Merge branch '4.3' into Bug_#418_2nd_packet_no_delay

* 4.3: (22 commits) Bug #418 don't ignore 2nd packet timing Bug #411 allow TAP on all platforms Bug #174 ensure --with-testnic does not affect replay Bug #406 change packet length to network order Bug #413 fix manpage typos Bug #485 Heap overflow fixed in #484 Enhancement_#482 update CHANGELOG/CREDITS Enhancement_#482 test Makefile merge error fixup Enhancement_#482 test Makefile cleanup Bug #489 free after memcpy Bug #488 heap overflow csum replace4 (#496) Bug #486 CVE-2018-17974 realloc memory if packet size increases (#492) Enhancement #493 - fixes for Codacy identified issues Bug #486 Enforce max snaplen rather than doing realloc Bug #486 CVE-2018-17974 realloc memory if packet size increases Bug #484 CVE-2018-17582 Check for corrupt PCAP files 4.3 - revert travis updates from merge Simplify plugin Makefiles allow out-of-tree build Remove dead code ...
appneta · Oct 22, 2018 · 5a15050 · 5a15050
2 parents f4ed4bd + a5f7532
commit 5a15050
Show file tree

Hide file tree

Showing 69 changed files with 995 additions and 805 deletions.
diff --git a/README.md b/README.md
@@ -2,7 +2,6 @@ Tcpreplay
 =========
 [![Build Status](https://travis-ci.org/appneta/tcpreplay.svg?branch=master)](https://travis-ci.org/appneta/tcpreplay)
 [![Coverity Scan Build Status](https://scan.coverity.com/projects/12017/badge.svg)](https://scan.coverity.com/projects/12017)
-[![Code Climate](https://codeclimate.com/github/appneta/tcpreplay.png)](https://codeclimate.com/github/appneta/tcpreplay)
 [![Codacy Badge](https://api.codacy.com/project/badge/Grade/0e49d208c69e440182ba21109ecaf31d)](https://www.codacy.com/app/fklassen/tcpreplay?utm_source=github.com&utm_medium=referral&utm_content=appneta/tcpreplay&utm_campaign=badger)
 [![Website](https://img.shields.io/website-up-down-green-red/http/shields.io.svg)](http://tcpreplay.appneta.com)
 

diff --git a/autogen.sh b/autogen.sh
@@ -1,4 +1,9 @@
 #!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
 rm -f config/config.guess config/config.sub config/ltmain.sh 2>/dev/null
 rm -f aclocal.m4 2>/dev/null
 aclocal  -I libopts/m4/

diff --git a/configure.ac b/configure.ac
@@ -4,7 +4,7 @@ dnl $Id$
 AC_PREREQ([2.69])
 
 dnl Set version info here!
-AC_INIT([tcpreplay],[4.3.0-beta1],
+AC_INIT([tcpreplay],[4.3.0-beta2],
     [https://github.com/appneta/tcpreplay/issues],
     [tcpreplay],
     [http://tcpreplay.sourceforge.net/])
@@ -544,6 +544,7 @@ AC_ARG_ENABLE(dynamic-link,
         AC_MSG_ERROR([Cannot specify both --enable-dynamic-link and --enable-static-link])
     fi
     ])
+
 if test $static_link = yes; then
     AC_DEFINE([ENABLE_STATIC_LINK], [1], [Use static libraries ( .a or .A.tbd )])
 else
@@ -587,10 +588,11 @@ AC_ARG_ENABLE([tuntap],
     linux*)
       AC_CHECK_HEADER([linux/if_tun.h], [have_tuntap=yes])
       ;;
-    freebsd*)
+    *)
       AC_CHECK_HEADER([net/if_tun.h], [have_tuntap=yes])
       ;;
   esac])
+
 if test $have_tuntap = yes ; then
     AC_DEFINE([HAVE_TUNTAP], [1],
             [Do we have TUNTAP device support?])
@@ -1760,38 +1762,71 @@ AC_ARG_WITH(testnic,
       nic2=$withval
       AC_MSG_RESULT([Using --with-testnic=$withval])],
     [
+case $host in
+    *-*-linux*)
+    nic1=eth0
+    nic2=eth0
+    ;;
+
+    *-*-solaris*)
+    nic1=hme0
+    nic2=hme0
+    ;;
+
+    *-*-sunos*)
+    nic1=hme0
+    nic2=hme0
+    ;;
+
+    *-apple-darwin*)
+    nic1=en0
+    nic2=en0
+    ;;
+
+    *-*-openbsd*)
+    nic1=xl0
+    nic2=xl0
+    ;;
+
+    *-*-freebsd*)
+    nic1=em0
+    nic2=em0
+    ;;
+
+    *-*-cygwin)
+    nic1=%0
+    nic2=%0
+    ;;
+
+    *)
+    AC_MSG_RESULT([$host is unknown!  Using first non-loopback interface])
+    nic1=%0
+    nic2=%0
+    ;;
+esac])
 
