From skynyrd@opus.cts.cwu.edu  Mon Apr 21 17:30:01 1997
Received: from pahtoh.cwu.edu (root@pahtoh.cwu.edu [198.104.65.27])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA00843
          for <FreeBSD-gnats-submit@freebsd.org>; Mon, 21 Apr 1997 17:30:00 -0700 (PDT)
Received: from opus.cts.cwu.edu (skynyrd@opus.cts.cwu.edu [198.104.92.71])
	by pahtoh.cwu.edu (8.8.5/8.8.5) with ESMTP id RAA24334
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 21 Apr 1997 17:29:56 -0700 (PDT)
Received: (from skynyrd@localhost)
	by opus.cts.cwu.edu (8.8.5/8.8.5) id RAA26136;
	Mon, 21 Apr 1997 17:29:54 -0700 (PDT)
Message-Id: <199704220029.RAA26136@opus.cts.cwu.edu>
Date: Mon, 21 Apr 1997 17:29:54 -0700 (PDT)
From: Chris Timmons <skynyrd@opus.cts.cwu.edu>
Reply-To: skynyrd@opus.cts.cwu.edu
To: FreeBSD-gnats-submit@freebsd.org
Subject: LBL tcpdump 3.3 -merge submission
X-Send-Pr-Version: 3.2

>Number:         3371
>Category:       bin
>Synopsis:       LBL tcpdump 3.3 -merge submission
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    fenner
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 21 17:40:00 PDT 1997
>Closed-Date:    Mon May 26 19:22:06 PDT 1997
>Last-Modified:  Mon May 26 19:25:16 PDT 1997
>Originator:     Chris Timmons
>Release:        FreeBSD 3.0-CURRENT i386
>Organization:
Central Washington University
>Environment:

3.0-CURRENT with recently repaired libpcap (see i386/3353.)


>Description:

Pre lbl-3.3 tcpdump (like the one in -current) mistakenly believes
that the small udp packet is actually a truncated one because of a
logic bug in print-udp.c (which probably produced correct results for
the wrong reasons on interfaces which padded ethernet packets to
ETHERMIN before the bpf_tap.)  Of course nowadays we have more
advanced hw that pads for us so the driver doesn't have to, and very
short packets get shoved down the bpf_tap pipe to bring these bugs to
light. But anyways:

>How-To-Repeat:

To see the bug, use netcat to query a udp time server, such as the one
that inetd can run, and monitor the transaction from the same machine
using tcpdump:

   nc -u -z -w 1 pahtoh time

   15:54:37.024031 [|udp]
   15:54:37.025030 pahtoh.cwu.edu.time > swash.cts.cwu.edu.1267: udp 4

Merged -current+lbl-3.3 correctly processes this:

   15:57:39.021435 swash.cts.cwu.edu.1271 > pahtoh.cwu.edu.time: udp 1
   15:57:39.022410 pahtoh.cwu.edu.time > swash.cts.cwu.edu.1271: udp 4


>Fix:
	

tcpdump v3.3 from ftp.ee.lbl.gov fixes the problem.

Since we are a release behind, I have done nearly all of the work necessary 
to merge this into -current and created a kit which I have uploaded as

ftp://ftp.freebsd.org/pub/FreeBSD/incoming/tcpdump-to-lbl33-merge.tar.gz

MD5 (tcpdump-to-lbl33-merge.tar.gz) = 7fa45cf54d5ce868d21bfeaecde55b3e

The kit consists of a buildable reference tree that resulted from my local 
CVS merge (into a copy of the FreeBSD tree) of lbl-3.3 tcpdump, and a patch
kit to address merge conflicts (a couple of -Wall patches are included
separately.)

A complete narrative of length war and peace is included which explains
how this would be useful to someone really merging this into our tree.
Normally the corresponding release of libpcap would be merged at the
same time - I can do that, too, but would like some feedback on whether
or not this kind of submission is useful or appropriate.


>Release-Note:
>Audit-Trail:

From: Bill Fenner <fenner@parc.xerox.com>
To: FreeBSD-gnats-submit@freebsd.org, skynyrd@opus.cts.cwu.edu
Cc: pst@jnx.com
Subject: Re:  bin/3371: LBL tcpdump 3.3 -merge submission
Date: Mon, 21 Apr 1997 18:27:16 PDT

 I'll volunteer to merge tcpdump 3.3 and libpcap 0.3, unless Paul
 has more time than I think he has and wants to do it.
 
   Bill

From: Paul Traina <pst@jnx.com>
To: Bill Fenner <fenner@parc.xerox.com>
Cc: FreeBSD-gnats-submit@freebsd.org, skynyrd@opus.cts.cwu.edu
Subject: Re: bin/3371: LBL tcpdump 3.3 -merge submission 
Date: Mon, 21 Apr 1997 21:48:58 -0700

 Nope, please do.
 
   From: Bill Fenner <fenner@parc.xerox.com>
   Subject: Re:  bin/3371: LBL tcpdump 3.3 -merge submission
   I'll volunteer to merge tcpdump 3.3 and libpcap 0.3, unless Paul
   has more time than I think he has and wants to do it.
   
     Bill
Responsible-Changed-From-To: freebsd-bugs->fenner 
Responsible-Changed-By: fenner 
Responsible-Changed-When: Tue Apr 22 09:47:30 PDT 1997 
Responsible-Changed-Why:  
fenner will merge tcpdump 3.3 and libpcap 0.3 
State-Changed-From-To: open->closed 
State-Changed-By: fenner 
State-Changed-When: Mon May 26 19:22:06 PDT 1997 
State-Changed-Why:  
tcpdump 3.3 imported.  Sorry it took so long. 
>Unformatted:
