update tcpdump to 4.99.1

2022-03-21 16:15:07 +08:00 · 2022-03-21 16:15:07 +08:00 · 5dffa73739
commit 5dffa73739
parent a895da60db
18 changed files with 73 additions and 623 deletions
--- a/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch
+++ b/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch
@ -1,88 +0,0 @@
 From 954c235f6db6f601d732b6fce48d2e8183c05d49 Mon Sep 17 00:00:00 2001
 From: rpm-build <rpm-build>
 Date: Mon, 20 Oct 2014 14:43:04 +0200
 Subject: [PATCH 4/8] tcpslice: update tcpslice patch to 1.2a3
 ---
 tcpslice-1.2a3/search.c   | 22 +++++++++++++++-------
 tcpslice-1.2a3/tcpslice.h | 20 ++++++++++++++++++++
 2 files changed, 35 insertions(+), 7 deletions(-)
 diff --git a/tcpslice-1.2a3/search.c b/tcpslice-1.2a3/search.c
 index 1e2d051..23aa105 100644
 --- a/tcpslice-1.2a3/search.c
 +++ b/tcpslice-1.2a3/search.c
@@ -53,7 +53,7 @@ static const char rcsid[] =
 /* Size of a packet header in bytes; easier than typing the sizeof() all
  * the time ...
  */
 -#define PACKET_HDR_LEN (sizeof( struct pcap_pkthdr ))
 +#define PACKET_HDR_LEN (sizeof( struct pcap_sf_pkthdr ))
 extern int snaplen;
@@ -111,16 +111,24 @@ reasonable_header( struct pcap_pkthdr *hdr, time_t first_time, time_t last_time
 static void
 extract_header( pcap_t *p, u_char *buf, struct pcap_pkthdr *hdr )
 	{
 -	memcpy((char *) hdr, (char *) buf, sizeof(struct pcap_pkthdr));
 +	struct pcap_sf_pkthdr hdri;
 +
 +	memcpy((char *) &hdri, (char *) buf, sizeof(struct pcap_sf_pkthdr));
 	if ( pcap_is_swapped( p ) )
 		{
 -		hdr->ts.tv_sec = SWAPLONG(hdr->ts.tv_sec);
 -		hdr->ts.tv_usec = SWAPLONG(hdr->ts.tv_usec);
 -		hdr->len = SWAPLONG(hdr->len);
 -		hdr->caplen = SWAPLONG(hdr->caplen);
 +		hdr->ts.tv_sec = SWAPLONG(hdri.ts.tv_sec);
 +		hdr->ts.tv_usec = SWAPLONG(hdri.ts.tv_usec);
 +		hdr->len = SWAPLONG(hdri.len);
 +		hdr->caplen = SWAPLONG(hdri.caplen);
 +		}
 +	else
 +		{
 +		hdr->ts.tv_sec = hdri.ts.tv_sec;
 +		hdr->ts.tv_usec = hdri.ts.tv_usec;
 +		hdr->len = hdri.len;
 +		hdr->caplen = hdri.caplen;
 		}
 -
 	/*
 	 * From bpf/libpcap/savefile.c:
 	 *
 diff --git a/tcpslice-1.2a3/tcpslice.h b/tcpslice-1.2a3/tcpslice.h
 index de4a01c..9dcd1a1 100644
 --- a/tcpslice-1.2a3/tcpslice.h
 +++ b/tcpslice-1.2a3/tcpslice.h
@@ -20,6 +20,26 @@
  */
 +#include <time.h>
 +/* #include <net/bpf.h> */
 +
 +/*
 + * This is a timeval as stored in disk in a dumpfile.
 + * It has to use the same types everywhere, independent of the actual
 + * `struct timeval'
 + */
 +
 +struct pcap_timeval {
 +    bpf_int32 tv_sec;           /* seconds */
 +    bpf_int32 tv_usec;          /* microseconds */
 +};
 +
 +struct pcap_sf_pkthdr {
 +    struct pcap_timeval ts;     /* time stamp */
 +    bpf_u_int32 caplen;         /* length of portion present */
 +    bpf_u_int32 len;            /* length this packet (off wire) */
 +};
 +
 time_t	gwtm2secs( struct tm *tm );
 int	sf_find_end( struct pcap *p, struct timeval *first_timestamp,
 -- 
 2.9.3
--- a/0005-tcpslice-remove-unneeded-include.patch
+++ b/0005-tcpslice-remove-unneeded-include.patch
@ -1,26 +0,0 @@
 From d32956586bfb50b189132d5a15db8a50ef871278 Mon Sep 17 00:00:00 2001
 From: rpm-build <rpm-build>
 Date: Mon, 20 Oct 2014 15:06:54 +0200
 Subject: [PATCH 5/8] tcpslice: remove unneeded include
 net/bpf.h doesn't exist on Linux.
