/builds/wireshark/wireshark/extcap/sshdump.c

Bug Summary

File:	builds/wireshark/wireshark/extcap/sshdump.c
Warning:	line 280, column 9 Opened stream never closed. Potential resource leak
Annotated Source Code

Press '?' to see keyboard shortcuts
Show analyzer invocation
clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name sshdump.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -pic-is-pie -fno-delete-null-pointer-checks -mframe-pointer=all -relaxed-aliasing -fmath-errno -ffp-contract=on -fno-rounding-math -ffloat16-excess-precision=fast -fbfloat16-excess-precision=fast -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/builds/wireshark/wireshark/build -fcoverage-compilation-dir=/builds/wireshark/wireshark/build -resource-dir /usr/lib/llvm-22/lib/clang/22 -isystem /usr/include/glib-2.0 -isystem /usr/lib/x86_64-linux-gnu/glib-2.0/include -D CARES_NO_DEPRECATED -D G_DISABLE_DEPRECATED -D G_DISABLE_SINGLE_INCLUDES -D WS_DEBUG -D WS_DEBUG_UTF_8 -I /builds/wireshark/wireshark/build -I /builds/wireshark/wireshark -I /builds/wireshark/wireshark/include -D _GLIBCXX_ASSERTIONS -internal-isystem /usr/lib/llvm-22/lib/clang/22/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/16/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fmacro-prefix-map=/builds/wireshark/wireshark/= -fmacro-prefix-map=/builds/wireshark/wireshark/build/= -fmacro-prefix-map=../= -Wno-format-nonliteral -std=gnu17 -ferror-limit 19 -fvisibility=hidden -fwrapv -fwrapv-pointer -fstrict-flex-arrays=3 -stack-protector 2 -fstack-clash-protection -fcf-protection=full -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fexceptions -fcolor-diagnostics -analyzer-output=html -faddrsig -fdwarf2-cfi-asm -o /builds/wireshark/wireshark/sbout/2026-06-05-100346-3529-1 -x c /builds/wireshark/wireshark/extcap/sshdump.c
1/* sshdump.c
2 * sshdump is extcap tool used to capture data using a remote ssh host
3 *
4 * Copyright 2015, Dario Lombardo
5 *
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <[email protected]>
8 * Copyright 1998 Gerald Combs
9 *
10 * SPDX-License-Identifier: GPL-2.0-or-later
11 */
12 
13#include "config.h"
14#define WS_LOG_DOMAIN"sshdump" "sshdump"
15 
16#include <extcap/extcap-base.h>
17#include <extcap/ssh-base.h>
18#include <wsutil/interface.h>
19#include <wsutil/file_util.h>
20#include <wsutil/strtoi.h>
21#include <wsutil/filesystem.h>
22#include <wsutil/privileges.h>
23#include <wsutil/please_report_bug.h>
24#include <wsutil/wslog.h>
25#include <app/application_flavor.h>
26 
27#include <errno(*__errno_location ()).h>
28#include <string.h>
29#include <fcntl.h>
30 
31#include <cli_main.h>
32 
33static char* sshdump_extcap_interface;
34#define DEFAULT_SSHDUMP_EXTCAP_INTERFACE"sshdump" "sshdump"
35 
36#define SSHDUMP_VERSION_MAJOR"1" "1"
37#define SSHDUMP_VERSION_MINOR"2" "2"
38#define SSHDUMP_VERSION_RELEASE"0" "0"
39 
40#define SSH_READ_BLOCK_SIZE256 256
41 
42enum {
43	EXTCAP_BASE_OPTIONS_ENUMEXTCAP_OPT_LIST_INTERFACES, EXTCAP_OPT_VERSION, EXTCAP_OPT_LIST_DLTS
, EXTCAP_OPT_INTERFACE, EXTCAP_OPT_CONFIG, EXTCAP_OPT_CONFIG_OPTION_NAME
, EXTCAP_OPT_CONFIG_OPTION_VALUE, EXTCAP_OPT_CLEANUP_POSTKILL
, EXTCAP_OPT_CAPTURE, EXTCAP_OPT_CAPTURE_FILTER, EXTCAP_OPT_FIFO
, EXTCAP_OPT_LOG_LEVEL, EXTCAP_OPT_LOG_FILE,
44	OPT_HELP,
45	OPT_VERSION,
46	OPT_REMOTE_HOST,
47	OPT_REMOTE_PORT,
48	OPT_REMOTE_USERNAME,
49	OPT_REMOTE_PASSWORD,
50	OPT_REMOTE_INTERFACE,
51	OPT_REMOTE_CAPTURE_COMMAND_SELECT,
52	OPT_REMOTE_CAPTURE_COMMAND,
53	OPT_REMOTE_FILTER,
54	OPT_SSHKEY,
55	OPT_SSHKEY_PASSPHRASE,
56	OPT_PROXYCOMMAND,
57	OPT_SSH_SHA1,
58	OPT_REMOTE_COUNT,
59	OPT_REMOTE_SUDO,	// Deprecated
60	OPT_REMOTE_PRIV,
61	OPT_REMOTE_PRIV_USER,
62	OPT_REMOTE_NOPROM
63};
64 
65static const struct ws_option longopts[] = {
66	EXTCAP_BASE_OPTIONS{ "extcap-interfaces", 0, ((void*)0), EXTCAP_OPT_LIST_INTERFACES
}, { "extcap-version", 2, ((void*)0), EXTCAP_OPT_VERSION}, { "extcap-dlts"
, 0, ((void*)0), EXTCAP_OPT_LIST_DLTS}, { "extcap-interface",
 1, ((void*)0), EXTCAP_OPT_INTERFACE}, { "extcap-config", 0, (
(void*)0), EXTCAP_OPT_CONFIG}, { "extcap-config-option-name",
 1, ((void*)0), EXTCAP_OPT_CONFIG_OPTION_NAME}, { "extcap-config-option-value"
, 1, ((void*)0), EXTCAP_OPT_CONFIG_OPTION_VALUE }, { "extcap-cleanup-postkill"
, 0, ((void*)0), EXTCAP_OPT_CLEANUP_POSTKILL }, { "capture", 0
, ((void*)0), EXTCAP_OPT_CAPTURE}, { "extcap-capture-filter",
