--- tcpick-0.2.1.orig/src/lookup.h +++ tcpick-0.2.1/src/lookup.h @@ -26,6 +26,8 @@ * USA. */ +#ifndef _LOOKUP_H +#define _LOOKUP_H struct _l_node /* the node/leaf of the tree */ { @@ -40,3 +42,9 @@ char * name; struct in_addr ip; }; + +char *lookup(struct in_addr ia); +struct _l_node *_l_alloc(struct in_addr, char *); +char *_l_get(struct in_addr); + +#endif --- tcpick-0.2.1.orig/src/datalink.h +++ tcpick-0.2.1/src/datalink.h @@ -0,0 +1,29 @@ +/* + * datalink.h -- calculates datalink offsets + * Part of the tcpick project + * + * Author: Francesco Stablum + * + * Copyright (C) 2003, 2004 Francesco Stablum + * Licensed under the GPL + * + */ + +/* + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at you option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, + * USA. + */ + +char *datalink2str(int dl_id); --- tcpick-0.2.1.orig/src/display.c +++ tcpick-0.2.1/src/display.c @@ -28,6 +28,7 @@ /* FIXME: most code is duplicated: find a better solution! */ #include "tcpick.h" +#include "lookup.h" #include "extern.h" char * --- tcpick-0.2.1.orig/src/args.c +++ tcpick-0.2.1/src/args.c @@ -149,7 +149,7 @@ void parse_args(int argc, char ** argv) { - char opt; + int opt; #ifdef HAVE_GETOPT_LONG static struct option long_options[]= @@ -386,7 +386,7 @@ if(flags.versionandquit) { color( c_USAGE, stdout, PACKAGE_STRING "\n" " Author: " AUTHOR "\n" - " for other info try `man 1 tcpick', or `%s --help'\n\n" + " for other info try `man tcpick', or `%s --help'\n\n" TERMS ,TCPICK_NAME); exit( TCPICK_SUCCESS ); } --- tcpick-0.2.1.orig/src/write.c +++ tcpick-0.2.1/src/write.c @@ -25,8 +25,11 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ +#define _GNU_SOURCE +#include #include "tcpick.h" #include "extern.h" +#include "lookup.h" __inline__ char * avail_filename(struct CONN * conn_ptr, @@ -241,6 +244,9 @@ if( flags.separator && ( out == stdout ) ) /* FIXME: sucks? */ color( c_SEPARATOR, stdout, SEPARATOR "\n" ); + /* Temporary fix for CVE-2006-0048 */ + if (buflen < 0) buflen = 0; + switch ( flavour ) { case HEX_ASCII_DUMP: out_xa( out, buf, buflen ); --- tcpick-0.2.1.orig/src/tcpick.c +++ tcpick-0.2.1/src/tcpick.c @@ -49,6 +49,7 @@ #include "tcpick.h" #include "globals.h" +#include "datalink.h" char *errbuf[PCAP_ERRBUF_SIZE]; struct bpf_program filter_compiled; --- tcpick-0.2.1.orig/src/tracker.c +++ tcpick-0.2.1/src/tracker.c @@ -99,8 +99,9 @@ if( curr->next == NULL ) last_conn = prev_ring; - free_desc( &(curr->client) ); - free_desc( &(curr->server) ); + free_desc( &(curr->client), 1); + if (flags.writer.type == UNIQUE) free_desc( &(curr->server), 0); + else free_desc( &(curr->server), 1); S_free( curr ); conn = first_conn; @@ -124,7 +125,7 @@ count_opened--; } -int free_desc( struct HOST_DESC * desc ) +int free_desc( struct HOST_DESC * desc, int freedescfilename ) /* frees the host descriptor and closes the file */ { struct FRAGMENT * tmp; @@ -134,7 +135,7 @@ if (flags.writer.type == UNIQUE) desc->oth->file = NULL; } - if( desc->filename ) { + if( desc->filename && freedescfilename ) { S_free( desc->filename ); desc->filename = NULL; } --- tcpick-0.2.1.orig/debian/changelog +++ tcpick-0.2.1/debian/changelog @@ -0,0 +1,56 @@ +tcpick (0.2.1-4) unstable; urgency=low + + * QA upload. + * Set maintainer to QA Group; Orphaned: #430030 + * Silence lintian about clean target in debian/rules + * Update FSF Address in debian/copyright + * Conforms with latest Standards Version 3.7.2 + + -- Michael Ablassmeier Fri, 20 Jul 2007 09:48:22 +0200 + +tcpick (0.2.1-3) unstable; urgency=high + + * src/write.c: temporary patch to fix CVE-2006-0048 (Closes: Bug#360571) + As upstream is not responsive, I have written this one-line patch. + With the option -yP, tcpick shows data contained in the captured packets. + For some packets, tcpick computes a negative buffer length, which is used + in a while (buffer length) {} loop to display the packet content. When the + buffer length is negative, the loop never ends, and tcpick segfaults after + a while. + This patch tests if the computed buffer length is negative before using + it, and set it to 0 in this case. + + -- CÃ©dric Delfosse Fri, 14 Apr 2006 20:59:07 +0200 + +tcpick (0.2.1-2) unstable; urgency=low + + * Patch to make it run on ppc, thanks to Alan Curry (Closes: Bug#327327) + * Patch to fix segfault on 64 bit architecture, thanks to Dann Frazier + (Closes: Bug#326927) + * Patch to fix a double free that make tcpick CPU loops (Closes: Bug#319864) + + -- CÃ©dric Delfosse Tue, 4 Oct 2005 22:35:16 +0200 + +tcpick (0.2.1-1) unstable; urgency=low + + * New upstream release + + -- CÃ©dric Delfosse Fri, 21 Jan 2005 22:25:37 +0100 + +tcpick (0.1.24-1) unstable; urgency=low + + * New upstream release + + -- CÃ©dric Delfosse Thu, 16 Sep 2004 21:07:22 +0200 + +tcpick (0.1.23-2) unstable; urgency=low + + * src/args.c: right command to invoke the man page. (Closes: Bug#265067) + + -- CÃ©dric Delfosse Wed, 11 Aug 2004 19:32:53 +0200 + +tcpick (0.1.23-1) unstable; urgency=low + + * Initial Release. + + -- CÃ©dric Delfosse Sun, 11 Jul 2004 00:23:46 +0200 --- tcpick-0.2.1.orig/debian/prerm +++ tcpick-0.2.1/debian/prerm @@ -0,0 +1,39 @@ +#! /bin/sh +# prerm script for tcpick +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour'