 ---
 tcpslice-1.2a3/tcpslice.c | 2 --
 1 file changed, 2 deletions(-)
 diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c
 index e73d76f..895e54f 100644
 --- a/tcpslice-1.2a3/tcpslice.c
 +++ b/tcpslice-1.2a3/tcpslice.c
@@ -35,8 +35,6 @@ static const char rcsid[] =
 #include <sys/file.h>
 #include <sys/stat.h>
 -#include <net/bpf.h>
 -
 #include <ctype.h>
 #ifdef HAVE_FCNTL_H
 #include <fcntl.h>
 -- 
 2.9.3
--- a/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch
+++ b/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch
@ -1,27 +0,0 @@
 From e159008d2f126d92112858269fb6b2fbca63ffc2 Mon Sep 17 00:00:00 2001
 From: rpm-build <rpm-build>
 Date: Mon, 20 Oct 2014 15:19:44 +0200
 Subject: [PATCH 6/8] tcpslice: don't test the pointer but pointee for NULL
 ---
 tcpslice-1.2a3/tcpslice.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
 diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c
 index 895e54f..a91439b 100644
 --- a/tcpslice-1.2a3/tcpslice.c
 +++ b/tcpslice-1.2a3/tcpslice.c
@@ -402,7 +402,9 @@ fill_tm(char *time_string, int is_delta, struct tm *t, time_t *usecs_addr)
 		while (isdigit(*t_stop))
 			++t_stop;
 -		if (! t_stop)
 +
 +                if (!(*t_stop))
 +                        /* we've reached end of string -> bad date format */
 			error("bad date format %s, problem starting at %s",
 			      time_string, t_start);
 -- 
 2.9.3
--- a/0009-Change-n-flag-to-nn-in-TESTonce.patch
+++ b/0009-Change-n-flag-to-nn-in-TESTonce.patch
@ -1,24 +0,0 @@
 From 04e23aa3f91ff137237daf68f02e7b3c0c1a9168 Mon Sep 17 00:00:00 2001
 From: rpm-build <rpm-build>
 Date: Tue, 11 Apr 2017 09:19:48 +0200
 Subject: [PATCH 09/13] Change -n flag to -nn in TESTonce
 We need to change this because we have a different meaning of -n
 flag than upstream does. We use -nn in those cases.
 ---
 tests/TESTonce | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/tests/TESTonce b/tests/TESTonce
 index 425abaa..81283d9 100755
 --- a/tests/TESTonce
 +++ b/tests/TESTonce
@@ -43,7 +43,7 @@ if ($^O eq 'MSWin32') {
 else {
     # we used to do this as a nice pipeline, but the problem is that $r fails to
     # to be set properly if the tcpdump core dumps.
 -    $cmd = "$TCPDUMP 2>${rawstderrlog} -t -n -r $input $options >tests/NEW/${outputbase}";
 +    $cmd = "$TCPDUMP 2>${rawstderrlog} -t -nn -r $input $options >tests/NEW/${outputbase}";
     print "CMD: $cmd\n" if $debug;
     $r = system $cmd;
     if($r == -1) {
--- a/0011-Evp-cipher-buffers.patch
+++ b/0011-Evp-cipher-buffers.patch
@ -1,29 +0,0 @@
 diff --git a/print-esp.c b/print-esp.c
 index 6fabff1..5818cc8 100644
 --- a/print-esp.c
 +++ b/print-esp.c
@@ -242,6 +242,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
 	if (input_buffer == NULL) {
 		EVP_CIPHER_CTX_free(ctx);
 		(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
 +		return 0;
 	}
 	/*
 	 * Copy the input data to the encrypted data buffer, and pad it
@@ -259,7 +260,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
 		EVP_CIPHER_CTX_free(ctx);
 		(*ndo->ndo_error)(ndo, "can't allocate memory for decryption buffer");
 	}
 -	EVP_Cipher(ctx, output_buffer, input_buffer, len);
 +	EVP_Cipher(ctx, output_buffer, input_buffer, buffer_size);
 	EVP_CIPHER_CTX_free(ctx);
 	/*
@@ -815,6 +816,7 @@ esp_print(netdissect_options *ndo,
 			if (input_buffer == NULL) {
 				EVP_CIPHER_CTX_free(ctx);
 				(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
 +				return 0;
 			}
 			/*
 			 * Copy the input data to the encrypted data buffer,
--- a/0012-Add-printing-support-for-vsockmon-devices.patch
+++ b/0012-Add-printing-support-for-vsockmon-devices.patch
@ -1,318 +0,0 @@
 From 66a5b93dee386bc2f57033a150341752923b8b41 Mon Sep 17 00:00:00 2001
 From: Gerard Garcia <ggarcia@deic.uab.cat>
 Date: Tue, 14 Jun 2016 16:45:44 +0200
 Subject: [PATCH 13/13] Add printing support for vsockmon devices.