 1, ((void*)0), EXTCAP_OPT_CAPTURE_FILTER}, { "fifo", 1, ((void
*)0), EXTCAP_OPT_FIFO}, { "log-level", 1, ((void*)0), EXTCAP_OPT_LOG_LEVEL
}, { "log-file", 1, ((void*)0), EXTCAP_OPT_LOG_FILE},
67	{ "help", ws_no_argument0, NULL((void*)0), OPT_HELP},
68	{ "version", ws_no_argument0, NULL((void*)0), OPT_VERSION},
69	SSH_BASE_PACKET_OPTIONS{ "remote-host", 1, ((void*)0), OPT_REMOTE_HOST}, { "remote-port"
, 1, ((void*)0), OPT_REMOTE_PORT}, { "remote-username", 1, ((
void*)0), OPT_REMOTE_USERNAME}, { "remote-password", 1, ((void
*)0), OPT_REMOTE_PASSWORD}, { "remote-count", 1, ((void*)0), OPT_REMOTE_COUNT
}, { "sshkey", 1, ((void*)0), OPT_SSHKEY}, { "sshkey-passphrase"
, 1, ((void*)0), OPT_SSHKEY_PASSPHRASE}, { "proxycommand", 1,
 ((void*)0), OPT_PROXYCOMMAND}, { "ssh-sha1", 0, ((void*)0), OPT_SSH_SHA1
}, { "remote-interface", 1, ((void*)0), OPT_REMOTE_INTERFACE}
, { "remote-filter", 1, ((void*)0), OPT_REMOTE_FILTER},
70	{ "remote-capture-command-select", ws_required_argument1, NULL((void*)0), OPT_REMOTE_CAPTURE_COMMAND_SELECT},
71	{ "remote-capture-command", ws_required_argument1, NULL((void*)0), OPT_REMOTE_CAPTURE_COMMAND},
72	{ "remote-sudo", ws_no_argument0, NULL((void*)0), OPT_REMOTE_SUDO },	// Deprecated
73	{ "remote-priv", ws_required_argument1, NULL((void*)0), OPT_REMOTE_PRIV },
74	{ "remote-priv-user", ws_required_argument1, NULL((void*)0), OPT_REMOTE_PRIV_USER },
75	{ "remote-noprom", ws_no_argument0, NULL((void*)0), OPT_REMOTE_NOPROM },
76	{ 0, 0, 0, 0}
77};
78 
79static char* interfaces_list_to_filter(GSList* if_list, unsigned int remote_port);
80 
81static int ssh_loop_read(ssh_channel channel, FILE* fp)
82{
83	int nbytes;
84	int ret = EXIT_SUCCESS0;
85	char buffer[SSH_READ_BLOCK_SIZE256];
86 
87	/* read from stdin until data are available */
88	while (ssh_channel_is_open(channel) && !ssh_channel_is_eof(channel)) {
89		nbytes = ssh_channel_read(channel, buffer, SSH_READ_BLOCK_SIZE256, 0);
90		if (nbytes < 0) {
91			ws_warning("Error reading from channel")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 91, __func__, "Error reading from channel"); } } while (0);
92			goto end;
93		}
94		if (nbytes == 0) {
95			break;
96		}
97		if (fwrite(buffer, 1, nbytes, fp) != (unsigned)nbytes) {
98			ws_warning("Error writing to fifo")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 98, __func__, "Error writing to fifo"); } } while (0);
99			ret = EXIT_FAILURE1;
100			goto end;
101		}
102		fflush(fp);
103	}
104 
105	/* read loop finished... maybe something wrong happened. Read from stderr */
106	while (ssh_channel_is_open(channel) && !ssh_channel_is_eof(channel)) {
107		nbytes = ssh_channel_read(channel, buffer, SSH_READ_BLOCK_SIZE256, 1);
108		if (nbytes < 0) {
109			ws_warning("Error reading from channel")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 109, __func__, "Error reading from channel"); } } while (0);
110			goto end;
111		}
112		if (fwrite(buffer, 1, nbytes, stderrstderr) != (unsigned)nbytes) {
113			ws_warning("Error writing to stderr")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 113, __func__, "Error writing to stderr"); } } while (0);
114			break;
115		}
116	}
117 
118end:
119	if (ssh_channel_send_eof(channel) != SSH_OK0) {
120		ws_warning("Error sending EOF in ssh channel")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 120, __func__, "Error sending EOF in ssh channel"); } } while
 (0);
121		ret = EXIT_FAILURE1;
122	}
123	return ret;
124}
125 
126static char* local_interfaces_to_filter(const uint16_t remote_port)
127{
128	GSList* interfaces = local_interfaces_to_list();
129	char* filter = interfaces_list_to_filter(interfaces, remote_port);
130	g_slist_free_full(interfaces, g_free);
131	return filter;
132}
133 
134static ssh_channel run_ssh_command(ssh_session sshs, const char* capture_command_select,
135		const char* capture_command, const char* privilege, bool_Bool noprom,
136		const char* iface, const char* cfilter, const uint32_t count)
137{
138	char* cmdline = NULL((void*)0);
139	ssh_channel channel;
140	char** ifaces_array = NULL((void*)0);
141	int ifaces_array_num = 0;
142	GString *ifaces_string;
143	char *ifaces = NULL((void*)0);
144	char* quoted_iface = NULL((void*)0);
145	char* quoted_filter = NULL((void*)0);
146	char* count_str = NULL((void*)0);
147	unsigned int remote_port = 22;
148 
149	channel = ssh_channel_new(sshs);
