Kevin Reay <kevintreayopen...@gmail.com> writes:
> Fixes a segfault (in tcpdump.c:default_print) when a printing a raw
> packet of family AF_LINK with an unknown ether_type with
> MALLOC_OPTIONS=S. The original version would print 4-bytes of d0 and
> occasionally segfault.
>
> With this change, default_print() receives a caplen that is reduced by
> NULL_HDRLEN (4-bytes) which offsets the value that the p pointer has
> been incremented by earlier. This behaviour matches the other
> default_print call later in the function.
Committed, thanks.
> Index: print-null.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/tcpdump/print-null.c,v
> retrieving revision 1.21
> diff -u -p -r1.21 print-null.c
> --- print-null.c 16 Jan 2015 06:40:21 -0000 1.21
> +++ print-null.c 5 Nov 2015 02:05:00 -0000
> @@ -179,7 +179,7 @@ null_if_print(u_char *user, const struct
>
> etherproto_string(htons(extracted_ethertype)));
> }
> if (!xflag && !qflag)
> - default_print(p, caplen);
> + default_print(p, caplen - NULL_HDRLEN);
> }
> } else if (ether_encap_print(ether_type, p, length,
> caplen) == 0) {
> @@ -188,7 +188,7 @@ null_if_print(u_char *user, const struct
> ether_print((u_char *)ep, length +
> sizeof(*ep));
> if (!xflag && !qflag)
> - default_print(p, caplen);
> + default_print(p, caplen - NULL_HDRLEN);
> }
> break;
> #endif /* __OpenBSD__ */
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
