[tcpdump-workers] [libpcap]segmentation fault

Tue, 11 Sep 2001 08:27:37 -0700 

Helo,
While I was playing with libpcap-0.6.2 library, I noticed than when errbuf
function argument is set to NULL (for example in pcap_lookupdev), the
compiled program return
"segmentation fault". I know that errbuf must be set to char string to
avoid it, but it isn't nice when some absent-minded programmer
forget about it and see "segmentation fault"  message.
I attach tiny patch to improve the bug.


--
       Karol Kisielewski
  Warsaw University of Technology
http://home.elka.pw.edu.pl/~kkisiele

--- inet.c.orig Wed Sep 20 17:10:29 2000
+++ inet.c      Tue Sep 11 14:00:49 2001
@@ -98,8 +98,9 @@
        static char device[IF_NAMESIZE + 1];
 
        if (getifaddrs(&ifap) != 0) {
-               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                   "getifaddrs: %s", pcap_strerror(errno));
+               if(errbuf)
+                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                           "getifaddrs: %s", pcap_strerror(errno));
                return NULL;
        }
 
@@ -126,8 +127,9 @@
                }
        }
        if (mp == NULL) {
-               (void)strlcpy(errbuf, "no suitable device found",
-                   PCAP_ERRBUF_SIZE);
+               if(errbuf)
+                       (void)strlcpy(errbuf, "no suitable device found",
+                               PCAP_ERRBUF_SIZE);
 #ifdef HAVE_FREEIFADDRS
                freeifaddrs(ifap);
 #else
@@ -155,8 +157,9 @@
 
        fd = socket(AF_INET, SOCK_DGRAM, 0);
        if (fd < 0) {
-               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                   "socket: %s", pcap_strerror(errno));
+               if(errbuf)
+                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                           "socket: %s", pcap_strerror(errno));
                return (NULL);
        }
 
@@ -166,8 +169,9 @@
                buf = malloc (buf_size);
                if (buf == NULL) {
                        close (fd);
-                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                           "out of memory");
+                       if(errbuf)
+                               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                                   "out of memory");
                        return (NULL);
                }
 
@@ -177,8 +181,9 @@
                if (ioctl(fd, SIOCGIFCONF, (char *)&ifc) < 0
                    && errno != EINVAL) {
                        free (buf);
-                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                           "SIOCGIFCONF: %s", pcap_strerror(errno));
+                       if(errbuf)
+                               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                                   "SIOCGIFCONF: %s", pcap_strerror(errno));
                        (void)close(fd);
                        return (NULL);
                }
@@ -217,8 +222,9 @@
                if (ioctl(fd, SIOCGIFFLAGS, (char *)&ifr) < 0) {
                        if (errno == ENXIO)
                                continue;
-                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                           "SIOCGIFFLAGS: %.*s: %s",
+                       if(errbuf)
+                               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                                   "SIOCGIFFLAGS: %.*s: %s",
                            (int)sizeof(ifr.ifr_name), ifr.ifr_name,
                            pcap_strerror(errno));
                        (void)close(fd);
@@ -246,8 +252,9 @@
        }
        (void)close(fd);
        if (mp == NULL) {
-               (void)strlcpy(errbuf, "no suitable device found",
-                   PCAP_ERRBUF_SIZE);
+               if(errbuf)
+                       (void)strlcpy(errbuf, "no suitable device found",
+                           PCAP_ERRBUF_SIZE);
                free(buf);
                return (NULL);
        }
@@ -280,8 +287,9 @@
 
