| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
This avoids potential and, in one case (SIMH), actual collisions with
names in other libraries or in applications using libpcap.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change should avoid these cppcheck warnings:
pcap-hurd.c:77:18: warning: 'p->buffer' is of type 'void *'. When using
void pointers in calculations, the behaviour is undefined.
[arithOperationsOnVoidPointer]
pkt = p->buffer + offsetof(struct net_rcv_msg, packet)
^
pcap-hurd.c:78:8: warning: 'p->buffer+offsetof(struct net_rcv_msg,packet)'
is of type 'void *'. When using void pointers in calculations, the
behaviour is undefined. [arithOperationsOnVoidPointer]
+ sizeof(struct packet_header) - ETH_HLEN;
^
pcap-hurd.c:79:25: warning: 'p->buffer' is of type 'void *'. When using
void pointers in calculations, the behaviour is undefined.
[arithOperationsOnVoidPointer]
memmove(pkt, p->buffer + offsetof(struct net_rcv_msg, header),
^
Remove some '(u_char *)' casts accordingly.
|
| |
|
|
| |
If there's no more information to provide, provide an empty string.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide a suggestion for PCAP_ERROR_PERM_DENIED and
PCAP_ERROR_PROMISC_PERM_DENIED; the suggestion may be nothing more than
"you might require root permission", but at least it's something.
Note also what we were trying to do, to indicate that the problem might
be that you need root permission to set promiscuous mode even if you
don't need it to capture, or that you need CAP_NET_ADMIN permission to
change the time stamp mode of an adapter on Linux even though you don't
need it to capture. (The latter was done as per the discussion in issue
and that triggered the same double-free bug that failing to set up the
memory-mapped ring buffer caused in issue #1054.)
|
| |
|
|
| |
[skip ci]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sizeof operator and alignof macro can be given a type "name" that's
anonymous, e.g. sizeof(struct { int a; char *b; }). Have
pcap_create_common() and pcap_open_offline_common() take, as arguments,
the total size of a structure containing both the pcap_t and the private
data as members, and the offset of the private data in that structure,
and define macros that calculate those given, as an argument, the data
type of the private data.
This avoids making assumptions about the alignment of those two items
within the structure; that *might* fix GitHub issue #940 if the issue is
that the ARM compiler being used does 16-byte alignment of the private
structure, rather than the 8-byte alignment we were wiring in.
|
| |
|
|
| |
[skip ci]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of them are locale-dependent, and all of them run the risk of
failing if you hand them a char with the 8th bit set.
Define our own locale-independent macros that can be handed any integral
value.
Don't include <ctype.h>.
This should address the issue in GitHub pull request #839, and should
also catch any (highly unlikely) cases in which something other than
Boring Old Space And Tab and, sometimes, CR and LF are treated as white
space. (No, we don't want FF or VT treated as white space.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Require Visual Studio 2015 or later; fail if we don't have it, and
remove checks for older versions.
That means we have C99-compliant snprintf() and vsnprintf(); require
them when configuring for UN*X, and then use them directly, rather than
having wrappers for systems lacking them.
If we're using MSVC, skip the tests for options to request C99
compatibility - either we have VS 2015, which is sufficient, or we
don't, in which case we fail.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We now depend on the *full* semantics of those routines, including the
return value being usable for truncation checks.
If we're building for a UN*X that has them, define pcap_strl{cpy,cat} to
be strl{cpy,cat}.
If we're building for Windows using MSVC, define pcap_strl{cpy,cat}, not
strl{cpy,cat}.
Otherwise, build our won versions of pcap_strl{cpy,cat} from BSD-derived
source code.
|
| | |
|
| |
|
|
|
|
| |
It's in C90 (and I think it was in C89); if you don't have it, you have
an environment that's too old, especially given that we require a
C99-capable compiler on UN*X.
|
| | |
|
| |
|
|
|
| |
This lets us make it a static function - or eliminate it entirely for
pcap-null.c.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We add:
PCAP_IF_WIRELESS, which indicates whether the interface is "wireless" or
not.
PCAP_IF_CONNECTION_STATUS, which is a bitmask for a two-bit field that
can have one of the values:
PCAP_IF_CONNECTION_STATUS_UNKNOWN if the status of whether the interface
is "connected" or "disconnected" is unknown;
PCAP_IF_CONNECTION_STATUS_CONNECTED if the interface is "connected";
PCAP_IF_CONNECTION_STATUS_DISCONNECTED if the interface is
"disconnected";
PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE if the notion of "connected" or
"disconnected" doesn't apply to this interface.
