Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / tcpdump / 9a98642aa1ba8f1498e94db580908602ba012c9d^! / . / tcpdump.c
commit9a98642aa1ba8f1498e94db580908602ba012c9d[log] [tgz]
authorElliott Hughes <enh@google.com>Tue Dec 19 14:49:10 2017 -0800
committerElliott Hughes <enh@google.com>Tue Dec 19 14:49:10 2017 -0800
tree50f775e61bd2e27a2d87eb6b4cea8162e50a947f
parenta9b933680b81642b4498c2db1d91f7ea4982d7f6 [diff] [blame]
Upgrade to tcpdump 4.9.1.

From CHANGES:

  Sunday July 23, 2017 denis@ovsienko.info
  Summary for 4.9.1 tcpdump release
    CVE-2017-11108/Fix bounds checking for STP.
    Make assorted documentation updates and fix a few typos in tcpdump output.
    Fixup -C for file size >2GB (GH #488).
    Show AddressSanitizer presence in version output.
    Fix a bug in test scripts (exposed in GH #613).
    On FreeBSD adjust Capsicum capabilities for netmap.
    On Linux fix a use-after-free when the requested interface does not exist.

Bug: N/A
Test: ran manually
Change-Id: Id663a3770bc70c8b59e2579479437c7bc8f27fab

diff --git a/tcpdump.c b/tcpdump.c
index 73bf138..80aa282 100644
--- a/tcpdump.c
+++ b/tcpdump.c

@@ -130,7 +130,7 @@
 #endif
 
 static int Bflag;			/* buffer size */
-static int Cflag;			/* rotate dump files after this many bytes */
+static long Cflag;			/* rotate dump files after this many bytes */
 static int Cflag_count;			/* Keep track of which file number we're writing */
 static int Dflag;			/* list available devices and exit */
 /*
@@ -1046,9 +1046,9 @@
 			/*
 			 * Return an error for our caller to handle.
 			 */
-			pcap_close(pc);
 			snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s: %s\n(%s)",
 			    device, pcap_statustostr(status), cp);
+			pcap_close(pc);
 			return (NULL);
 		} else if (status == PCAP_ERROR_PERM_DENIED && *cp != '\0')
 			error("%s: %s\n(%s)", device,
@@ -1855,7 +1855,12 @@
 	if (RFileName == NULL && VFileName == NULL) {
 		static const unsigned long cmds[] = { BIOCGSTATS, BIOCROTZBUF };
 
-		cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
+		/*
+		 * The various libpcap devices use a combination of
+		 * read (bpf), ioctl (bpf, netmap), poll (netmap)
+		 * so we add the relevant access rights.
+		 */
+		cap_rights_init(&rights, CAP_IOCTL, CAP_READ, CAP_EVENT);
 		if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 &&
 		    errno != ENOSYS) {
 			error("unable to limit pcap descriptor");
@@ -2599,6 +2604,14 @@
 	smi_version_string = nd_smi_version_string();
 	if (smi_version_string != NULL)
 		(void)fprintf (stderr, "SMI-library: %s\n", smi_version_string);
+
+#if defined(__SANITIZE_ADDRESS__)
+	(void)fprintf (stderr, "Compiled with AddressSanitizer/GCC.\n");
+#elif defined(__has_feature)
+#  if __has_feature(address_sanitizer)
+	(void)fprintf (stderr, "Compiled with AddressSanitizer/CLang.\n");
+#  endif
+#endif /* __SANITIZE_ADDRESS__ or __has_feature */
 }
 USES_APPLE_RST