Hi folks
I am using print-bgp.c from the 3.6.2 tar in an older version of
tcpdump on FreeBSD 2.2; just the particular file alone. There is this
line in print_bgp() that is a bug, IMHO (line number given,
surrounding two lines for context).
/* found BGP header */
762: TCHECK2(p[0], sizeof(bgp)); /*XXX*/
memcpy(&bgp, p, sizeof(bgp));
struct bgp is a 19-byte structure and the compiler (gcc version
2.7.2.1) makes this into a 20 byte structure for alignment. When
TCHECK2 is done it calculates sizeof(bgp) as 20 and thus fails this
test. IMHO, the check should have been
TCHECK2(p[0], BGP_SIZE)
Maybe there is some option in the 3.6.2 Makefile that takes care of
this but I am not using that Makefile, so if I am wrong, I apologize
in advance. But it is still not a good idea to do the check as in
3.6.2. I also checked in the tar files from the CVS that is on the
webpage and they also do the same check. Is there a reason for the
check done this way? The result of this is that tcpdump always ends up
in the trunc section and doesnt print any packet information. I find
that other functions also do the same check
(TCHECK2(dat[0], sizeof(bgpo)) in bgp_open_print, etc) that are likely
to fail for the same reason. Thanks in advance for any info to fix
this.
Kaarthik
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