150	if (!channel) {
151		ws_warning("Can't create channel")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 151, __func__, "Can't create channel"); } } while (0);
152		return NULL((void*)0);
153	}
154 
155	if (ssh_channel_open_session(channel) != SSH_OK0) {
156		ws_warning("Can't open session")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 156, __func__, "Can't open session"); } } while (0);
157		ssh_channel_free(channel);
158		return NULL((void*)0);
159	}
160 
161	ssh_options_get_port(sshs, &remote_port);
162 
163	if (capture_command_select == NULL((void*)0) || !g_strcmp0(capture_command_select, "other")) {
164		if (capture_command && *capture_command) {
165			cmdline = g_strdup(capture_command)g_strdup_inline (capture_command);
166			ws_debug("Remote capture command has disabled other options")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_DEBUG, "extcap/sshdump.c"
, 166, __func__, "Remote capture command has disabled other options"
); } } while (0);
167		} else {
168			capture_command_select = "tcpdump";
169		}
170	}
171 
172	/* escape parameters to go save with the shell */
173	if (!g_strcmp0(capture_command_select, "tcpdump")) {
174		quoted_iface = iface ? g_shell_quote(iface) : NULL((void*)0);
175		quoted_filter = g_shell_quote(cfilter ? cfilter : "");
176		if (count > 0)
177			count_str = ws_strdup_printf("-c %u", count)wmem_strdup_printf(((void*)0), "-c %u", count);
178 
179		cmdline = ws_strdup_printf("%s tcpdump -U %s%s %s -w - %s %s",wmem_strdup_printf(((void*)0), "%s tcpdump -U %s%s %s -w - %s %s"
, privilege, quoted_iface ? "-i " : "", quoted_iface ? quoted_iface
 : "", noprom ? "-p" : "", count_str ? count_str : "", quoted_filter
)
180			privilege,wmem_strdup_printf(((void*)0), "%s tcpdump -U %s%s %s -w - %s %s"
, privilege, quoted_iface ? "-i " : "", quoted_iface ? quoted_iface
 : "", noprom ? "-p" : "", count_str ? count_str : "", quoted_filter
)
181			quoted_iface ? "-i " : "",wmem_strdup_printf(((void*)0), "%s tcpdump -U %s%s %s -w - %s %s"
, privilege, quoted_iface ? "-i " : "", quoted_iface ? quoted_iface
 : "", noprom ? "-p" : "", count_str ? count_str : "", quoted_filter
)
182			quoted_iface ? quoted_iface : "",wmem_strdup_printf(((void*)0), "%s tcpdump -U %s%s %s -w - %s %s"
, privilege, quoted_iface ? "-i " : "", quoted_iface ? quoted_iface
 : "", noprom ? "-p" : "", count_str ? count_str : "", quoted_filter
)
183			noprom ? "-p" : "",wmem_strdup_printf(((void*)0), "%s tcpdump -U %s%s %s -w - %s %s"
, privilege, quoted_iface ? "-i " : "", quoted_iface ? quoted_iface
 : "", noprom ? "-p" : "", count_str ? count_str : "", quoted_filter
)
184			count_str ? count_str : "",wmem_strdup_printf(((void*)0), "%s tcpdump -U %s%s %s -w - %s %s"
, privilege, quoted_iface ? "-i " : "", quoted_iface ? quoted_iface
 : "", noprom ? "-p" : "", count_str ? count_str : "", quoted_filter
)
185			quoted_filter)wmem_strdup_printf(((void*)0), "%s tcpdump -U %s%s %s -w - %s %s"
, privilege, quoted_iface ? "-i " : "", quoted_iface ? quoted_iface
 : "", noprom ? "-p" : "", count_str ? count_str : "", quoted_filter
);
186	} else if (!g_strcmp0(capture_command_select, "dumpcap")) {
187		if (iface) {
188			ifaces_array = g_strsplit(iface, " ", -1);
189			ifaces_string = g_string_new(NULL((void*)0));
190			while (ifaces_array[ifaces_array_num])
191			{
192				quoted_iface = g_shell_quote(ifaces_array[ifaces_array_num]);
193				g_string_append_printf(ifaces_string, "-i %s ", quoted_iface);
194				ifaces_array_num++;
195			}
196			ifaces = g_string_free(ifaces_string, FALSE)(__builtin_constant_p ((0)) ? (((0)) ? (g_string_free) ((ifaces_string
), ((0))) : g_string_free_and_steal (ifaces_string)) : (g_string_free
) ((ifaces_string), ((0))));
197		}
198		quoted_filter = g_shell_quote(cfilter ? cfilter : "");
199		if (count > 0)
200			count_str = ws_strdup_printf("-c %u", count)wmem_strdup_printf(((void*)0), "-c %u", count);
201 
202		cmdline = ws_strdup_printf("%s dumpcap %s %s -w - %s -f %s",wmem_strdup_printf(((void*)0), "%s dumpcap %s %s -w - %s -f %s"
, privilege, noprom ? "-p" : "", ifaces ? ifaces : "", count_str
 ? count_str : "", quoted_filter)
203			privilege,wmem_strdup_printf(((void*)0), "%s dumpcap %s %s -w - %s -f %s"
, privilege, noprom ? "-p" : "", ifaces ? ifaces : "", count_str
 ? count_str : "", quoted_filter)
204			noprom ? "-p" : "",wmem_strdup_printf(((void*)0), "%s dumpcap %s %s -w - %s -f %s"
