From mcerha@mcerha-dsl2.cisco.com Thu Oct 19 21:43:43 2000 Return-Path: Received: from mcerha-dsl2.cisco.com (sj-isp-nat-pool-34.cisco.com [204.69.198.34]) by hub.freebsd.org (Postfix) with ESMTP id 9BDF237B4D7 for ; Thu, 19 Oct 2000 21:43:42 -0700 (PDT) Received: (from mcerha@localhost) by mcerha-dsl2.cisco.com (8.11.0/8.11.0) id e9K4hXk58824; Thu, 19 Oct 2000 23:43:33 -0500 (CDT) (envelope-from mcerha) Message-Id: <200010200443.e9K4hXk58824@mcerha-dsl2.cisco.com> Date: Thu, 19 Oct 2000 23:43:33 -0500 (CDT) From: Matthew Cerha Reply-To: mcerha@mcerha-dsl2.cisco.com To: FreeBSD-gnats-submit@freebsd.org Subject: tcpdump not handling X-Send-Pr-Version: 3.2 >Number: 22138 >Category: bin >Synopsis: tcpdump not handling -v option correctly >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Oct 19 21:50:01 PDT 2000 >Closed-Date: Thu Aug 9 00:20:07 PDT 2001 >Last-Modified: Thu Aug 09 00:28:39 PDT 2001 >Originator: Matthew Cerha >Release: FreeBSD 4.1-STABLE i386 >Organization: CharlieFox Consulting >Environment: FreeBSD mcerha-dsl2.cisco.com 4.1-STABLE FreeBSD 4.1-STABLE #0: Thu Sep 21 22:24:06 CDT 2000 mcerha@super.freak.net:/usr/obj/cvs/FreeBSD/4.x/src/sys/SMP i386 >Description: It appears that tcpdump does not properly interpret the -v (verbose) option for TCP packet decodes. There appears to be a flaw in the flow control. In src/contrib/tcpdump/print-tcp.c: 497 if (!qflag && vflag && length > 0 498 && (sport == TELNET_PORT || dport == TELNET_PORT)) 499 telnet_print(bp, length); 500 else if (sport == BGP_PORT || dport == BGP_PORT) 501 bgp_print(bp, length); 502 else if (sport == NETBIOS_SSN_PORT || dport == NETBIOS_SSN_PORT) 503 nbt_tcp_print(bp, length); 504 return; The first section doesn't make sense. The sport and dport clauses should be grouped together and not with the flag clause. PS Jerry found this bug. I'm just trying to report it :) >How-To-Repeat: Just run tcpdump -v. >Fix: Apply the diff to src/contrib/tcpdump/print-tcp.c. 497,498c497,498 A < if (!qflag && vflag && length > 0) { < if (sport == TELNET_PORT || dport == TELNET_PORT) --- > if (!qflag && vflag && length > 0 > && (sport == TELNET_PORT || dport == TELNET_PORT)) 504d503 < } >Release-Note: >Audit-Trail: State-Changed-From-To: open->closed State-Changed-By: jkoshy State-Changed-When: Thu Aug 9 00:20:07 PDT 2001 State-Changed-Why: Fixed by the import of tcpdump v3.6.2 code (rev 1.1.1.5 in -current, and merged to stable on 2001/07/26). http://www.FreeBSD.org/cgi/query-pr.cgi?pr=22138 >Unformatted: