nixpkgs/pkgs/applications/networking/sniffers/wireshark/wireshark-lookup-dumpcap-in-path.patch
Franz Pletz bfb399e3c4 wireshark: 1.12.7 -> 2.0.0
Updates wireshark to the next major stable version. Also updated and tested
the patch to search for dumpcap in PATH by @bjornfor.
2015-11-27 05:17:26 +01:00

63 lines
2.5 KiB
Diff

From 5bef9deeff8a2e4401de0f45c9701cd6f98f29d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Thu, 26 Nov 2015 21:03:35 +0100
Subject: [PATCH] Lookup dumpcap in PATH
NixOS patch: Look for dumpcap in PATH first, because there may be a
dumpcap setuid-wrapper that we want to use instead of the default
non-setuid dumpcap binary.
Also change execv() to execvp() because we've set argv[0] to "dumpcap"
and have to enable PATH lookup. Wireshark is not a setuid program, so
looking in PATH is not a security issue.
Signed-off-by: Franz Pletz <fpletz@fnordicwalking.de>
---
capchild/capture_sync.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/capchild/capture_sync.c b/capchild/capture_sync.c
index 970688e..49914d5 100644
--- a/capchild/capture_sync.c
+++ b/capchild/capture_sync.c
@@ -332,7 +332,18 @@ init_pipe_args(int *argc) {
#ifdef _WIN32
exename = g_strdup_printf("%s\\dumpcap.exe", progfile_dir);
#else
- exename = g_strdup_printf("%s/dumpcap", progfile_dir);
+ /*
+ * NixOS patch: Look for dumpcap in PATH first, because there may be a
+ * dumpcap setuid-wrapper that we want to use instead of the default
+ * non-setuid dumpcap binary.
+ */
+ if (system("command -v dumpcap >/dev/null") == 0) {
+ /* Found working dumpcap */
+ exename = g_strdup_printf("dumpcap");
+ } else {
+ /* take Wireshark's absolute program path and replace "Wireshark" with "dumpcap" */
+ exename = g_strdup_printf("%s/dumpcap", progfile_dir);
+ }
#endif
/* Make that the first argument in the argument list (argv[0]). */
@@ -729,7 +740,7 @@ sync_pipe_start(capture_options *capture_opts, capture_session *cap_session, voi
*/
dup2(sync_pipe[PIPE_WRITE], 2);
ws_close(sync_pipe[PIPE_READ]);
- execv(argv[0], argv);
+ execvp(argv[0], argv);
g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s",
argv[0], g_strerror(errno));
sync_pipe_errmsg_to_parent(2, errmsg, "");
@@ -997,7 +1008,7 @@ sync_pipe_open_command(char** argv, int *data_read_fd,
dup2(sync_pipe[PIPE_WRITE], 2);
ws_close(sync_pipe[PIPE_READ]);
ws_close(sync_pipe[PIPE_WRITE]);
- execv(argv[0], argv);
+ execvp(argv[0], argv);
g_snprintf(errmsg, sizeof errmsg, "Couldn't run %s in child process: %s",
argv[0], g_strerror(errno));
sync_pipe_errmsg_to_parent(2, errmsg, "");
--
2.6.3