Fix the following build failure with libressl >= 3.5.0:
capture_openssl.c: In function 'P_hash':
capture_openssl.c:101:18: error: storage size of 'hm' isn't known
101 | HMAC_CTX hm;
| ^~
Fixes:
- http://autobuild.buildroot.org/results/f1e8cdb3ac35a30055ab79d41e6cc038e5339c37
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
`ncuses-6.3` added printf-style function attributes and now makes
it easier to catch cases when user input is used in palce of format
string when built with CFLAGS=-Werror=format-security:
curses/ui_msg_diff.c: In function 'msg_diff_draw_message':
curses/ui_msg_diff.c:190:5: error: format not a string literal and no format arguments [-Werror=format-security]
190 | mvwprintw(win, 0, 0, sip_get_msg_header(msg, header));
| ^~~~~~~~~
Let's wrap all the missing places with "%s" format.
Sometimes during TCP assembly, a new packet is created
from one of the fragments, cloning its data.
The field type, used to print the Transport column was
not being properly copied from the original packet.
Fixes#378
This isn't really "old libpcap", it's a local OpenBSD change to make pcap files MI. Upstream libpcap does this differently by passing timevals around directly, and just converting in the file load/save routines instead. It's incorrect because the struct members are different sizes (64-bit for timeval.tv_sec, 32 for bpf_timeval.tv_sec).
msg_get_time() returns timevals obtained from libpcap directly, but in OpenBSD these are really bpf_timeval. Copy the struct members so the standard timeval manipulation functions can operate on them. Fixes hard loop when viewing INVITEs.
This commit replaces calls to sprintf with snprintf to prevent a potential buffer overflow. This buffer overflow can happen, when a long request or response line (method) is present in a sip message.