 dnl There's a bug in OS X which causes pcap_findalldevs() to make the wifi NIC to disassociate
 dnl so under OSX we disable the interface list feature
 disable_pcap_findalldevs=no
-
 osx_frameworks=no
 dnl these need to be dynamic based on OS
 case $host in
     *-*-linux*)
-    nic1=eth0
-    nic2=eth0
     AC_DEFINE([HAVE_LINUX], [1], [Building Linux])
     AC_MSG_RESULT(Linux)
     ;;
 
     *-*-solaris*)
-    nic1=hme0
-    nic2=hme0
     AC_DEFINE([HAVE_SOLARIS], [1], [Building Solaris])
     AC_MSG_RESULT(Solaris)
     ;;
 
     *-*-sunos*)
-    nic1=hme0
-    nic2=hme0
     AC_DEFINE([HAVE_SUNOS], [1], [Building SunOS])
     AC_MSG_RESULT(SunOS)
     ;;
 
     *-apple-darwin*)
-    nic1=en0
-    nic2=en0
     if test x$libpcap_version_096 = xno ; then
         disable_pcap_findalldevs=yes
     fi
@@ -1801,33 +1836,24 @@ case $host in
     ;;
 
     *-*-openbsd*)
-    nic1=xl0
-    nic2=xl0
     AC_DEFINE([HAVE_OPENBSD], [1], [Building Open BSD])
     AC_MSG_RESULT(OpenBSD)
     ;;
 
     *-*-freebsd*)
-    nic1=em0
-    nic2=em0
     AC_DEFINE([HAVE_FREEBSD], [1], [Building Free BSD])
     AC_MSG_RESULT(FreeBSD)
     ;;
 
     *-*-cygwin)
     AC_MSG_RESULT(Win32/Cygwin)
-    nic1=%0
-    nic2=%0
     AC_DEFINE([HAVE_CYGWIN], [1], [Building Cygwin])
     ;;
 
     *)
-    AC_MSG_RESULT([$host is unknown!  Using first non-loopback interface])
-    nic1=%0
-    nic2=%0
+    AC_MSG_RESULT([$host is unknown!])
     ;;
-esac])
-
+esac
 AM_CONDITIONAL([ENABLE_OSX_FRAMEWORKS], test "$osx_frameworks" = "yes")
 
