From ae546052afad0d65f5bca4e1b0d8935472e149b8 Mon Sep 17 00:00:00 2001 From: "Alan T. DeKok" Date: Fri, 1 Oct 2010 15:35:28 +0200 Subject: [PATCH] Protect pcap_fopen calls Apparently not all versions of pcap have this --- configure | 141 ++++++++++++++++++++++++++++++++++++++++++++++++++++ configure.in | 9 ++++ src/main/radsniff.c | 12 +++++ 3 files changed, 162 insertions(+) diff --git a/configure b/configure index be6779b..cc2a64a 100755 --- a/configure +++ b/configure @@ -23494,6 +23494,147 @@ echo "$as_me: WARNING: pcap.h not found, silently disabling the RADIUS sniffer." fi + + { echo "$as_me:$LINENO: checking for pcap_fopen_offline in -lpcap" >&5 +echo $ECHO_N "checking for pcap_fopen_offline in -lpcap... $ECHO_C" >&6; } +if test "${ac_cv_lib_pcap_pcap_fopen_offline+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpcap $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pcap_fopen_offline (); +int +main () +{ +return pcap_fopen_offline (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_pcap_pcap_fopen_offline=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_pcap_pcap_fopen_offline=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_pcap_pcap_fopen_offline" >&5 +echo "${ECHO_T}$ac_cv_lib_pcap_pcap_fopen_offline" >&6; } +if test $ac_cv_lib_pcap_pcap_fopen_offline = yes; then + +cat >>confdefs.h <<\_ACEOF +#define HAVE_PCAP_FOPEN_OFFLINE 1 +_ACEOF + + +fi + + { echo "$as_me:$LINENO: checking for pcap_dump_fopen in -lpcap" >&5 +echo $ECHO_N "checking for pcap_dump_fopen in -lpcap... $ECHO_C" >&6; } +if test "${ac_cv_lib_pcap_pcap_dump_fopen+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpcap $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pcap_dump_fopen (); +int +main () +{ +return pcap_dump_fopen (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_pcap_pcap_dump_fopen=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_pcap_pcap_dump_fopen=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_pcap_pcap_dump_fopen" >&5 +echo "${ECHO_T}$ac_cv_lib_pcap_pcap_dump_fopen" >&6; } +if test $ac_cv_lib_pcap_pcap_dump_fopen = yes; then + +cat >>confdefs.h <<\_ACEOF +#define HAVE_PCAP_DUMP_FOPEN 1 +_ACEOF + + +fi + fi diff --git a/configure.in b/configure.in index 6cf97e4..7c9a3a1 100644 --- a/configure.in +++ b/configure.in @@ -716,6 +716,15 @@ else [ PCAP_LIBS= AC_MSG_WARN([pcap.h not found, silently disabling the RADIUS sniffer.]) ]) + + AC_CHECK_LIB(pcap, pcap_fopen_offline, + [ AC_DEFINE(HAVE_PCAP_FOPEN_OFFLINE, 1, + [Define to 1 if you have the function pcap_fopen_offline.]) + ]) + AC_CHECK_LIB(pcap, pcap_dump_fopen, + [ AC_DEFINE(HAVE_PCAP_DUMP_FOPEN, 1, + [Define to 1 if you have the function pcap_dump_fopen.]) + ]) fi AC_SUBST(PCAP_LIBS) diff --git a/src/main/radsniff.c b/src/main/radsniff.c index 8607c1c..935d2ce 100644 --- a/src/main/radsniff.c +++ b/src/main/radsniff.c @@ -406,6 +406,13 @@ int main(int argc, char *argv[]) */ if (filter_stdin && (filename || dump_file)) usage(1); +#ifndef HAVE_PCAP_FOPEN_OFFLINE + if (filter_stdin) { + fr_perror("-F is unsupported on this platform."); + return 1; + } +#endif + if (!pcap_filter) { pcap_filter = buffer; snprintf(buffer, sizeof(buffer), "udp port %d or %d", @@ -463,8 +470,10 @@ int main(int argc, char *argv[]) if (filename) { descr = pcap_open_offline(filename, errbuf); +#ifdef HAVE_PCAP_FOPEN_OFFLINE } else if (filter_stdin) { descr = pcap_fopen_offline(stdin, errbuf); +#endif } else if (!dev) { fprintf(stderr, "radsniff: No filename or device was specified.\n"); @@ -485,6 +494,8 @@ int main(int argc, char *argv[]) fprintf(stderr, "radsniff: Failed opening output file (%s)\n", pcap_geterr(descr)); exit(1); } + +#ifdef HAVE_PCAP_DUMP_FOPEN } else if (filter_stdin) { pcap_dumper = pcap_dump_fopen(descr, stdout); if (!pcap_dumper) { @@ -492,6 +503,7 @@ int main(int argc, char *argv[]) exit(1); } +#endif } /* Apply the rules */ -- 2.1.4