourselves, so we don't need to do it ourselves.
Guy Harris [Wed, 11 Aug 2021 08:05:52 +0000 (01:05 -0700)]
Make the tests a bit easier to read.
Add comments and indentation.
Handle XL C a bit more like the other compilers. Make the first test be
"is this someting that's not XL C", as is the case for other compilers;
that test is done as "are both __xlC__ and __ibmxl__ undefined". If
either of them are defined, use __ibmxl_version__ if __ibmxl__ is
defined, and use __xlC__ otherwise.
Every .c file that included netdissect-stdinc.h generated a warning:
In file included from ./netdissect-stdinc.h:42:
./ftmacros.h:48:11: warning: '__EXTENSIONS__' macro redefined
[-Wmacro-redefined]
<built-in>:345:9: note: previous definition is here
Guy Harris [Sun, 8 Aug 2021 07:36:42 +0000 (00:36 -0700)]
On Solaris, for 64-bit builds, use the 64-bit pcap-config.
There are two versions of pcap-config supplied on Solaris (or, at least,
on 64-bit Solaris) - a version that has the right --libs output to find
the 32-bit libraries and a version that has the right --libs output to
find the 64-bit libraries.
Try to figure out whether we're doing a 32-bit or 64-bit build (based on
the pointer size) and, for 64-bit builds, run the 64-bit version of
pcap-config.
Denis Ovsienko [Thu, 5 Aug 2021 13:18:55 +0000 (14:18 +0100)]
Use basename() and dirname() right on FreeBSD. [skip appveyor]
On FreeBSD CMake runs Clang with -std=gnu99, which used to emit three
warnings in a Capsicum-specific block along the following lines:
tcpdump.c:2432:32: warning: '_Generic' is a C11 extension
[-Wc11-extensions]
/usr/include/libgen.h:61:21: note: expanded from macro 'basename'
basename)(x)
/usr/include/sys/cdefs.h:325:2: note: expanded from macro '__generic'
_Generic(expr, t: yes, default: no)
(In the same context Autoconf does not request a specific C standard
from Clang, so it happens to use C17 and there is no warning.)
Type-generic expressions support in C99 mode seems to be a quirk of
Clang that cannot be disabled and is harmless in this context, so
introduce and use another pair of diagnostic control macros (for Clang
only) to squelch the warnings.
While at it, study the reason for _Generic use in /usr/include/libgen.h
and realize that tcpdump.c still assumes the behaviour before FreeBSD
12.0. Add two temporary buffers around basename() and dirname() calls
to get consistent results regardless of which FreeBSD version it is.
Denis Ovsienko [Tue, 3 Aug 2021 23:20:36 +0000 (00:20 +0100)]
Fix auto-enabling of Capsicum on FreeBSD with Autoconf. [skip appveyor]
Even after commit 6393bb6 --with-sandbox-capsicum didn't work entirely
as documented, as it defaulted to disabled:
checking whether to sandbox using capsicum... no
checking whether to sandbox using Casper library... no
Get the test condition right so it does what it says:
checking sys/capsicum.h usability... yes
checking sys/capsicum.h presence... yes
checking for sys/capsicum.h... yes
checking for cap_enter... yes
checking for cap_rights_limit... yes
checking for cap_ioctls_limit... yes
checking for openat... yes
checking for cap_init in -lcasper... yes
checking for cap_gethostbyaddr in -lcap_dns... yes
checking whether to sandbox using capsicum... yes
checking whether to sandbox using Casper library... yes
Denis Ovsienko [Tue, 3 Aug 2021 22:38:48 +0000 (23:38 +0100)]
Squelch a warning with Capsicum enabled. [skip appveyor]
The Capsicum workaround I added in commit 706c79e causes a side effect
on FreeBSD 11.4, 12.2 and 13.0 with local libpcap when Capsicum is
enabled, that is, in CMake builds (Capsicum detection is broken in
Autoconf builds, as it turns out). Add a workaround for the side effect
as well and get rid of another warning and respective exemption:
tcpdump.c:2286:3: warning: implicit declaration of function 'bpf_dump'
is invalid in C99 [-Wimplicit-function-declaration]
Guy Harris [Tue, 3 Aug 2021 19:58:34 +0000 (12:58 -0700)]
configure: special-case macOS /usr/bin/pcap-config as we do in CMake.
macOS's /usr/bin/pcap-config is incorrectly generated - pcap-config
--cflags includes -I/usr/local/include and pcap-config --libs includes
-L/usr/local/lib, even though it's the pcap-config file for the libpcap
that comes with the OS and should omit those.
Denis Ovsienko [Tue, 3 Aug 2021 17:23:13 +0000 (18:23 +0100)]
Define PRINTFLIKE_FUNCPTR() exactly for XL C. [skip appveyor]
XL C full version consists of 4 numbers. Introduce an additional macro
for testing the two least significant numbers. Using the fix lists
published by IBM, tell XL C 16.1 that has the bug interpreting the
__format__ attribute of a function pointer from XL C 16.1 that has not.
Rejig the #if block to make it easier to follow.
CMake: Add a way to request -Werror and equivalents.
As it turns out, most FreeBSD/CMake tcpdump builds were emitting some
warnings. This was difficult to notice because make returned success
regardless of the warnings because the compiler never received -Werror
because there was no way to tell CMake to append any compiler flags at
the build time, but not at the buildsystem generation time. In other
words, the command "make CFLAGS=-Werror" had the same effect as just
"make".
Implement the desired behaviour with "cmake -DEXTRA_CFLAGS='xyz'" and
set the variable in build.sh when and as required. Reword the comment
for clarity and define two known exemptions.
Cirrus CI: Fixup the previous commit. [skip appveyor]
Failed to start an instance: [...]
Number of vCPUs should be multiple of 2 if greater than 2, while 3.0 is
requested. Memory size for 3.0 vCPU instance should be between 2816MiB
and 19968MiB, while 2048MiB is requested.
...because the former uses PRINTFLIKE_FUNCPTR(). However, it didn't
have the #include. However, the problem was not visible because most
files that included netdissect.h also included (directly or through
another header) funcattrs.h beforehand. The only exceptions were the
following two files, which apparently have not been compiled anywhere
for a long time:
In file included from missing/strdup.c:38:
./netdissect.h:254:8: error: expected ':', ',', ';', '}' or
'__attribute__' before 'PRINTFLIKE_FUNCPTR'
In file included from missing/snprintf.c:45:
./netdissect.h:254:8: error: expected ':', ',', ';', '}' or
'__attribute__' before 'PRINTFLIKE_FUNCPTR'
Add the missing #include to netdissect.h to eliminate this space for
failure.
projects / tcpdump / log