 AC_ARG_WITH(testnic2,

diff --git a/docs/CHANGELOG b/docs/CHANGELOG
@@ -1,3 +1,17 @@
+10/18/2018 Version 4.3.0 beta2
+    - fix issues identifed by Codacy (#493)
+    - CVE-2018-18408 use-after-free in post_args (#489)
+    - CVE-2018-18407 heap-buffer-overflow csum_replace4 (#488)
+    - CVE-2018-17974 heap-buffer-overflow dlt_en10mb_encode (#486)
+    - CVE-2018-17580 heap-buffer-overflow fast_edit_packet (#485)
+    - CVE-2018-17582 heap-buffer-overflow in get_next_packet (#484)
+    - Out-of-tree build (#482)
+    - Fails to open tap0 on Zephyr (#411)
+    - CVE-2018-13112 heap-buffer-overflow in get_l2len (#477 dup #408)
+    - Respect 2nd packet timing (#418)
+    - manpage typos (#413)
+    - Fix replay when using --with-testnic (#178)
+
 01/18/2018 Version 4.3.0 beta1
     - Travis CI build fails due to new build images (#432)
     - Unable to build with libpcap 1.8.1 (#430)
@@ -51,7 +65,7 @@
     - Packet destortion --fuzz-seed option by Gabriel Ganne (#302)
     - Add --unique-ip-loops option to modify IPs every few loops (#296)
     - Netmap startup delay increase (#290)
-    - tcpcapinfo buffer overflow vulnerablily (#278)
+    - CVE-2017-6429 tcpcapinfo buffer overflow vulnerablily (#278)
     - Update git-clone instructions by Kyle McDonald (#277)
     - Allow fractions for --pps option (#270)
     - Print per-loop stats with --stats=0 (#269)

diff --git a/docs/CREDIT b/docs/CREDIT
@@ -58,7 +58,7 @@ Bojan Smojver <[email protected]>
 Stas Grabois <[email protected]>
     - For his efforts to add IPv6 support to tcpprep and the tcpedit engine
     - For adding IPv6 support to fragroute
-    
+
 Fred Klassen <[email protected]> - AppNeta 
     - New maintainer of Tcpreplay
     - Added netmap support for wire-rate performance on commodity hardware
@@ -78,3 +78,4 @@ Pedro Arthur Duarte [aka JEdi] <GitHub @pedroarthur>
 
 Gabriel Ganne <GitHub @GabrielGanne>
     - Data fuzz rewrite feature
+    - Out-of-tree build
diff --git a/src/Makefile.am b/src/Makefile.am
@@ -27,25 +27,25 @@ autoopts: tcpreplay_opts.c tcprewrite_opts.c tcpbridge_opts.c tcpliveplay_opts.c
 opts_list=-L tcpedit
 
 tcpprep.1: tcpprep_opts.def
-	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) tcpprep_opts.def
+	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) $<
 
 tcprewrite.1: tcprewrite_opts.def tcpedit/tcpedit_opts.def
-	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) tcprewrite_opts.def
+	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) $<
 
 tcpreplay-edit.1: tcpreplay_opts.def
-	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) -DTCPREPLAY_EDIT -DTCPREPLAY_EDIT_MAN tcpreplay_opts.def
+	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) -DTCPREPLAY_EDIT -DTCPREPLAY_EDIT_MAN $<
 
 tcpreplay.1: tcpreplay_opts.def
-	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) tcpreplay_opts.def
+	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) $<
 
 tcpbridge.1: tcpbridge_opts.def
-	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) tcpbridge_opts.def
+	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) $<
 
 tcpliveplay.1: tcpliveplay_opts.def 
-	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) tcpliveplay_opts.def
+	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) $<
 
 tcpcapinfo.1: tcpcapinfo_opts.def 
-	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) tcpcapinfo_opts.def
+	@AUTOGEN@ -T agman-cmd.tpl $(opts_list) $<
 
 man_MANS = tcpreplay.1 tcpprep.1 tcprewrite.1 tcpreplay-edit.1 tcpcapinfo.1
 EXTRA_DIST = tcpreplay.1 tcpprep.1 tcprewrite.1 tcpbridge.1 tcpreplay-edit.1 \
@@ -62,43 +62,43 @@ bin_PROGRAMS += tcpliveplay
 man_MANS += tcpliveplay.1
 endif
 
-tcpreplay_edit_CFLAGS = $(LIBOPTS_CFLAGS) -I.. -Itcpedit $(LNAV_CFLAGS) @LDNETINC@ -DTCPREPLAY -DTCPREPLAY_EDIT -DHAVE_CACHEFILE_SUPPORT
+tcpreplay_edit_CFLAGS = $(LIBOPTS_CFLAGS) -I$(srcdir)/.. -I$(srcdir)/tcpedit $(LNAV_CFLAGS) @LDNETINC@ -DTCPREPLAY -DTCPREPLAY_EDIT -DHAVE_CACHEFILE_SUPPORT
 tcpreplay_edit_LDADD = ./tcpedit/libtcpedit.a ./common/libcommon.a $(LIBSTRL) @LPCAPLIB@ @LDNETLIB@ $(LIBOPTS_LDADD)
 tcpreplay_edit_SOURCES = tcpreplay_edit_opts.c send_packets.c signal_handler.c tcpreplay.c tcpreplay_api.c replay.c
 tcpreplay_edit_OBJECTS: tcpreplay_opts.h
 tcpreplay_edit_opts.h: tcpreplay_edit_opts.c
 
 BUILT_SOURCES += tcpreplay_edit_opts.h
 tcpreplay_edit_opts.c: tcpreplay_opts.def
-	@AUTOGEN@ $(opts_list)  @NETMAPFLAGS@ -DTCPREPLAY_EDIT -b tcpreplay_edit_opts tcpreplay_opts.def
+	@AUTOGEN@ $(opts_list)  @NETMAPFLAGS@ -DTCPREPLAY_EDIT -b tcpreplay_edit_opts $<
 
-tcpreplay_CFLAGS = $(LIBOPTS_CFLAGS) -I.. $(LNAV_CFLAGS) @LDNETINC@ -DTCPREPLAY
+tcpreplay_CFLAGS = $(LIBOPTS_CFLAGS) -I$(srcdir)/.. $(LNAV_CFLAGS) @LDNETINC@ -DTCPREPLAY
 tcpreplay_SOURCES = tcpreplay_opts.c send_packets.c signal_handler.c tcpreplay.c tcpreplay_api.c replay.c
 tcpreplay_LDADD = ./common/libcommon.a $(LIBSTRL) @LPCAPLIB@ @LDNETLIB@ $(LIBOPTS_LDADD)
 tcpreplay_OBJECTS: tcpreplay_opts.h
 tcpreplay_opts.h: tcpreplay_opts.c
 
 BUILT_SOURCES += tcpreplay_opts.h
 tcpreplay_opts.c: tcpreplay_opts.def
-	@AUTOGEN@ $(opts_list) @NETMAPFLAGS@ tcpreplay_opts.def
+	@AUTOGEN@ $(opts_list) @NETMAPFLAGS@ $<
 
 if ENABLE_OSX_FRAMEWORKS
 tcpreplay_LDFLAGS = -framework CoreServices -framework Carbon
 tcpreplay_edit_LDFLAGS = -framework CoreServices -framework Carbon
 endif
 
-tcpliveplay_CFLAGS = $(LIBOPTS_CFLAGS) -I.. $(LNAV_CFLAGS) -DTCPREPLAY -DTCPLIVEPLAY
+tcpliveplay_CFLAGS = $(LIBOPTS_CFLAGS) -I$(srcdir)/.. $(LNAV_CFLAGS) -DTCPREPLAY -DTCPLIVEPLAY
 tcpliveplay_SOURCES = tcpliveplay_opts.c tcpliveplay.c
 tcpliveplay_LDADD = ./common/libcommon.a $(LIBSTRL) @LPCAPLIB@ @LDNETLIB@ $(LIBOPTS_LDADD)
 tcpliveplay_OBJECTS: tcpliveplay_opts.h
 tcpliveplay_opts.h: tcpliveplay_opts.c
 
 BUILT_SOURCES += tcpliveplay_opts.h
 tcpliveplay_opts.c: tcpliveplay_opts.def
-	@AUTOGEN@ $(opts_list) tcpliveplay_opts.def
+	@AUTOGEN@ $(opts_list) $<
 
