Fixes a segfault (in tcpdump.c:default_print) when a printing a raw
packet of family AF_LINK with an unknown ether_type with
MALLOC_OPTIONS=S. The original version would print 4-bytes of d0 and
occasionally segfault.
With this change, default_print() receives a caplen that is reduced by
NULL_HDRLEN (4-bytes) which offsets the value that the p pointer has
been incremented by earlier. This behaviour matches the other
default_print call later in the function.
Index: print-null.c
===================================================================
RCS file: /cvs/src/usr.sbin/tcpdump/print-null.c,v
retrieving revision 1.21
diff -u -p -r1.21 print-null.c
--- print-null.c 16 Jan 2015 06:40:21 -0000 1.21
+++ print-null.c 5 Nov 2015 02:05:00 -0000
@@ -179,7 +179,7 @@ null_if_print(u_char *user, const struct
etherproto_string(htons(extracted_ethertype)));
}
if (!xflag && !qflag)
- default_print(p, caplen);
+ default_print(p, caplen - NULL_HDRLEN);
}
} else if (ether_encap_print(ether_type, p, length,
caplen) == 0) {
@@ -188,7 +188,7 @@ null_if_print(u_char *user, const struct
ether_print((u_char *)ep, length +
sizeof(*ep));
if (!xflag && !qflag)
- default_print(p, caplen);
+ default_print(p, caplen - NULL_HDRLEN);
}
break;
#endif /* __OpenBSD__ */