, privilege, noprom ? "-p" : "", ifaces ? ifaces : "", count_str
 ? count_str : "", quoted_filter)
205			ifaces ? ifaces : "",wmem_strdup_printf(((void*)0), "%s dumpcap %s %s -w - %s -f %s"
, privilege, noprom ? "-p" : "", ifaces ? ifaces : "", count_str
 ? count_str : "", quoted_filter)
206			count_str ? count_str : "",wmem_strdup_printf(((void*)0), "%s dumpcap %s %s -w - %s -f %s"
, privilege, noprom ? "-p" : "", ifaces ? ifaces : "", count_str
 ? count_str : "", quoted_filter)
207			quoted_filter)wmem_strdup_printf(((void*)0), "%s dumpcap %s %s -w - %s -f %s"
, privilege, noprom ? "-p" : "", ifaces ? ifaces : "", count_str
 ? count_str : "", quoted_filter);
208 
209		g_free(ifaces)(__builtin_object_size ((ifaces), 0) != ((size_t) - 1)) ? g_free_sized
 (ifaces, __builtin_object_size ((ifaces), 0)) : (g_free) (ifaces
);
210		g_strfreev(ifaces_array);
211	}
212 
213	ws_debug("Running: %s", cmdline)do { if (1) { ws_log_full("sshdump", LOG_LEVEL_DEBUG, "extcap/sshdump.c"
, 213, __func__, "Running: %s", cmdline); } } while (0);
214	if (ssh_channel_request_exec(channel, cmdline) != SSH_OK0) {
215		ws_warning("Can't request exec")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 215, __func__, "Can't request exec"); } } while (0);
216		ssh_channel_close(channel);
217		ssh_channel_free(channel);
218		channel = NULL((void*)0);
219	}
220 
221	g_free(quoted_iface)(__builtin_object_size ((quoted_iface), 0) != ((size_t) - 1))
 ? g_free_sized (quoted_iface, __builtin_object_size ((quoted_iface
), 0)) : (g_free) (quoted_iface);
222	g_free(quoted_filter)(__builtin_object_size ((quoted_filter), 0) != ((size_t) - 1)
) ? g_free_sized (quoted_filter, __builtin_object_size ((quoted_filter
), 0)) : (g_free) (quoted_filter);
223	g_free(cmdline)(__builtin_object_size ((cmdline), 0) != ((size_t) - 1)) ? g_free_sized
 (cmdline, __builtin_object_size ((cmdline), 0)) : (g_free) (
cmdline);
224	g_free(count_str)(__builtin_object_size ((count_str), 0) != ((size_t) - 1)) ? g_free_sized
 (count_str, __builtin_object_size ((count_str), 0)) : (g_free
) (count_str);
225 
226	return channel;
227}
228 
229static int ssh_open_remote_connection(const ssh_params_t* params, const char* iface, const char* cfilter,
230	const char* capture_command_select, const char* capture_command, const char* privilege,
231	bool_Bool noprom, const uint32_t count, const char* fifo)
232{
233	ssh_session sshs = NULL((void*)0);
234	ssh_channel channel = NULL((void*)0);
235	FILE* fp = stdoutstdout;
236	int ret = EXIT_FAILURE1;
237	char* err_info = NULL((void*)0);
238 
239	if (g_strcmp0(fifo, "-")) {
32
←
Assuming the condition is true→
33
←
Taking true branch→
240		/* Open or create the output file */
241		fp = fopen(fifo, "wb");
34
←
Stream opened here→
35
←
Assuming that 'fopen' is successful→
242		if (fp35.1
'fp' is not equal to NULL
 == NULL((void*)0)) {
36
←
Taking false branch→
243			ws_warning("Error creating output file: %s (%s)", fifo, g_strerror(errno))do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 243, __func__, "Error creating output file: %s (%s)", fifo,
 g_strerror((*__errno_location ()))); } } while (0);
244			return EXIT_FAILURE1;
245		}
246	}
247 
248	sshs = create_ssh_connection(params, &err_info);
249 
250	if (!sshs) {
37
←
Assuming 'sshs' is null→
38
←
Taking true branch→
251		ws_warning("Error creating connection.")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 251, __func__, "Error creating connection."); } } while (0);
39
←
Taking true branch→
40
←
Loop condition is false.  Exiting loop→
252		goto cleanup;
41
←
Control jumps to line 271→
253	}
254 
255	channel = run_ssh_command(sshs, capture_command_select, capture_command, privilege, noprom, iface, cfilter, count);
256 
257	if (!channel) {
258		ws_warning("Can't run ssh command.")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 258, __func__, "Can't run ssh command."); } } while (0);
259		goto cleanup;
260	}
261 
262	/* read from channel and write into fp */
263	if (ssh_loop_read(channel, fp) != EXIT_SUCCESS0) {
264		ws_warning("Error in read loop.")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 264, __func__, "Error in read loop."); } } while (0);
265		ret = EXIT_FAILURE1;
266		goto cleanup;
267	}
268 
269	ret = EXIT_SUCCESS0;
270cleanup:
271	if (err_info)
42
←
Assuming 'err_info' is null→