        fd = socket(AF_INET, SOCK_DGRAM, 0);
        if (fd < 0) {
-               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE, "socket: %s",
-                   pcap_strerror(errno));
+               if(errbuf)
+                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE, "socket: %s",
+                           pcap_strerror(errno));
                return (-1);
        }
        memset(&ifr, 0, sizeof(ifr));
@@ -292,12 +300,14 @@
        (void)strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
        if (ioctl(fd, SIOCGIFADDR, (char *)&ifr) < 0) {
                if (errno == EADDRNOTAVAIL) {
-                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                           "%s: no IPv4 address assigned", device);
+                       if(errbuf)
+                               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                                   "%s: no IPv4 address assigned", device);
                } else {
-                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                           "SIOCGIFADDR: %s: %s",
-                           device, pcap_strerror(errno));
+                       if(errbuf)
+                               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                                   "SIOCGIFADDR: %s: %s",
+                                   device, pcap_strerror(errno));
                }
                (void)close(fd);
                return (-1);
@@ -305,8 +315,9 @@
        sin = (struct sockaddr_in *)&ifr.ifr_addr;
        *netp = sin->sin_addr.s_addr;
        if (ioctl(fd, SIOCGIFNETMASK, (char *)&ifr) < 0) {
-               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                   "SIOCGIFNETMASK: %s: %s", device, pcap_strerror(errno));
+               if(errbuf)
+                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                           "SIOCGIFNETMASK: %s: %s", device, pcap_strerror(errno));
                (void)close(fd);
                return (-1);
        }
@@ -320,8 +331,9 @@
                else if (IN_CLASSC(*netp))
                        *maskp = IN_CLASSC_NET;
                else {
-                       (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                           "inet class for 0x%x unknown", *netp);
+                       if(errbuf)
+                               (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                                   "inet class for 0x%x unknown", *netp);
                        return (-1);
                }
        }
--- savefile.c.orig     Tue Sep 11 14:07:23 2001
+++ savefile.c  Tue Sep 11 14:08:42 2001
@@ -324,7 +324,8 @@
 
        p = (pcap_t *)malloc(sizeof(*p));
        if (p == NULL) {
-               strlcpy(errbuf, "out of swap", PCAP_ERRBUF_SIZE);
+               if(errbuf)
+                       strlcpy(errbuf, "out of swap", PCAP_ERRBUF_SIZE);
                return (NULL);
        }
 
@@ -339,22 +340,25 @@
        else {
                fp = fopen(fname, "r");
                if (fp == NULL) {
-                       snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", fname,
-                           pcap_strerror(errno));
+                       if(errbuf)
+                               snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", fname,
+                                   pcap_strerror(errno));
                        goto bad;
                }
        }
        if (fread((char *)&hdr, sizeof(hdr), 1, fp) != 1) {
-               snprintf(errbuf, PCAP_ERRBUF_SIZE, "fread: %s",
-                   pcap_strerror(errno));
+               if(errbuf)
+                       snprintf(errbuf, PCAP_ERRBUF_SIZE, "fread: %s",
+                           pcap_strerror(errno));
                goto bad;
        }
        magic = hdr.magic;
        if (magic != TCPDUMP_MAGIC && magic != PATCHED_TCPDUMP_MAGIC) {
                magic = SWAPLONG(magic);
                if (magic != TCPDUMP_MAGIC && magic != PATCHED_TCPDUMP_MAGIC) {
-                       snprintf(errbuf, PCAP_ERRBUF_SIZE,
-                           "bad dump file format");
+                       if(errbuf)
+                               snprintf(errbuf, PCAP_ERRBUF_SIZE,
+                                   "bad dump file format");
                        goto bad;
                }
                p->sf.swapped = 1;
@@ -371,7 +375,8 @@
        } else
                p->sf.hdrsize = sizeof(struct pcap_sf_pkthdr);
        if (hdr.version_major < PCAP_VERSION_MAJOR) {
-               snprintf(errbuf, PCAP_ERRBUF_SIZE, "archaic file format");
+               if(errbuf)
+                       snprintf(errbuf, PCAP_ERRBUF_SIZE, "archaic file format");
                goto bad;
        }
        p->tzoff = hdr.thiszone;
@@ -402,7 +407,8 @@
                p->bufsize = BPF_MAXBUFSIZE;
        p->sf.base = (u_char *)malloc(p->bufsize + BPF_ALIGNMENT);
        if (p->sf.base == NULL) {
-               strlcpy(errbuf, "out of swap", PCAP_ERRBUF_SIZE);
+               if(errbuf)
+                       strlcpy(errbuf, "out of swap", PCAP_ERRBUF_SIZE);
                goto bad;
        }
        p->buffer = p->sf.base + BPF_ALIGNMENT - (linklen % BPF_ALIGNMENT);

Reply via email to