Francois-Xavier Le Bail [Sun, 31 Mar 2024 09:38:44 +0000 (11:38 +0200)]
NTP: Fix p_ntp_time_fmt() using epoch 1/epoch 2 convention (RFC 4330)
Moreover:
Update the error message, replace
"[Time is too large to fit into a time_t]"
by
"[timestamp overflow]".
Same as in ts_date_hmsfrac_print() and ts_unix_print().
Fix indentation.
Update 5 test outputs and processings, based on skip_time_t_not (64).
Denis Ovsienko [Mon, 20 Jan 2025 13:59:44 +0000 (13:59 +0000)]
Report invalid microseconds as "us", not "ms".
In timeval-operations.h for microseconds and nanoseconds define both the
maximum number of units per second and the string to use for reporting
an invalid value. Use the new macros in ts_frac_print() and update a
test.
For consistency in print-arista.c instead of MAX_VALID_NS and
BOGUS_NS_STR use the macros from timeval-operations.h.
Francois-Xavier Le Bail [Fri, 29 Mar 2024 11:26:30 +0000 (12:26 +0100)]
Fix incompatible pointer types with time functions calls on Windows
On Windows in a struct timestamp, tv_sec is a long not a 64-bit time_t.
The problem shows:
listening on \Device\NPF_Loopback, link-type NULL (BSD loopback),
snapshot length 262144 bytes
1 [localtime() or gmtime() couldn't convert the date and time].052255
IP 10.0.0.10 > 224.0.0.251: igmp v2 report 224.0.0.251
2 [localtime() or gmtime() couldn't convert the date and time].792000
IP 10.0.0.10.138 > 10.0.0.255.138: NBT UDP PACKET(138)
The warnings with clang-cl were:
util-print.c(253,18): warning: incompatible pointer types passing
'const long *' to parameter of type 'const time_t *'
(aka 'const long long *') [-Wincompatible-pointer-types]
253 | tm = localtime(&tv->tv_sec);
| ^~~~~~~~~~~
util-print.c(255,15): warning: incompatible pointer types passing
'const long *' to parameter of type 'const time_t *'
(aka 'const long long *') [-Wincompatible-pointer-types]
255 | tm = gmtime(&tv->tv_sec);
| ^~~~~~~~~~~
Francois-Xavier Le Bail [Sat, 22 Mar 2025 09:53:34 +0000 (10:53 +0100)]
DHCP: Fix printing IP address pairs options
'p' is used by the options Policy Filter (21) and Static Route (33).
They have a minimum length of 8 and the length MUST be a multiple of 8.
Check that.
Add a test file for option 33 (lengths: 8, 16, 24, 3, 0), build with
scapy.
Francois-Xavier Le Bail [Fri, 14 Mar 2025 22:36:01 +0000 (23:36 +0100)]
Autoconf: Use AC_SYS_YEAR2038_RECOMMENDED when possible
On Linux, if the environment variable BUILD_YEAR2038=yes, Autoconf
version >= 2.72 and GNU C Library version >= 2.34, uncomment
AC_SYS_YEAR2038_RECOMMENDED to ensure time_t is Y2038-safe.
Tested with: BUILD_YEAR2038=yes MATRIX_CMAKE=no ./build_matrix.sh
on linux-armv7l because currently CMake build don't have year 2038 support.
Francois-Xavier Le Bail [Sat, 8 Feb 2025 10:36:07 +0000 (11:36 +0100)]
DNS: Use ND_TCHECK_LEN() instead of a custom bounds check
This avoids an invalid-pointer-pair AddressSanitizer error.
Add a test file.
The error was:
reading from file ppp_ip_udp_dns.pcap, link-type PPP_SERIAL(PPP over
serial), snapshot length 2098998
=================================================================
==258093==ERROR: AddressSanitizer: invalid-pointer-pair: 0x61300000c086
0x61300000019e
#0 0x78274f in ns_rprint [...]/print-domain.c:728:9
Address 0x61300000c086 is a wild pointer inside of access range of size
0x000000000001.