272		ws_warning("%s", err_info)do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 272, __func__, "%s", err_info); } } while (0);
273	g_free(err_info)(__builtin_object_size ((err_info), 0) != ((size_t) - 1)) ? g_free_sized
 (err_info, __builtin_object_size ((err_info), 0)) : (g_free)
 (err_info);
43
←
Taking false branch→
44
←
Assuming the condition is false→
45
←
'?' condition is false→
274 
275	/* clean up and exit */
276	ssh_cleanup(&sshs, &channel);
277 
278	if (g_strcmp0(fifo, "-"))
46
←
Assuming the condition is false→
47
←
Taking false branch→
279		fclose(fp);
280	return ret;
48
←
Opened stream never closed. Potential resource leak
281}
282 
283static char* interfaces_list_to_filter(GSList* interfaces, unsigned int remote_port)
284{
285	GString* filter = g_string_new(NULL((void*)0));
286	GSList* cur;
287 
288	// If no port is given, assume the default one. This might not be
289	// correct if the port is looked up from the ssh config file, but it is
290	// better than nothing.
291	if (remote_port == 0) {
292		remote_port = 22;
293	}
294 
295	if (!interfaces) {
296		g_string_append_printf(filter, "not port %u", remote_port);
297	} else {
298		g_string_append_printf(filter, "not ((host %s", (char*)interfaces->data);
299		cur = g_slist_next(interfaces)((interfaces) ? (((GSList *)(interfaces))->next) : ((void*
)0));
300		while (cur) {
301			g_string_append_printf(filter, " or host %s", (char*)cur->data);
302			cur = g_slist_next(cur)((cur) ? (((GSList *)(cur))->next) : ((void*)0));
303		}
304		g_string_append_printf(filter, ") and port %u)", remote_port);
305	}
306	return g_string_free(filter, FALSE)(__builtin_constant_p ((0)) ? (((0)) ? (g_string_free) ((filter
), ((0))) : g_string_free_and_steal (filter)) : (g_string_free
) ((filter), ((0))));
307}
308 
309static int list_config(char *interface, unsigned int remote_port)
310{
311	unsigned inc = 0;
312	char* ipfilter;
313 
314	if (!interface) {
315		ws_warning("ERROR: No interface specified.")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 315, __func__, "ERROR: No interface specified."); } } while
 (0);
316		return EXIT_FAILURE1;
317	}
318 
319	if (g_strcmp0(interface, sshdump_extcap_interface)) {
320		ws_warning("ERROR: interface must be %s", sshdump_extcap_interface)do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 320, __func__, "ERROR: interface must be %s", sshdump_extcap_interface
); } } while (0);
321		return EXIT_FAILURE1;
322	}
323 
324	ipfilter = local_interfaces_to_filter(remote_port);
325 
326	printf("arg {number=%u}{call=--remote-host}{display=Remote SSH server address}"
327		"{type=string}{tooltip=The remote SSH host. It can be both "
328		"an IP address or a hostname}{required=true}{group=Server}\n", inc++);
329	printf("arg {number=%u}{call=--remote-port}{display=Remote SSH server port}"
330		"{type=unsigned}{default=22}{tooltip=The remote SSH host port (1-65535)}"
331		"{range=1,65535}{group=Server}\n", inc++);
332	printf("arg {number=%u}{call=--remote-username}{display=Remote SSH server username}"
333		"{type=string}{tooltip=The remote SSH username. If not provided, "
334		"the current user will be used}{group=Authentication}\n", inc++);
335	printf("arg {number=%u}{call=--remote-password}{display=Remote SSH server password}"
336		"{type=password}{tooltip=The SSH password, used when other methods (SSH agent "
337		"or key files) are unavailable.}{group=Authentication}\n", inc++);
338	printf("arg {number=%u}{call=--sshkey}{display=Path to SSH private key}"
339		"{type=fileselect}{tooltip=The path on the local filesystem of the private SSH key (OpenSSH format)}"
340		"{mustexist=true}{group=Authentication}\n", inc++);
341	printf("arg {number=%u}{call=--sshkey-passphrase}{display=SSH key passphrase}"
342		"{type=password}{tooltip=Passphrase to unlock the SSH private key}{group=Authentication}\n",
343		inc++);
344	printf("arg {number=%u}{call=--proxycommand}{display=ProxyCommand}"
345		"{type=string}{tooltip=The command to use as proxy for the SSH connection}"
346		"{group=Authentication}\n", inc++);
347	printf("arg {number=%u}{call=--ssh-sha1}{display=Support SHA-1 keys (deprecated)}"
348		"{type=boolflag}{tooltip=Support keys and key exchange algorithms using SHA-1 (deprecated)}{group=Authentication}"
349		"\n", inc++);
350	printf("arg {number=%u}{call=--remote-interface}{display=Remote interface}"