+# * `deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + remove|upgrade|deconfigure) +# install-info --quiet --remove /usr/info/tcpick.info.gz + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- tcpick-0.2.1.orig/debian/rules +++ tcpick-0.2.1/debian/rules @@ -0,0 +1,90 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + + +# These are used for cross-compiling and for saving the configure script +# from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + + +CFLAGS = -Wall -g + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + INSTALL_PROGRAM += -s +endif + +configure: configure-stamp +configure-stamp: + dh_testdir + + cp /usr/share/misc/config.sub /usr/share/misc/config.guess . + + # Add here commands to configure the package. + CFLAGS="$(CFLAGS)" LDFLAGS="$(INSTALL_PROGRAM)" ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --bindir=\$${prefix}/sbin + + touch configure-stamp + +build: build-stamp + +build-stamp: configure-stamp config.status + dh_testdir + + # Add here commands to compile the package. + $(MAKE) + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp + + # Add here commands to clean up after the build process. + [ ! -f Makefile ] || $(MAKE) distclean + + dh_clean config.sub config.guess + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/tcpick. + $(MAKE) install DESTDIR=$(CURDIR)/debian/tcpick + # move italian man page + mkdir -p debian/tcpick/usr/share/man/it/man8 + mv debian/tcpick/usr/share/man/man8/tcpick_italian.8 debian/tcpick/usr/share/man/it/man8/tcpick.8 + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs ChangeLog + dh_installdocs + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- tcpick-0.2.1.orig/debian/postinst +++ tcpick-0.2.1/debian/postinst @@ -0,0 +1,42 @@ +#! /bin/sh +# postinst script for tcpick +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package +# + +case "$1" in + configure) + + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- tcpick-0.2.1.orig/debian/preinst +++ tcpick-0.2.1/debian/preinst @@ -0,0 +1,44 @@ +#! /bin/sh +# preinst script for tcpick +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + install|upgrade) +# if [ "$1" = "upgrade" ] +# then +# start-stop-daemon --stop --quiet --oknodo \ +# --pidfile /var/run/tcpick.pid \ +# --exec /usr/sbin/tcpick 2>/dev/null || true +# fi + ;; + + abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- tcpick-0.2.1.orig/debian/copyright +++ tcpick-0.2.1/debian/copyright @@ -0,0 +1,26 @@ +This package was debianized by Cédric Delfosse on +Sun, 11 Jul 2004 00:23:46 +0200. + +It was downloaded from http://tcpick.sf.net + +Upstream Author: Francesco Stablum + +Copyright: + + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 dated June, 1991. + + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 + USA. + +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + --- tcpick-0.2.1.orig/debian/postrm +++ tcpick-0.2.1/debian/postrm @@ -0,0 +1,38 @@ +#! /bin/sh +# postrm script for tcpick +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- tcpick-0.2.1.orig/debian/docs +++ tcpick-0.2.1/debian/docs @@ -0,0 +1,4 @@ +NEWS +README +TODO +EXAMPLES --- tcpick-0.2.1.orig/debian/compat +++ tcpick-0.2.1/debian/compat @@ -0,0 +1 @@ +4 --- tcpick-0.2.1.orig/debian/control +++ tcpick-0.2.1/debian/control @@ -0,0 +1,21 @@ +Source: tcpick +Section: net +Priority: optional +Maintainer: Debian QA Group +Build-Depends: debhelper (>= 4.0.0), autotools-dev, libpcap0.8-dev +Standards-Version: 3.7.2 + +Package: tcpick +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: TCP stream sniffer and connection tracker + This libpcap-based textmode sniffer can: + * track, reassemble and reorder TCP streams + * save the captured flows in different files or display them in the terminal + * display all the stream on the terminal with different display modes like + hexdump, hexdump + ascii, only printable characters, raw mode, colorized + mode ... + * handle several network interface types, including ethernet cards and PPP + interfaces + . + Homepage: http://tcpick.sourceforge.net --- tcpick-0.2.1.orig/debian/dirs +++ tcpick-0.2.1/debian/dirs @@ -0,0 +1,2 @@ +usr/bin +usr/sbin --- tcpick-0.2.1.orig/debian/watch +++ tcpick-0.2.1/debian/watch @@ -0,0 +1,2 @@ +version=2 +ftp://ftp2.sf.net/pub/sourceforge/t/tc/tcpick/tcpick-?_?([\w+\d+\.]+|\d+)(\.tar|\.tgz)(\.gz|\.bz2|) debian uupdate