On Thu, Feb 23, 2023 at 11:00:12AM -0700, Theo de Raadt wrote:
> It should use vis(3), similar to this:
>
> print-pfsync.c: cp = vis(cp, clr->ifname[i], VIS_WHITE, 0);
Looking at print-pfsync.c since you mentioned it... I think this function
pfsync_print_clr() can be changed to fit CDP (and quite easily). I have a
nit though on this function itself:
218 printf("\n\tcreatorid: %08x", htonl(clr->creatorid));
219 if (clr->ifname[0] != '\0') {
220 /* Treat clr->ifname as untrusted input. */
221 for (i = 0; i < IFNAMSIZ && clr->ifname[i] != '\0'; i++)
222 cp = vis(cp, clr->ifname[i], VIS_WHITE, 0);
Shouldn't it be ntohl() instead of htonl()? I know one could use these
interchangibly once but that may not be the case on all architectures (?).
Best Regards,
-peter
> p...@delphinusdns.org wrote:
>
> > >Synopsis: tcpdump/print-cdp.c allows escape codes to be sent to terminal
> > >Category: system
> > >Environment:
> > System : OpenBSD 7.2
> > Details : OpenBSD 7.2 (GENERIC.MP) #2: Thu Nov 24 23:53:03 MST 2022
> >
> > r...@syspatch-72-arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
> >
> > Architecture: OpenBSD.arm64
> > Machine : arm64
> > >Description:
> > While trying to disturb tcpdump for the last few days (see earlier posts
> > to bugs@), I came across tcpdump's CDP protocol. I was able to change the
> > terminal colour of my tcpdump with a specially crafted packet (see earlier
> > posts too). CDP does no filtering of what gets send and outputs everything
> > from the
> > wire like so:
> >
> > 84 switch(type) {
> > 85 case 0x01:
> > 86 printf(" DevID '%.*s'", len - 4, p + i + 4);
> > 87 break;
> >
> > >How-To-Repeat:
> > code-reading.
> > >Fix:
> > for (x = 0; x < len - 4; x++) {
> > printf("%c", isprint(*(p + i + x + 4)) ? *(p + i + x + 4) :
> > '.');
> > }
> >
> > or something like that, I think we have ctypes for tcpdump. Also
> > the way IP addresses are printed in this is sorta disgusting. There
> > is functions for that.
<cut>
