Date: Wed, 2 Mar 2011 16:57:18 -0600 From: Brandon Gooch <jamesbrandongooch@gmail.com> To: Wesley Shields <wxs@freebsd.org> Cc: Bruce Cran <bruce@cran.org.uk>, freebsd-net@freebsd.org, Rui Paulo <rpaulo@freebsd.org> Subject: Re: Interface descriptions via pcap broken Message-ID: <AANLkTi=WJSronjjNhBvR0k7iN=ZcAjTAV%2BR23rT_1127@mail.gmail.com> In-Reply-To: <20110302215258.GA48643@atarininja.org> References: <1298961441.2888.2.camel@core.nessbank> <AANLkTik_JxT4G7SBsqEZYFvVDFJUFxzhmHaYj%2BrAN9P6@mail.gmail.com> <20110302194540.0000018f@unknown> <20110302215258.GA48643@atarininja.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Wed, Mar 2, 2011 at 3:52 PM, Wesley Shields <wxs@freebsd.org> wrote: > On Wed, Mar 02, 2011 at 07:45:40PM +0000, Bruce Cran wrote: >> On Wed, 2 Mar 2011 13:40:57 -0600 >> Brandon Gooch <jamesbrandongooch@gmail.com> wrote: >> >> > BTW, if you give your devices descriptions, libpcap >> > starts to behave again; this could be a clue to the source of the bug >> > :/ >> >> 0xa5 is the malloc fill pattern when debugging is enabled, and >> having recently reinstalled FreeBSD I forgot to create the malloc.conf >> symlink. So something's reading from uninitialized memory. > > Does commit c65292b04b98d6a76d58c5a54ca8f81463bf24de in the libpcap git > tree look like it could help? I haven't checked in detail but I think it > might have never made it into a release yet? > > https://github.com/mcr/libpcap/commit/c65292b04b98d6a76d58c5a54ca8f81463bf24de > > -- WXS I applied the patch attached (diff'd against the code from the github link above), rebuilt libpcap and wireshark, and the problem described no longer exists. Thanks for looking at this wxs@! -Brandon [-- Attachment #2 --] --- contrib/libpcap/inet.c.orig 2011-02-01 23:57:32.000000000 -0600 +++ contrib/libpcap/inet.c 2011-03-02 16:24:34.000000000 -0600 @@ -431,26 +431,54 @@ strlcpy(ifrdesc.ifr_name, name, sizeof ifrdesc.ifr_name); s = socket(AF_INET, SOCK_DGRAM, 0); if (s >= 0) { +#ifdef __FreeBSD__ + /* + * On FreeBSD, if the buffer isn't big enough for the + * description, the ioctl succeeds, but the description + * isn't copied, ifr_buffer.length is set to the description + * length, and ifr_buffer.buffer is set to NULL. + */ for (;;) { free(description); if ((description = malloc(descrlen)) != NULL) { -#ifdef __FreeBSD__ ifrdesc.ifr_buffer.buffer = description; ifrdesc.ifr_buffer.length = descrlen; -#else /* __FreeBSD__ */ - ifrdesc.ifr_data = (caddr_t)description; -#endif /* __FreeBSD__ */ - if (ioctl(s, SIOCGIFDESCR, &ifrdesc) == 0) - break; -#ifdef __FreeBSD__ - else if (errno == ENAMETOOLONG) - descrlen = ifrdesc.ifr_buffer.length; -#endif /* __FreeBSD__ */ - else + if (ioctl(s, SIOCGIFDESCR, &ifrdesc) == 0) { + if (ifrdesc.ifr_buffer.buffer == + description) + break; + else + descrlen = ifrdesc.ifr_buffer.length; + } else { + /* + * Failed to get interface description. + */ + free(description); + description = NULL; break; + } } else break; } +#else /* __FreeBSD__ */ + /* + * The only other OS that currently supports + * SIOCGIFDESCR is OpenBSD, and it has no way + * to get the description length - it's clamped + * to a maximum of IFDESCRSIZE. + */ + if ((description = malloc(descrlen)) != NULL) { + ifrdesc.ifr_data = (caddr_t)description; + if (ioctl(s, SIOCGIFDESCR, &ifrdesc) != 0) { + /* + * Failed to get interface description. + */ + free(description); + description = NULL; + } + } else + break; +#endif /* __FreeBSD__ */ close(s); if (description != NULL && strlen(description) == 0) { free(description);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=WJSronjjNhBvR0k7iN=ZcAjTAV%2BR23rT_1127>