 Print Linux 4.12 vsockmon captures:
  # modprobe vsockmon
  # ip link add type vsockmon
  # ip link set vsockmon0 up
  # tcpdump -i vsockmon0
  16:25:24.987917 VIRTIO 3.1025 > 2.1234 CONNECT, length 76
  16:25:24.987963 VIRTIO 2.1234 > 3.1025 CONNECT, length 76
  16:25:26.568271 VIRTIO 3.1025 > 2.1234 PAYLOAD, length 82
  16:25:26.568512 VIRTIO 2.1234 > 3.1025 CONTROL, length 76
  16:25:28.411335 VIRTIO 3.1025 > 2.1234 DISCONNECT, length 76
  16:25:28.411628 VIRTIO 2.1234 > 3.1025 DISCONNECT, length 76
 For more information about vsock see:
 http://wiki.qemu.org/Features/VirtioVsock
 ---
 Makefile.in   |   1 +
 netdissect.h  |   1 +
 print-vsock.c | 243 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 print.c       |   3 +
 4 files changed, 248 insertions(+)
 create mode 100644 print-vsock.c
 diff --git a/Makefile.in b/Makefile.in
 index 0941f0e..a301878 100644
 --- a/Makefile.in
 +++ b/Makefile.in
@@ -226,6 +226,7 @@ LIBNETDISSECT_SRC=\
 	print-vjc.c \
 	print-vqp.c \
 	print-vrrp.c \
 +	print-vsock.c \
 	print-vtp.c \
 	print-vxlan.c \
 	print-vxlan-gpe.c \
 diff --git a/netdissect.h b/netdissect.h
 index 089b040..c89fcf1 100644
 --- a/netdissect.h
 +++ b/netdissect.h
@@ -444,6 +444,7 @@ extern u_int symantec_if_print IF_PRINTER_ARGS;
 extern u_int token_if_print IF_PRINTER_ARGS;
 extern u_int usb_linux_48_byte_print IF_PRINTER_ARGS;
 extern u_int usb_linux_64_byte_print IF_PRINTER_ARGS;
 +extern u_int vsock_print IF_PRINTER_ARGS;
 /*
  * Structure passed to some printers to allow them to print
 diff --git a/print-vsock.c b/print-vsock.c
 new file mode 100644
 index 0000000..fc5694d
 --- /dev/null
 +++ b/print-vsock.c
@@ -0,0 +1,243 @@
 +/*
 + * Copyright (c) 2016 Gerard Garcia <nouboh@gmail.com>
 + * Copyright (c) 2017 Red Hat, Inc.
 + *
 + * Redistribution and use in source and binary forms, with or without
 + * modification, are permitted provided that the following conditions
 + * are met:
 + *
 + *   1. Redistributions of source code must retain the above copyright
 + *      notice, this list of conditions and the following disclaimer.
 + *   2. Redistributions in binary form must reproduce the above copyright
 + *      notice, this list of conditions and the following disclaimer in
 + *      the documentation and/or other materials provided with the
 + *      distribution.
 + *   3. The names of the authors may not be used to endorse or promote
 + *      products derived from this software without specific prior
 + *      written permission.