Take that into account when sorting interfaces in the interface list,
penalizing "disconnected" interfaces, as you won't see traffic on them
if they're not wireless and you'd have to be in some form of "monitor
mode" to see traffic on them if they're wireless.
This should address GitHub issue #700.
|
| |
|
|
|
|
|
|
|
| |
Rather than rolling our own autoconf macros to test for the existence of
data types and structure members, use AC_CHECK_TYPES and
AC_CHECK_MEMBERS.
That cleans the configure script code up a bit, and makes it a bit more
like the CMakeLists.txt file.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
That routine will use strerror_s() or strerror_r() if available, in a
fashion that's thread-safe. Otherwise, it falls back on
pcap_strerror().
Use it in both libpcap and rpcapd.
Given that we check for errors in strerror_r(), hopefully this will
squelch warnings with newer version of GCC and GNU libc; whilst the
macOS (and other BSD-flavored?) strerror_r() always fills in a message,
that's not required by the Single UNIX Specification, as far as I can
tell, so we apparently really *do* need to check for errors.
|
| |
|
|
| |
We can get the project version from config.h, so do so.
|
| |
|
|
|
|
|
| |
Some OSes have a /dev/dlpi device, some have a /dev/dlpi directory, and
some have neither. Explicitly check the OS at compile time.
Clean up cmakeconfig.h.in while we're at it.
|
| |
|
|
|
|
|
|
| |
This lets us move the Windows version to pcap-win32.c, so we don't have
to include packet32.h in pcap.c.
It also gets rid of some #ifdefs, and lets us construct the version
string on UN*X platforms, and MS-DOS, at compile time.
|
| |
|
|
|
|
|
|
|
|
|
| |
Throw in some casts for comparisons, *and* make sure the values being
cast are within the range of the target type.
This means checking for a buffer returned by getmsg() having a length of
-1, which, according to the HP-UX getmsg() man page, means there isn't
any data for that buffer. Treat that as an error.
If something can have an unsigned int value, make it an unsigned int.
|
| |
|
|
|
|
|
|
| |
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also, initialize the snapshot length to 0, meaning "not specified", so
that the default snapshot length, if not specified, is also
module-dependent.
That way, D-Bus has a maximum and default of 128MB, as that's the
maximum message size, but other capture devices have the current
MAXIMUM_SNAPLEN, so we can handle full-size D-Bus messages without
advertising an overly-large snapshot length for other devices,
potentially causing libpcap and programs using it or reading libpcap
files to allocate overly-large buffers for other capture devices.
|
| |
|
|
|
| |
For example, on Linux, we add information about memory-mapped capture
support; see comments on GitHub issue #600.
|
| |
|
|
|
|
|
| |
It's not part of the API, but it's an internal structure used by the
findalldevs code. Currently, it just has a pointer to the beginning of
the list, but it could change in order to speed up the process of adding
to the list.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have a routine that unconditionally adds a device to the list of
devices, without bothering to check whether there's already a device
with that name, and a separate routine that does the check and, if it
doesn't find the device, calls the routine to add ti. That avoids
scanning the entire list in cases where we know the search will fail.
The only reasons for doing the check are that we're on a platform where
we find the list of interfaces by a call that returns a list of
*addresses*, with an interface name attached to each address, and
1) for each address, we need to make sure we don't already have
the interface, create it if we don't, and add the address to
the now-guaranteed-to-exist entry for the interface;
2) we might have to make a *separate* call to enumerate
interfaces, to find interfaces with *no* addresses, and that
call also enumerates the ones that *do* have addresses, and
we don't want to create a duplicate entry for them.
Change some findalldevs helper routines to have "dev" rather than "if"
in the name, as not all devices are regular network interfaces.
For the DAG findalldevs routine, make sure it always provides an error
message if it fails.
We don't need add_addr_to_iflist() or get_if_description() on Windows,
so don't define them on Windows.