0x61300000019e is located 0 bytes after 350-byte region
[0x613000000040,0x61300000019e)
allocated by thread T0 here:
#0 0x4b997e in malloc ([...]/tcpdump+0x4b997e)
#1 0x60220b in ppp_hdlc [...]/print-ppp.c:1367:16
SUMMARY: AddressSanitizer: invalid-pointer-pair
[...]/print-domain.c:728:9 in ns_rprint
Cirrus CI: Set LANG in coverity_task same as in linux_task
To avoid these warnings:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
(cherry picked from commit c226248a44756cc8899564498405f1adcdc69826)
Bill Fenner [Tue, 11 Oct 2022 20:10:46 +0000 (13:10 -0700)]
ISO: avoid undefined behavior and integer overflow in the fletcher checksum calculation
The fletcher checksum calculation would sometimes left-shift
a negative number, which is an undefined operation. Rework the
code to avoid this.
checksum.c:186:20: runtime error: left shift of negative value -36
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior checksum.c:186:20
Unlike some checksum routines that use the defined semantics of
2's-complement unsigned overflow to their advantage, this one
gets the wrong value if it is allowed to overflow, due to the
use of mod-255.
Convert c1 to uint64_t to avoid overflow.
checksum.c:163:16: runtime error: unsigned integer overflow: NNN + NNN
cannot be represented in type 'unsigned int'
Use integers during subtraction to avoid implicit conversion to unsigned
when calculating both x and y
checksum.c:172:18: runtime error: unsigned integer overflow: NNN - NNN
cannot be represented in type 'unsigned int'
checksum.c:172:9: runtime error: implicit conversion from type
'unsigned int' of value NNN (32-bit, unsigned) to type 'int' changed
the value to -NNN (32-bit, signed)
checksum.c:173:12: runtime error: unsigned integer overflow: NNN - NNN
cannot be represented in type 'unsigned int'
checksum.c:173:9: runtime error: implicit conversion from type
'unsigned int' of value NNN (32-bit, unsigned) to type 'int' changed
the value to -NNN (32-bit, signed)
Thus sizeof(*fsidp) is > 14.
Delete the else block as dead code and the two useless if.
This should remove two Visual Studio warnings:
parsenfsfh.c(318,25): warning C4127: conditional expression is constant
parsenfsfh.c(319,22): warning C4127: conditional expression is constant
Guy Harris [Sat, 4 Jan 2025 23:29:19 +0000 (15:29 -0800)]
tcpdump: show error message for PCAP_ERROR_CAPTURE_NOTSUP.
If an attempt to open a capture device failed because capturing isn't
supported on that device, check whether an error message with a further
explanation was provided and, if so, report it.
Francois-Xavier Le Bail [Fri, 3 Jan 2025 15:08:32 +0000 (16:08 +0100)]
IP: Use ND_TTEST_LEN() instead of a custom bounds check
This avoids an invalid-pointer-pair AddressSanitizer error with options
-fsanitize=address -fsanitize=pointer-compare
and
ASAN_OPTIONS=detect_invalid_pointer_pairs=1
The error was:
ip_printroute_asan : TEST FAILED[...]
0x60600000006a is located 14 bytes after 60-byte region
[0x606000000020,0x60600000005c)
allocated by thread T0 here:
#0 0x558ce1c5390e in malloc
(/home/cpe/soft-origin/tcpdump/my-tcpdump/tcpdump+0x1fd90e)
#1 0x558ce1efbba3 in pcap_check_header
/home/cpe/soft-origin/tcpdump/my-libpcap/sf-pcap.c:480:14
0x60600000005c is located 0 bytes after 60-byte region
[0x606000000020,0x60600000005c)
allocated by thread T0 here:
#0 0x558ce1c5390e in malloc
(/home/cpe/soft-origin/tcpdump/my-tcpdump/tcpdump+0x1fd90e)
#1 0x558ce1efbba3 in pcap_check_header
/home/cpe/soft-origin/tcpdump/my-libpcap/sf-pcap.c:480:14
SUMMARY: AddressSanitizer: invalid-pointer-pair
/home/cpe/soft-origin/tcpdump/my-tcpdump/print-ip.c:429:55 in ip_print
Francois-Xavier Le Bail [Sun, 22 Dec 2024 14:12:56 +0000 (15:12 +0100)]
Add sub-second packet timestamp checks for invalid micro/nano
Now prints e.g.:
2 17:16:10.1000000 (invalid ms) IP [...]
3 17:16:10.2147483648 (invalid ms) IP [...]
or
2 17:16:10.1000000000 (invalid ns) IP [...]
