Re: Libpcap - pcapfindalldevs

[Guy Harris <guy () alum mit edu>]

On Sep 4, 2009, at 8:45 AM, Johan Mazel wrote:

> I wrote a short piece of code in C to show the problem.
>
> My code is the following one:
> *#include <stdio.h>
> #include <pcap.h>
>
> int main(){
>    struct pcap_if * found_devices;
>    int result;
>    char * errbuf;
>    printf("Scanning\n");
>    result = pcap_findalldevs(&found_devices, errbuf);

That's not valid.

Routines such as pcap_open_live() and pcap_findalldevs() take a "char  
*errbuf" argument.

That does *not* mean that you can pass it a random uninitialized "char  
*" variable to it and expect it to work; said random uninitialized  
variable could well point outside the address space of the process -  
it could, for example, have all its bits zero, and most OSes leave the  
first page (and perhaps more pages) out of the address space, so that  
attempts to dereference null pointers will probably cause a crash  
rather than causing random unpredictable behavior (most C  
implementations represent a null pointer as a pointer with all its  
bits zero - and, no, the C standard doesn't require that).

Furthermore, it also doesn't mean that you need to pass it a "char *"  
variable; what you need to pass it is an expression whose type is  
"char *".

If you did

        char errbuf[PCAP_ERRBUF_SIZE];
        printf("Scanning\n");
        result = pcap_findalldevs(&found_devices, errbuf);

that should work - in most contexts in C, a reference to an array of  
type T is converted to a value of "pointer to type T" that points to  
the first member of the array (no, pointers and arrays are not the  
same thing in C).

> If this is a bug in Libpcap,

It's not - it's a bug in your program.  Change

        char * errbuf;

to

        char errbuf[PCAP_ERRBUF_SIZE];

in your program.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.