 
-tcprewrite_CFLAGS = $(LIBOPTS_CFLAGS) -I.. -Itcpedit @LDNETINC@ $(LNAV_CFLAGS) -DTCPREWRITE -DHAVE_CACHEFILE_SUPPORT
+tcprewrite_CFLAGS = $(LIBOPTS_CFLAGS) -I$(srcdir)/.. -I$(srcdir)/tcpedit @LDNETINC@ $(LNAV_CFLAGS) -DTCPREWRITE -DHAVE_CACHEFILE_SUPPORT
 tcprewrite_LDADD = ./tcpedit/libtcpedit.a ./common/libcommon.a \
 	$(LIBSTRL) @LPCAPLIB@ $(LIBOPTS_LDADD) @DMALLOC_LIB@ \
 	$(LIBFRAGROUTE)
@@ -108,9 +108,9 @@ tcprewrite_opts.h: tcprewrite_opts.c
 
 BUILT_SOURCES += tcprewrite_opts.h
 tcprewrite_opts.c: tcprewrite_opts.def tcpedit/tcpedit_opts.def
-	@AUTOGEN@ $(opts_list) tcprewrite_opts.def
+	@AUTOGEN@ $(opts_list) $<
 
-tcpcapinfo_CFLAGS = $(LIBOPTS_CFLAGS) -I.. $(LNAV_CFLAGS) @LDNETINC@ -DTCPCAPINFO
+tcpcapinfo_CFLAGS = $(LIBOPTS_CFLAGS) -I$(srcdir)/.. $(LNAV_CFLAGS) @LDNETINC@ -DTCPCAPINFO
 tcpcapinfo_LDADD = ./common/libcommon.a \
     $(LIBSTRL) @LPCAPLIB@ $(LIBOPTS_LDADD) @DMALLOC_LIB@
 tcpcapinfo_SOURCES = tcpcapinfo_opts.c tcpcapinfo.c
@@ -119,9 +119,9 @@ tcpcapinfo_opts.h: tcpcapinfo_opts.c
 
 BUILT_SOURCES += tcpcapinfo_opts.h
 tcpcapinfo_opts.c: tcpcapinfo_opts.def
-	@AUTOGEN@ $(opts_list) tcpcapinfo_opts.def
+	@AUTOGEN@ $(opts_list) $<
 
-tcpprep_CFLAGS = $(LIBOPTS_CFLAGS) -I.. $(LNAV_CFLAGS) @LDNETINC@ -DTCPPREP
+tcpprep_CFLAGS = $(LIBOPTS_CFLAGS) -I$(srcdir)/.. $(LNAV_CFLAGS) @LDNETINC@ -DTCPPREP
 tcpprep_LDADD = ./common/libcommon.a \
     $(LIBSTRL) @LPCAPLIB@ $(LIBOPTS_LDADD) @DMALLOC_LIB@
 tcpprep_SOURCES = tcpprep_opts.c tcpprep.c tree.c tcpprep_api.c
@@ -130,9 +130,9 @@ tcpprep_opts.h: tcpprep_opts.c
 
 BUILT_SOURCES += tcpprep_opts.h
 tcpprep_opts.c: tcpprep_opts.def
-	@AUTOGEN@ tcpprep_opts.def
+	@AUTOGEN@ $<
 
-tcpbridge_CFLAGS = $(LIBOPTS_CFLAGS) -I.. -Itcpedit $(LNAV_CFLAGS) @LDNETINC@ -DTCPBRIDGE
+tcpbridge_CFLAGS = $(LIBOPTS_CFLAGS) -I$(srcdir)/.. -I$(srcdir)/tcpedit $(LNAV_CFLAGS) @LDNETINC@ -DTCPBRIDGE
 tcpbridge_LDADD = ./tcpedit/libtcpedit.a ./common/libcommon.a \
     $(LIBSTRL) @LPCAPLIB@ @LDNETLIB@ $(LIBOPTS_LDADD) @DMALLOC_LIB@
 if ENABLE_OSX_FRAMEWORKS
@@ -144,7 +144,7 @@ tcpbridge_opts.h: tcpbridge_opts.c
 