 + *
 + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
 + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
 + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 + */
 +
 +/* \summary: Linux vsock printer */
 +
 +#ifdef HAVE_CONFIG_H
 +#include "config.h"
 +#endif
 +
 +#include <netdissect-stdinc.h>
 +#include <stddef.h>
 +
 +#include "netdissect.h"
 +#include "extract.h"
 +
 +static const char tstr[] = " [|vsock]";
 +
 +enum af_vsockmon_transport {
 +	AF_VSOCK_TRANSPORT_UNKNOWN = 0,
 +	AF_VSOCK_TRANSPORT_NO_INFO = 1,		/* No transport information */
 +	AF_VSOCK_TRANSPORT_VIRTIO = 2,		/* Virtio transport header */
 +};
 +
 +static const struct tok vsock_transport[] = {
 +	{AF_VSOCK_TRANSPORT_UNKNOWN, "UNKNOWN"},
 +	{AF_VSOCK_TRANSPORT_NO_INFO, "NO_INFO"},
 +	{AF_VSOCK_TRANSPORT_VIRTIO, "VIRTIO"},
 +	{ 0, NULL }
 +};
 +
 +enum af_vsockmon_op {
 +	AF_VSOCK_OP_UNKNOWN = 0,
 +	AF_VSOCK_OP_CONNECT = 1,
 +	AF_VSOCK_OP_DISCONNECT = 2,
 +	AF_VSOCK_OP_CONTROL = 3,
 +	AF_VSOCK_OP_PAYLOAD = 4,
 +};
 +
 +static const struct tok vsock_op[] = {
 +	{AF_VSOCK_OP_UNKNOWN, "UNKNOWN"},
 +	{AF_VSOCK_OP_CONNECT, "CONNECT"},
 +	{AF_VSOCK_OP_DISCONNECT, "DISCONNECT"},
 +	{AF_VSOCK_OP_CONTROL, "CONTROL"},
 +	{AF_VSOCK_OP_PAYLOAD, "PAYLOAD"},
 +	{ 0, NULL }
 +};
 +
 +enum virtio_vsock_type {
 +	VIRTIO_VSOCK_TYPE_STREAM = 1,
 +};
 +
 +static const struct tok virtio_type[] = {
 +	{VIRTIO_VSOCK_TYPE_STREAM, "STREAM"},
 +	{ 0, NULL }
 +};
 +
 +enum virtio_vsock_op {
 +	VIRTIO_VSOCK_OP_INVALID = 0,
 +	VIRTIO_VSOCK_OP_REQUEST = 1,
 +	VIRTIO_VSOCK_OP_RESPONSE = 2,
 +	VIRTIO_VSOCK_OP_RST = 3,
 +	VIRTIO_VSOCK_OP_SHUTDOWN = 4,
 +	VIRTIO_VSOCK_OP_RW = 5,
 +	VIRTIO_VSOCK_OP_CREDIT_UPDATE = 6,
 +	VIRTIO_VSOCK_OP_CREDIT_REQUEST = 7,
 +};
 +
 +static const struct tok virtio_op[] = {
 +	{VIRTIO_VSOCK_OP_INVALID, "INVALID"},
 +	{VIRTIO_VSOCK_OP_REQUEST, "REQUEST"},
 +	{VIRTIO_VSOCK_OP_RESPONSE, "RESPONSE"},
 +	{VIRTIO_VSOCK_OP_RST, "RST"},
 +	{VIRTIO_VSOCK_OP_SHUTDOWN, "SHUTDOWN"},
 +	{VIRTIO_VSOCK_OP_RW, "RW"},
 +	{VIRTIO_VSOCK_OP_CREDIT_UPDATE, "CREDIT UPDATE"},
 +	{VIRTIO_VSOCK_OP_CREDIT_REQUEST, "CREDIT REQUEST"},
 +	{ 0, NULL }
 +};
 +
 +/* All fields are little-endian */
 +
 +struct virtio_vsock_hdr {
 +	uint64_t	src_cid;
 +	uint64_t	dst_cid;
 +	uint32_t	src_port;
 +	uint32_t	dst_port;
 +	uint32_t	len;
 +	uint16_t	type;		/* enum virtio_vsock_type */
 +	uint16_t	op;		/* enum virtio_vsock_op */
 +	uint32_t	flags;
 +	uint32_t	buf_alloc;
 +	uint32_t	fwd_cnt;
 +} UNALIGNED;
 +
 +struct af_vsockmon_hdr {
 +	uint64_t src_cid;
 +	uint64_t dst_cid;
 +	uint32_t src_port;
 +	uint32_t dst_port;
 +	uint16_t op;		/* enum af_vsockmon_op */
 +	uint16_t transport;	/* enum af_vosckmon_transport */
 +	uint16_t len;		/* size of transport header */
 +	uint8_t reserved[2];
 +};
 +
 +static void
 +vsock_virtio_hdr_print(netdissect_options *ndo, const struct virtio_vsock_hdr *hdr)
 +{
 +	uint16_t u16_v;
 +	uint32_t u32_v;
 +
 +	u32_v = EXTRACT_LE_32BITS(&hdr->len);
 +	ND_PRINT((ndo, "len %u", u32_v));
 +
 +	u16_v = EXTRACT_LE_16BITS(&hdr->type);
 +	ND_PRINT((ndo, ", type %s",
 +		  tok2str(virtio_type, "Invalid type (%hu)", u16_v)));
 +
 +	u16_v = EXTRACT_LE_16BITS(&hdr->op);
 +	ND_PRINT((ndo, ", op %s",
 +		  tok2str(virtio_op, "Invalid op (%hu)", u16_v)));
 +
 +	u32_v = EXTRACT_LE_32BITS(&hdr->flags);
 +	ND_PRINT((ndo, ", flags %x", u32_v));
 +