3 17:16:10.2147483648 (invalid ns) IP [...]
Denis Ovsienko [Tue, 31 Jan 2023 12:38:49 +0000 (12:38 +0000)]
Remove unused missing/snprintf.c. [skip ci]
The file could be compiled on demand using "make snprintf.o", although
with many warnings, but tcpdump build would never use the file
regardless of the variety of the build.
Some of the code there has been commented out since commit 45aef49 in
2001, and the rest became unused after commit 1ed63b5 in 2019.
Guy Harris [Tue, 10 Dec 2024 18:55:23 +0000 (10:55 -0800)]
autotools, CMake: fix issues with snprintf test and sanitizers.
Avoid trying to cast negative values to unsigned types, or doing shifts
of signed types, in order not to have the test program fail if we're
building with undefined-behavior sanitizers enabled.
See the-tcpdump-group/libpcap#1396 for the equivalent libpcap issue.
Guy Harris [Tue, 10 Dec 2024 04:35:24 +0000 (20:35 -0800)]
CMake: check whether check_c_source_runs() works.
That's the simplest way to check whether we can use
check_c_source_runs() to test for a suitable snprintf; it's easier than
trying to find out the target instruction set architecture and comparing
it with the host instruction set architecture, as CMake doesn't provide
any mechanism to provide the target instruction set architecture, on all
platforms, in a form that can be compared with the host instruction set
architecture, and even if the target is different, we may be able to run
code for that instruction set architecture if, for example, it's a
32-bit version of the instruction set architecture on which the build is
being done, or if there's a binary emulator.
Guy Harris [Fri, 20 Sep 2024 00:35:27 +0000 (17:35 -0700)]
cmake: treat building for another ISA as a cross-compile.
CMake appears to have the notion that a build is only a cross-compile if
the targt *operating system* is different. This is an incorrect notion,
as even if the target is the *same* OS but a different instruction set,
you may not be able to do tests that involve compiling and running a
program.
Check whether CMAKE_GENERATOR_PLATFORM is set and has a value different
from that of CMAKE_HOST_SYSTEM_PROCESSOR and, if that's the case, set
CMAKE_CROSSCOMPILING to TRUE.
This comes from libpcap, where the equivalent change fixed issue
the-tcpdump-group/libpcap#1352.
(A different strategy may be necessary for cross-builds with UNIX
toolchains.)
Denis Ovsienko [Wed, 27 Mar 2024 20:11:20 +0000 (20:11 +0000)]
Simplify the checks for snprintf().
Do not check that the function is just available: first, it is in C99,
so the check almost certainly is a waste of time; second, the source
requires the function unconditionally; third, the subsequent "snprintf()
is suitable" check implies the "snprintf() is available" part anyway.
Guy Harris [Sun, 15 Dec 2024 21:54:01 +0000 (13:54 -0800)]
CI: install coreutils with Homebrew on macOS. [skip appveyor]
We need it because we do an install of libpcap, including "make check",
and "make check" requires Homebrew's coreutils in order to get the
timeout command.
Guy Harris [Wed, 13 Nov 2024 07:30:01 +0000 (23:30 -0800)]
CMake: fix to support CMake 3.31.
Expand the "still support old versions of CMake, for the benefit of
people with older versions, but avoid deprecation warnings/errors"
section to handle the deprecation of pre-3.10 versions by 3.31.
Casper Andersson [Mon, 11 Mar 2024 17:49:47 +0000 (18:49 +0100)]
ptp: Add test for management packets
Test setup:
ip link add link vethA type veth peer name vethB
ip link set dev vethA up
ip link set dev vethB up
ptp4l -2 -P -S -i vethA &
tcpdump -i vethA 'ether[14] = 0xD' -w ptp_management.pcap &
Tcpdump filtering on only management packets (0xD) to skip capturing
other traffic that is already covered by other tests.
Sidenote: the management packets contains a TLV at the end and I
included 5 of them (out of the total ~50 listed in the
standard). Tcpdump currently does not print the TLV.
Casper Andersson [Mon, 11 Mar 2024 17:06:11 +0000 (18:06 +0100)]
ptp: Fix management packet fields
`bp` was modified inside the function but the change was not
reflected back outside, resulting in the fields afterwards accessing
the wrong part of the packet.
projects / tcpdump / log