351		"{type=string}{tooltip=The remote network interface used for capture"
352		"}{group=Capture}\n", inc++);
353	printf("arg {number=%u}{call=--remote-capture-command-select}{display=Remote capture command selection}"
354		"{type=radio}{tooltip=The remote capture command to build a command line for}{group=Capture}\n", inc);
355	printf("value {arg=%u}{value=dumpcap}{display=dumpcap}\n", inc);
356	printf("value {arg=%u}{value=tcpdump}{display=tcpdump}{default=true}\n", inc);
357	printf("value {arg=%u}{value=other}{display=Other:}\n", inc++);
358	printf("arg {number=%u}{call=--remote-capture-command}{display=Remote capture command}"
359		"{type=string}{tooltip=The remote command used to capture}{group=Capture}\n", inc++);
360	// Deprecated
361	//printf("arg {number=%u}{call=--remote-sudo}{display=Use sudo on the remote machine}"
362	// 	"{type=boolflag}{tooltip=Prepend the capture command with sudo on the remote machine}"
363	// 	"{group=Capture}\n", inc++);
364	printf("arg {number=%u}{call=--remote-priv}{display=Gain capture privilege on the remote machine}"
365		"{type=radio}{tooltip=Optionally prepend the capture command with sudo or doas on the remote machine}"
366		"{group=Capture}\n", inc);
367	printf("value {arg=%u}{value=none}{display=none}{default=true}\n", inc);
368	printf("value {arg=%u}{value=sudo}{display=sudo}\n", inc);
369	printf("value {arg=%u}{value=doas -n}{display=doas}\n", inc++);
370	printf("arg {number=%u}{call=--remote-priv-user}{display=Privileged user name for sudo or doas}"
371		"{type=string}{tooltip=User name of privileged user to execute the capture command on the remote machine}"
372		"{group=Capture}\n", inc++);
373	printf("arg {number=%u}{call=--remote-noprom}{display=No promiscuous mode}"
374		"{type=boolflag}{tooltip=Don't use promiscuous mode on the remote machine}{group=Capture}"
375		"\n", inc++);
376	printf("arg {number=%u}{call=--remote-filter}{display=Remote capture filter}{type=string}"
377		"{tooltip=The remote capture filter}", inc++);
378	if (ipfilter)
379		printf("{default=%s}", ipfilter);
380	printf("{group=Capture}\n");
381	printf("arg {number=%u}{call=--remote-count}{display=Packets to capture}"
382		"{type=unsigned}{default=0}{tooltip=The number of remote packets to capture. (Default: inf)}"
383		"{group=Capture}\n", inc++);
384 
385	extcap_config_debug(&inc);
386 
387	g_free(ipfilter)(__builtin_object_size ((ipfilter), 0) != ((size_t) - 1)) ? g_free_sized
 (ipfilter, __builtin_object_size ((ipfilter), 0)) : (g_free)
 (ipfilter);
388 
389	return EXIT_SUCCESS0;
390}
391 
392static char* concat_filters(const char* extcap_filter, const char* remote_filter)
393{
394	if (!extcap_filter && remote_filter)
395		return g_strdup(remote_filter)g_strdup_inline (remote_filter);
396 
397	if (!remote_filter && extcap_filter)
398		return g_strdup(extcap_filter)g_strdup_inline (extcap_filter);
399 
400	if (!remote_filter && !extcap_filter)
401		return NULL((void*)0);
402 
403	return ws_strdup_printf("(%s) and (%s)", extcap_filter, remote_filter)wmem_strdup_printf(((void*)0), "(%s) and (%s)", extcap_filter
, remote_filter);
404}
405 
406int main(int argc, char *argv[])
407{
408	char* err_msg;
409	int result;
410	int option_idx = 0;
411	ssh_params_t* ssh_params = ssh_params_new();
412	char* remote_interface = NULL((void*)0);
413	char* remote_capture_command_select = NULL((void*)0);
414	char* remote_capture_command = NULL((void*)0);
415	char* remote_filter = NULL((void*)0);
416	uint32_t count = 0;
417	int ret = EXIT_FAILURE1;
418	extcap_parameters* extcap_conf = g_new0(extcap_parameters, 1)((extcap_parameters *) g_malloc0_n ((1), sizeof (extcap_parameters
)));
419	char* help_url;
420	char* help_header = NULL((void*)0);
421	char* priv = NULL((void*)0);
422	char* priv_user = NULL((void*)0);
423	bool_Bool noprom = false0;
424	char* interface_description = g_strdup("SSH remote capture")g_strdup_inline ("SSH remote capture");
425 
426	/* Set the program name. */
427	g_set_prgname("sshdump");
428 
429	/* Initialize log handler early so we can have proper logging during startup. */
430	extcap_log_init();
431 
432	sshdump_extcap_interface = g_path_get_basename(argv[0]);
433	if (g_str_has_suffix(sshdump_extcap_interface, ".exe")(__builtin_constant_p (".exe")? __extension__ ({ const char *
 const __str = (sshdump_extcap_interface); const char * const