 +	u32_v = EXTRACT_LE_32BITS(&hdr->buf_alloc);
 +	ND_PRINT((ndo, ", buf_alloc %u", u32_v));
 +
 +	u32_v = EXTRACT_LE_32BITS(&hdr->fwd_cnt);
 +	ND_PRINT((ndo, ", fwd_cnt %u", u32_v));
 +}
 +
 +static size_t
 +vsock_transport_hdr_size(uint16_t transport)
 +{
 +	switch (transport) {
 +		case AF_VSOCK_TRANSPORT_VIRTIO:
 +			return sizeof(struct virtio_vsock_hdr);
 +		default:
 +			return 0;
 +	}
 +}
 +
 +static void
 +vsock_transport_hdr_print(netdissect_options *ndo, uint16_t transport,
 +                          const u_char *p, const u_int len)
 +{
 +	size_t transport_size = vsock_transport_hdr_size(transport);
 +	const void *hdr;
 +
 +	if (len < sizeof(struct af_vsockmon_hdr) + transport_size)
 +		return;
 +
 +	hdr = p + sizeof(struct af_vsockmon_hdr);
 +	switch (transport) {
 +		case AF_VSOCK_TRANSPORT_VIRTIO:
 +			ND_PRINT((ndo, " ("));
 +			vsock_virtio_hdr_print(ndo, hdr);
 +			ND_PRINT((ndo, ")"));
 +			break;
 +		default:
 +			break;
 +	}
 +}
 +
 +static void
 +vsock_hdr_print(netdissect_options *ndo, const u_char *p, const u_int len)
 +{
 +	uint16_t hdr_transport, hdr_op;
 +	uint32_t hdr_src_port, hdr_dst_port;
 +	uint64_t hdr_src_cid, hdr_dst_cid;
 +	size_t total_hdr_size;
 +
 +	const struct af_vsockmon_hdr *hdr = (struct af_vsockmon_hdr *)p;
 +
 +	hdr_transport = EXTRACT_LE_16BITS(&hdr->transport);
 +	ND_PRINT((ndo, "%s",
 +		  tok2str(vsock_transport, "Invalid transport (%u)",
 +			  hdr_transport)));
 +
 +	/* If verbose level is more than 0 print transport details */
 +	if (ndo->ndo_vflag) {
 +		vsock_transport_hdr_print(ndo, hdr_transport, p, len);
 +		ND_PRINT((ndo, "\n\t"));
 +	} else
 +		ND_PRINT((ndo, " "));
 +
 +	hdr_src_cid = EXTRACT_LE_64BITS(&hdr->src_cid);
 +	hdr_dst_cid = EXTRACT_LE_64BITS(&hdr->dst_cid);
 +	hdr_src_port = EXTRACT_LE_32BITS(&hdr->src_port);
 +	hdr_dst_port = EXTRACT_LE_32BITS(&hdr->dst_port);
 +	hdr_op = EXTRACT_LE_16BITS(&hdr->op);
 +	ND_PRINT((ndo, "%lu.%hu > %lu.%hu %s, length %u",
 +		  hdr_src_cid, hdr_src_port,
 +		  hdr_dst_cid, hdr_dst_port,
 +		  tok2str(vsock_op, " invalid op (%u)", hdr_op),
 +		  len));
 +
 +	/* If debug level is more than 1 print payload contents */
 +	total_hdr_size = sizeof(struct af_vsockmon_hdr) +
 +			 vsock_transport_hdr_size(hdr_transport);
 +	if (ndo->ndo_vflag > 1 &&
 +	    hdr_op == AF_VSOCK_OP_PAYLOAD &&
 +	    len > total_hdr_size) {
 +		const u_char *payload = p + total_hdr_size;
 +
 +		ND_PRINT((ndo, "\n"));
 +		print_unknown_data(ndo, payload, "\t", len - total_hdr_size);
 +	}
 +}
 +
 +u_int
 +vsock_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *cp)
 +{
 +	u_int len = h->len;
 +
 +	if (len < sizeof(struct af_vsockmon_hdr))
 +		ND_PRINT((ndo, "%s", tstr));
 +	else
 +		vsock_hdr_print(ndo, cp, len);
 +
 +	return len;
 +}
 diff --git a/print.c b/print.c
 index c76f344..1945cfd 100644
 --- a/print.c
 +++ b/print.c
@@ -220,6 +220,9 @@ static const struct printer printers[] = {
 #ifdef DLT_PPP_SERIAL
 	{ ppp_hdlc_if_print,	DLT_PPP_SERIAL },
 #endif
 +#ifdef DLT_VSOCK
 +	{ vsock_print,		DLT_VSOCK },
 +#endif
 	{ NULL,			0 },
 };
 -- 
 2.13.5
--- a/CVE-2020-8037.patch
+++ b/CVE-2020-8037.patch
@ -1,65 +0,0 @@
 From 32027e199368dad9508965aae8cd8de5b6ab5231 Mon Sep 17 00:00:00 2001
 From: Guy Harris <guy@alum.mit.edu>
 Date: Sat, 18 Apr 2020 14:04:59 -0700
 Subject: [PATCH] PPP: When un-escaping, don't allocate a too-large
 buffer.