 BUILT_SOURCES += tcpbridge_opts.h
 tcpbridge_opts.c: tcpbridge_opts.def tcpedit/tcpedit_opts.def
-	@AUTOGEN@ $(opts_list) tcpbridge_opts.def
+	@AUTOGEN@ $(opts_list) $<
 
 noinst_HEADERS = tcpreplay.h tcpprep.h bridge.h defines.h tree.h tcpliveplay.h \
 		 send_packets.h signal_handler.h common.h tcpreplay_opts.h tcpliveplay_opts.h \

diff --git a/src/bridge.c b/src/bridge.c
@@ -339,7 +339,8 @@ live_callback(struct live_data_t *livedata, struct pcap_pkthdr *pkthdr,
 
         /* look for include or exclude CIDR match */
         if (livedata->options->xX.cidr != NULL) {
-            if (!process_xX_by_cidr_ipv4(livedata->options->xX.mode, livedata->options->xX.cidr, ip_hdr)) {
+            if (!ip_hdr ||
+                    !process_xX_by_cidr_ipv4(livedata->options->xX.mode, livedata->options->xX.cidr, ip_hdr)) {
                 dbg(2, "Skipping IPv4 packet due to CIDR match");
                 return (1);
             }

diff --git a/src/common/Makefile.am b/src/common/Makefile.am
@@ -25,7 +25,7 @@ if COMPILE_NETMAP
 libcommon_a_SOURCES += netmap.c
 endif
 
-AM_CFLAGS = -I.. -I../.. $(LNAV_CFLAGS) @LDNETINC@
+AM_CFLAGS = -I$(srcdir)/.. -I$(srcdir)/../.. $(LNAV_CFLAGS) @LDNETINC@
 
 if ! SYSTEM_STRLCPY
 libcommon_a_LIBADD = ../../lib/libstrl.a

diff --git a/src/common/cidr.c b/src/common/cidr.c
@@ -241,7 +241,7 @@ cidr2cidr(char *cidr)
             if (octets[count] > 255)
                 goto error;
 
-            snprintf(tempoctet, sizeof(octets[count]), "%d", octets[count]);
+            snprintf(tempoctet, sizeof(octets[count]), "%u", octets[count]);
             strcat(networkip, tempoctet);
             /* we don't want a '.' at the end of the last octet */
             if (count < 3)

diff --git a/src/common/flows.c b/src/common/flows.c
@@ -158,7 +158,6 @@ flow_entry_type_t flow_decode(flow_hash_table_t *fht, const struct pcap_pkthdr *
         const u_char *pktdata, const int datalink, const int expiry)
 {
     uint16_t ether_type = 0;
-    vlan_hdr_t *vlan_hdr;
     ipv4_hdr_t *ip_hdr = NULL;
     ipv6_hdr_t *ip6_hdr = NULL;
     tcp_hdr_t *tcp_hdr;
@@ -231,10 +230,11 @@ flow_entry_type_t flow_decode(flow_hash_table_t *fht, const struct pcap_pkthdr *
         if ((pktdata[3] & 0x80) == 0x80) {
             l2_len = ntohs(*((uint16_t*)&pktdata[4]));
             l2_len += 6;
-        } else
+        } else {
             l2_len = 4; /* no header extensions */
+        }
 
-        /* fall through */
+        /* no break */
     case DLT_EN10MB:
         /* set l2_len if we did not fell through */
         if (l2_len == 0)
@@ -246,7 +246,7 @@ flow_entry_type_t flow_decode(flow_hash_table_t *fht, const struct pcap_pkthdr *
         ether_type = ntohs(((eth_hdr_t*)(pktdata + l2_len))->ether_type);
 
         while (ether_type == ETHERTYPE_VLAN) {
-            vlan_hdr = (vlan_hdr_t *)(pktdata + l2_len);
+            vlan_hdr_t *vlan_hdr = (vlan_hdr_t *)(pktdata + l2_len);
             entry.vlan = vlan_hdr->vlan_priority_c_vid & htons(0xfff);
             ether_type = ntohs(vlan_hdr->vlan_len);
             l2_len += 4;