Update comments to reflect reality.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
This makes the code more thread-safe.
|
| |
|
|
| |
This makes the code more thread-safe, and squelches a warning.
|
| | |
|
| |
|
|
|
| |
So pass it the interface name, and use the name passed to it rather than
the name in the pcap_t - which hasn't yet been set at that point.
|
| |
|
|
|
|
|
| |
Instead, have pcap_create() do so.
Also have pcap_create() on Windows handle converting a little-endian
UCS-2/UTF-16 string to ASCII.
|
| |
|
|
|
|
|
| |
For local captures, it's jut the device. If we add remote capture
support, we'll be handed a URL, and will split the URL into multiple
components, and will store the various components in the opt structure,
with the path of the URL being opt.device.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(Git's annoying policy of expecting a short one-line description of every
change means that the first line isn't very explanatory.)
Make pcap_findalldevs_interfaces() take as an argument a function that's
used to check whether an interface can be captured on or not, rather
than doing the check by trying to open the device for capturing.
This lets pcap_findalldevs() find interfaces even if you don't have
permission to capture on them; that way, instead of users saying "why
isn't {tcpdump -D, tshark -D, dumpcap -D, Wireshark, etc.} showing me
any interfaces?", they'll say "why am I getting a 'you don't have
permissions' error when I try to capture on this interface?", which is a
better description of the underlying problem.
On some platforms, it also avoids a bunch of extra work when getting a
list of interfaces.
|
| |
|
|
|
|
|
|
| |
Have pcap_findalldevs() call it to find *all* the local interfaces.
pcap_platform_finddevs() might call pcap_findalldevs_interfaces() or
might do the work itself.
Further work to come.
|
| |
|
|
|
|
|
|
|
|
|
| |
On UN*Xes with snprintf(), we just #define pcap_snprintf to snprintf.
On UN*Xes without snprintf(), we provide our own, but call it
pcap_snprintf().
On Windows, we have a routine that wraps _snprintf(), with C99 semantics
(ensuring null termination if the string won't fit), called
pcap_snprintf(), and use that.
|
| |
|
|
|
|
|
|
|
|
|
| |
Yes, in some sense, it's an array of bytes - on modern processors, *all*
data is ultimately an array of bytes - but different modules will use it
in different ways, not all of which will be an undifferentiated array of
bytes.
This squelches a complaint from the Clang static analyzer.
Clean up some code while we're at it.
|
| | |
|
| |
|
|
|
|
| |
This makes the code a bit clearer, as you don't have to worry about the
status variable accidentally being set to an inappropriate value,
overriding a warning that's been put there.
|
| |
|
|
|
| |
If we've set status to a PCAP_WARNING_ value, don't use it to store the
return value of any function afterwards.
|
| |
|
|
|
|
| |
Initialize the status variable to "no error or warning" (0); set it for
all error or warning conditions. Return that variable if we haven't
failed.
|
| |
|
|
|
|
|
|
|
| |
This fixes some cases where it wasn't being set properly or at all, and
also means that, as it's not being set initially, compilers that do any
dataflow analysis and report uninitialized variables, and static
analyzers, should report cases where we aren't setting variables correctly.
See GH #352.
|
| |
|
|
|
|
| |
This change removes CVS keywords that express that the file belongs to
libpcap repository. All such keywords represented the revision and
timestamp by the end of 2008 or even older.
|
| |
|
|
|
| |
"private" is a C++ keyword; rename the "private" member of a pcap_t to
"priv" to avoid that, as per Gisle Vanem's suggestion.
|
| |
|
|
| |
In "immediate mode", packets are delivered as soon as they arrive.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Put the private data right after the pcap_t structure, with a pointer to
it in the pcap_t.
The initial goal is to allow new pcap modules to be added without having
to hack pcap-int.h.
In the longer term, we may want to freeze the pcap_t structure, except
possibly for adding new method pointers at the end, and provide an ABI
for adding modules.
We also put the stuff used by the read path at the beginning of the
pcap_t structure, to try to keep it on the same set of cache lines.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have a table of routines to do pcap_create() for devices that aren't
regular network interfaces. Try each of those in succession until one
says "it's mine" (whether it succeeds or fails); if none do, do a
pcap_create() for a regular interface.
Have those routines do more stringent tests of the name - don't just
accept any name that has a particular substring anywhere in it. That
reduces the likelihood of a false match (as happened with the CANbus
module when somebody renamed their Ethernet interface "canopy").
Have the table also include routines for pcap_findalldevs().
|