 The buffer should be big enough to hold the captured data, but it
 doesn't need to be big enough to hold the entire on-the-network packet,
 if we haven't captured all of it.
 (backported from commit e4add0b010ed6f2180dcb05a13026242ed935334)
 ---
 print-ppp.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)
 diff --git a/print-ppp.c b/print-ppp.c
 index 891761728..33fb03412 100644
 --- a/print-ppp.c
 +++ b/print-ppp.c
@@ -1367,19 +1367,29 @@
 	return 0;
 }
 +/*
 + * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes.
 + * The length argument is the on-the-wire length, not the captured
 + * length; we can only un-escape the captured part.
 + */
 static void
 ppp_hdlc(netdissect_options *ndo,
          const u_char *p, int length)
 {
 +	u_int caplen = ndo->ndo_snapend - p;
 	u_char *b, *t, c;
 	const u_char *s;
 -	int i, proto;
 +	u_int i;
 +	int proto;
 	const void *se;
 +	if (caplen == 0)
 +		return;
 +
         if (length <= 0)
                 return;
 -	b = (u_char *)malloc(length);
 +	b = (u_char *)malloc(caplen);
 	if (b == NULL)
 		return;
@@ -1388,10 +1398,10 @@
 	 * Do this so that we dont overwrite the original packet
 	 * contents.
 	 */
 -	for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) {
 +	for (s = p, t = b, i = caplen; i != 0; i--) {
 		c = *s++;
 		if (c == 0x7d) {
 -			if (i <= 1 || !ND_TTEST(*s))
 +			if (i <= 1)
 				break;
 			i--;
 			c = *s++ ^ 0x20;
--- a/backport-0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
+++ b/backport-0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
@ -1,28 +1,26 @@
 From c48fba64fbbff9c75c79e32ab33aa65742c197d9 Mon Sep 17 00:00:00 2001
 From: rpm-build <rpm-build>
 Date: Mon, 20 Oct 2014 14:12:46 +0200
 Subject: [PATCH 2/8] Use getnameinfo instead of gethostbyaddr
 ---
 addrtoname.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 46 insertions(+), 2 deletions(-)
 diff --git a/addrtoname.c b/addrtoname.c
-index 6975b71..949acb7 100644
+index 33b9378..426839c 100644
 --- a/addrtoname.c
 +++ b/addrtoname.c
-@@ -220,7 +220,6 @@ static uint32_t f_localnet;
+@@ -277,7 +277,6 @@ extern cap_channel_t *capdns;
 const char *
- getname(netdissect_options *ndo, const u_char *ap)
+ ipaddr_string(netdissect_options *ndo, const u_char *ap)
 {
-	register struct hostent *hp;
+-	struct hostent *hp;
 	uint32_t addr;
 	struct hnamemem *p;
-@@ -242,6 +241,28 @@ getname(netdissect_options *ndo, const u_char *ap)
+@@ -299,13 +298,29 @@ ipaddr_string(netdissect_options *ndo, const u_char *ap)
 	 */
 	if (!ndo->ndo_nflag &&
 	    (addr & f_netmask) == f_localnet) {
 -#ifdef HAVE_CASPER
 -		if (capdns != NULL) {
 -			hp = cap_gethostbyaddr(capdns, (char *)&addr, 4,
 -			    AF_INET);
 -		} else
 -#endif
 -			hp = gethostbyaddr((char *)&addr, 4, AF_INET);
 +#ifdef HAVE_GETNAMEINFO
 +		struct sockaddr_in sa;
 +		char hbuf[NI_MAXHOST];
@ -44,11 +42,12 @@ index 6975b71..949acb7 100644
 +			return p->name;
 +		}
 +#else
-+		register struct hostent *hp;
+		struct hostent *hp;
- 		hp = gethostbyaddr((char *)&addr, 4, AF_INET);