 __suffix = (".exe"); gboolean __result = (0); if (__str == (
(void*)0) || __suffix == ((void*)0)) __result = (g_str_has_suffix
) (__str, __suffix); else { const size_t __str_len = strlen (
((__str) + !(__str))); const size_t __suffix_len = strlen (((
__suffix) + !(__suffix))); if (__str_len >= __suffix_len) __result
 = memcmp (__str + __str_len - __suffix_len, ((__suffix) + !(
__suffix)), __suffix_len) == 0; } __result; }) : (g_str_has_suffix
) (sshdump_extcap_interface, ".exe") )) {
1
'?' condition is true→
2
←
Assuming '__str' is not equal to null→
3
←
Taking false branch→
4
←
Assuming '__str_len' is < '__suffix_len'→
5
←
Taking false branch→
6
←
Taking false branch→
434		sshdump_extcap_interface[strlen(sshdump_extcap_interface) - 4] = '\0';
435	}
436 
437	/*
438	 * Get credential information for later use.
439	 */
440	init_process_policies();
441 
442	/*
443	 * Attempt to get the pathname of the directory containing the
444	 * executable file.
445	 */
446	err_msg = configuration_init(argv[0], "wireshark");
447	if (err_msg != NULL((void*)0)) {
7
←
Assuming 'err_msg' is equal to NULL→
8
←
Taking false branch→
448		ws_warning("Can't get pathname of directory containing the extcap program: %s.",do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 449, __func__, "Can't get pathname of directory containing the extcap program: %s."
, err_msg); } } while (0)
449			err_msg)do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 449, __func__, "Can't get pathname of directory containing the extcap program: %s."
, err_msg); } } while (0);
450		g_free(err_msg)(__builtin_object_size ((err_msg), 0) != ((size_t) - 1)) ? g_free_sized
 (err_msg, __builtin_object_size ((err_msg), 0)) : (g_free) (
err_msg);
451	}
452 
453	help_url = data_file_url("sshdump.html", application_configuration_environment_prefix());
454	extcap_base_set_util_info(extcap_conf, argv[0], SSHDUMP_VERSION_MAJOR"1", SSHDUMP_VERSION_MINOR"2",
455		SSHDUMP_VERSION_RELEASE"0", help_url);
456	g_free(help_url)(__builtin_object_size ((help_url), 0) != ((size_t) - 1)) ? g_free_sized
 (help_url, __builtin_object_size ((help_url), 0)) : (g_free)
 (help_url);
9
←
Assuming the condition is false→
10
←
'?' condition is false→
457	add_libssh_info(extcap_conf);
458	if (g_strcmp0(sshdump_extcap_interface, DEFAULT_SSHDUMP_EXTCAP_INTERFACE"sshdump")) {
11
←
Assuming the condition is false→
12
←
Taking false branch→
459		char* temp = interface_description;
460		interface_description = ws_strdup_printf("%s, custom version", interface_description)wmem_strdup_printf(((void*)0), "%s, custom version", interface_description
);
461		g_free(temp)(__builtin_object_size ((temp), 0) != ((size_t) - 1)) ? g_free_sized
 (temp, __builtin_object_size ((temp), 0)) : (g_free) (temp);
462	}
463	extcap_base_register_interface(extcap_conf, sshdump_extcap_interface, interface_description, 147, "Remote capture dependent DLT");
464	g_free(interface_description)(__builtin_object_size ((interface_description), 0) != ((size_t
) - 1)) ? g_free_sized (interface_description, __builtin_object_size
 ((interface_description), 0)) : (g_free) (interface_description
);
13
←
Assuming the condition is false→
14
←
'?' condition is false→
465 
466	help_header = ws_strdup_printf(wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
)
467		" %s --extcap-interfaces\n"wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
)
468		" %s --extcap-interface=%s --extcap-dlts\n"wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
)
469		" %s --extcap-interface=%s --extcap-config\n"wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
)
470		" %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
)
471		"--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
)
472		"--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface, argv[0],wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
)
473		sshdump_extcap_interface, argv[0], sshdump_extcap_interface)wmem_strdup_printf(((void*)0), " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n"
 " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 "
 "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' "
 "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface
, argv[0], sshdump_extcap_interface, argv[0], sshdump_extcap_interface
);
474	extcap_help_add_header(extcap_conf, help_header);
475	g_free(help_header)(__builtin_object_size ((help_header), 0) != ((size_t) - 1)) ?