+		hp = gethostbyaddr((char *)&addr, 4, AF_INET);
 		if (hp) {
 			char *dotp;
-@@ -258,6 +279,7 @@ getname(netdissect_options *ndo, const u_char *ap)
+ 
@@ -321,6 +336,7 @@ ipaddr_string(netdissect_options *ndo, const u_char *ap)
 			}
 			return (p->name);
 		}
@ -56,18 +55,25 @@ index 6975b71..949acb7 100644
 	}
 	p->name = strdup(intoa(addr));
 	if (p->name == NULL)
-@@ -272,7 +294,6 @@ getname(netdissect_options *ndo, const u_char *ap)
+@@ -336,7 +352,6 @@ ipaddr_string(netdissect_options *ndo, const u_char *ap)
 const char *
- getname6(netdissect_options *ndo, const u_char *ap)
+ ip6addr_string(netdissect_options *ndo, const u_char *ap)
 {
-	register struct hostent *hp;
+-	struct hostent *hp;
 	union {
- 		struct in6_addr addr;
+ 		nd_ipv6 addr;
 		struct for_hash_addr {
-@@ -297,6 +318,28 @@ getname6(netdissect_options *ndo, const u_char *ap)
+@@ -361,13 +376,29 @@ ip6addr_string(netdissect_options *ndo, const u_char *ap)
 	 * Do not print names if -n was given.
 	 */
 	if (!ndo->ndo_nflag) {
 -#ifdef HAVE_CASPER
 -		if (capdns != NULL) {
 -			hp = cap_gethostbyaddr(capdns, (char *)&addr,
 -			    sizeof(addr), AF_INET6);
 -		} else
 -#endif
 -			hp = gethostbyaddr((char *)&addr, sizeof(addr),
 +#ifdef HAVE_GETNAMEINFO
 +		struct sockaddr_in6 sa;
 +		char hbuf[NI_MAXHOST];
@ -89,11 +95,12 @@ index 6975b71..949acb7 100644
 +			return p->name;
 +		}
 +#else
-+                register struct hostent *hp;
+		struct hostent *hp;
- 		hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6);
+		hp = gethostbyaddr((char *)&addr, sizeof(addr),
 			    AF_INET6);
 		if (hp) {
 			char *dotp;
-@@ -313,6 +356,7 @@ getname6(netdissect_options *ndo, const u_char *ap)
+@@ -384,6 +415,7 @@ ip6addr_string(netdissect_options *ndo, const u_char *ap)
 			}
 			return (p->name);
 		}
@ -101,6 +108,3 @@ index 6975b71..949acb7 100644
 	}
 	cp = addrtostr6(ap, ntop_buf, sizeof(ntop_buf));
 	p->name = strdup(cp);
 -- 
 2.9.3
--- a/backport-0003-Drop-root-priviledges-before-opening-first-savefile-.patch
+++ b/backport-0003-Drop-root-priviledges-before-opening-first-savefile-.patch
@ -19,7 +19,7 @@ index f04a579..ca5cff2 100644
 not 1,048,576 bytes).
 +
 +Note that when used with \fB\-Z\fR option (enabled by default), privileges
-+are dropped before opening first savefile.
+are dropped before opening the first savefile.
 .TP
 .B \-d
 Dump the compiled packet-matching code in a human readable form to
@ -34,6 +34,17 @@ index f04a579..ca5cff2 100644
 .IP "\fI expression\fP"
 .RS
 selects which packets will be dumped.
@@ -366,6 +366,10 @@ If no time format is specified, each new file will overwrite the previous.
 If used in conjunction with the
 .B \-C
 option, filenames will take the form of `\fIfile\fP<count>'.
 +.IP
 +Note that when used with 
 +.B \-Z 
 +option (enabled by default), privileges are dropped before opening the first savefile.
 .TP
 .B \-h
 .PD 0
 diff --git a/tcpdump.c b/tcpdump.c
 index 73bf138..29f7f87 100644
 --- a/tcpdump.c
@ -58,7 +69,7 @@ index 73bf138..29f7f87 100644
 +	 * user(default tcpdump) and drop root privileges.
 +	 */
 +	if (WFileName)
-+		if (Cflag && (username || chroot_dir))
+		if ((Cflag || Gflag) && (username || chroot_dir))
 +			droproot(username, chroot_dir);
 +		else
 +			chown_flag = 1;
@ -69,7 +80,7 @@ index 73bf138..29f7f87 100644
@@ -1881,6 +1895,22 @@ main(int argc, char **argv)
 		  MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0);
- 		p = pcap_dump_open(pd, dumpinfo.CurrentFileName);
+ 		pdd = pcap_dump_open(pd, dumpinfo.CurrentFileName);
 +
 +	/* Change ownership of file and drop root privileges */
 +	if (chown_flag) {
@ -91,4 +102,3 @@ index 73bf138..29f7f87 100644
 		 * Only allow it to be restored if the -C or -G flag have been
 -- 
 2.9.3
--- a/backport-0007-Introduce-nn-option.patch
+++ b/backport-0007-Introduce-nn-option.patch
--- a/backport-0009-Change-n-flag-to-nn-in-TESTonce.patch
+++ b/backport-0009-Change-n-flag-to-nn-in-TESTonce.patch
@ -0,0 +1,13 @@
 diff --git a/tests/TESTrun b/tests/TESTrun
 index b423627..aa3c97d 100755
 --- a/tests/TESTrun
 +++ b/tests/TESTrun
@@ -102,7 +102,7 @@ sub runtest {
     #
     # Furthermore, on Windows, fc can't read the standard input, so we
     # can't do it as a pipeline in any case.
 -    $r = system "$TCPDUMP -# -n -r $input $options >tests/NEW/${outputbase} 2>${rawstderrlog}";
 +    $r = system "$TCPDUMP -# -nn -r $input $options >tests/NEW/${outputbase} 2>${rawstderrlog}";
     if($r != 0) {
         #
         # Something other than "tcpdump opened the file, read it, and
--- a/tcpdump-4.9.3.tar.gz
+++ b/tcpdump-4.9.3.tar.gz
--- a/tcpdump-4.9.3.tar.gz.sig
+++ b/tcpdump-4.9.3.tar.gz.sig
--- a/tcpdump-4.99.1.tar.gz
+++ b/tcpdump-4.99.1.tar.gz
--- a/tcpdump-4.99.1.tar.gz.sig
+++ b/tcpdump-4.99.1.tar.gz.sig
--- a/tcpdump.spec
+++ b/tcpdump.spec
@ -1,30 +1,24 @@
 Name:           tcpdump
 Epoch:          14
-Version:        4.9.3
+Version:        4.99.1
-Release:        4
+Release:        1
 Summary:        A network traffic monitoring tool
 License:        BSD with advertising
 URL:            http://www.tcpdump.org
 Source0:        http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz
-Source1:        ftp://ftp.ee.lbl.gov/tcpslice-1.2a3.tar.gz
+Source1:        ftp://ftp.ee.lbl.gov/tcpslice-1.3.tar.gz
 Source2:        http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz.sig
-Patch0:         0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
+Patch0:         backport-0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
-Patch1:         0003-Drop-root-priviledges-before-opening-first-savefile-.patch
+Patch1:         backport-0003-Drop-root-priviledges-before-opening-first-savefile-.patch
-Patch2:         0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch
+Patch2:         backport-0007-Introduce-nn-option.patch
-Patch3:         0005-tcpslice-remove-unneeded-include.patch
+Patch3:         backport-0009-Change-n-flag-to-nn-in-TESTonce.patch
 Patch4:         0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch
 Patch5:         0007-Introduce-nn-option.patch
 Patch6:         0009-Change-n-flag-to-nn-in-TESTonce.patch
 Patch7:         0011-Evp-cipher-buffers.patch
 Patch8:         0012-Add-printing-support-for-vsockmon-devices.patch
 Patch9:         CVE-2020-8037.patch
 Requires(pre):  shadow-utils
 BuildRequires:  automake openssl-devel libpcap-devel git-core gcc
-%define tcpslice_dir tcpslice-1.2a3
+%define tcpslice_dir tcpslice-1.3
 %description
 Tcpdump is a command-line tool for monitoring network traffic.
@ -90,6 +84,12 @@ exit 0
 %{_mandir}/man8/tcpdump.8*
 %changelog
 * Mon Mar 21 2022 yanglu<yanglu72@h-partners.com> - 4.99.1-1
 - Type:requirements
 - ID:NA
 - SUG:NA
 - DESC:update tcpdump to 4.99.1
 * Fri Dec 18 2020 seuzw <930zhaowei@163.com> - 4.9.3-4
 - Type:CVE
 - ID:CVE-2020-8037
--- a/tcpslice-1.2a3.tar.gz
+++ b/tcpslice-1.2a3.tar.gz
--- a/tcpslice-1.3.tar.gz
+++ b/tcpslice-1.3.tar.gz