 g_free_sized (help_header, __builtin_object_size ((help_header
), 0)) : (g_free) (help_header);
15
←
Assuming the condition is false→
16
←
'?' condition is false→
476	extcap_help_add_option(extcap_conf, "--help", "print this help");
477	extcap_help_add_option(extcap_conf, "--version", "print the version");
478	extcap_help_add_option(extcap_conf, "--remote-host <host>", "the remote SSH host");
479	extcap_help_add_option(extcap_conf, "--remote-port <port>", "the remote SSH port");
480	extcap_help_add_option(extcap_conf, "--remote-username <username>", "the remote SSH username");
481	extcap_help_add_option(extcap_conf, "--remote-password <password>", "the remote SSH password. If not specified, ssh-agent and ssh-key are used");
482	extcap_help_add_option(extcap_conf, "--sshkey <private key path>", "the path of the SSH key (OpenSSH format)");
483	extcap_help_add_option(extcap_conf, "--sshkey-passphrase <private key passphrase>", "the passphrase to unlock private SSH key");
484	extcap_help_add_option(extcap_conf, "--proxycommand <proxy command>", "the command to use as proxy for the SSH connection");
485	extcap_help_add_option(extcap_conf, "--ssh-sha1", "support keys and key exchange using SHA-1 (deprecated)");
486	extcap_help_add_option(extcap_conf, "--remote-interface <iface>", "the remote capture interface");
487	extcap_help_add_option(extcap_conf, "--remote-capture-command-select <selection>", "dumpcap, tcpdump or other remote capture command");
488	extcap_help_add_option(extcap_conf, "--remote-capture-command <capture command>", "the remote capture command");
489	//extcap_help_add_option(extcap_conf, "--remote-sudo", "use sudo on the remote machine to capture");	// Deprecated
490	extcap_help_add_option(extcap_conf, "--remote-priv <selection>", "none, sudo or doas");
491	extcap_help_add_option(extcap_conf, "--remote-priv-user <username>", "privileged user name");
492	extcap_help_add_option(extcap_conf, "--remote-noprom", "don't use promiscuous mode on the remote machine");
493	extcap_help_add_option(extcap_conf, "--remote-filter <filter>", "a filter for remote capture (default: don't listen on local interfaces IPs)");
494	extcap_help_add_option(extcap_conf, "--remote-count <count>", "the number of packets to capture");
495 
496	ws_opterr = 0;
497	ws_optind = 0;
498 
499	if (argc == 1) {
17
←
Assuming 'argc' is not equal to 1→
18
←
Taking false branch→
500		extcap_help_print(extcap_conf);
501		goto end;
502	}
503 
504	while ((result = ws_getopt_long(argc, argv, ":", longopts, &option_idx)) != -1) {
19
←
Assuming the condition is false→
20
←
Loop condition is false. Execution continues on line 621→
505 
506		switch (result) {
507 
508		case OPT_HELP:
509			extcap_help_print(extcap_conf);
510			ret = EXIT_SUCCESS0;
511			goto end;
512 
513		case OPT_VERSION:
514			extcap_version_print(extcap_conf);
515			ret = EXIT_SUCCESS0;
516			goto end;
517 
518		case OPT_REMOTE_HOST:
519			g_free(ssh_params->host)(__builtin_object_size ((ssh_params->host), 0) != ((size_t
) - 1)) ? g_free_sized (ssh_params->host, __builtin_object_size
 ((ssh_params->host), 0)) : (g_free) (ssh_params->host);
520			ssh_params->host = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
521			break;
522 
523		case OPT_REMOTE_PORT:
524			if (!ws_strtou16(ws_optarg, NULL((void*)0), &ssh_params->port) || ssh_params->port == 0) {
525				ws_warning("Invalid port: %s", ws_optarg)do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 525, __func__, "Invalid port: %s", ws_optarg); } } while (0
);
526				goto end;
527			}
528			break;
529 
530		case OPT_REMOTE_USERNAME:
531			g_free(ssh_params->username)(__builtin_object_size ((ssh_params->username), 0) != ((size_t
) - 1)) ? g_free_sized (ssh_params->username, __builtin_object_size
 ((ssh_params->username), 0)) : (g_free) (ssh_params->username
);
532			ssh_params->username = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
533			break;
534 
535		case OPT_REMOTE_PASSWORD:
536			g_free(ssh_params->password)(__builtin_object_size ((ssh_params->password), 0) != ((size_t
) - 1)) ? g_free_sized (ssh_params->password, __builtin_object_size
 ((ssh_params->password), 0)) : (g_free) (ssh_params->password
);
537			ssh_params->password = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
538			memset(ws_optarg, 'X', strlen(ws_optarg));
539			break;
540 
541		case OPT_SSHKEY:
542			g_free(ssh_params->sshkey_path)(__builtin_object_size ((ssh_params->sshkey_path), 0) != (
(size_t) - 1)) ? g_free_sized (ssh_params->sshkey_path, __builtin_object_size
 ((ssh_params->sshkey_path), 0)) : (g_free) (ssh_params->
sshkey_path);
543			ssh_params->sshkey_path = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
544			break;
545 
546		case OPT_SSHKEY_PASSPHRASE:
547			g_free(ssh_params->sshkey_passphrase)(__builtin_object_size ((ssh_params->sshkey_passphrase), 0
) != ((size_t) - 1)) ? g_free_sized (ssh_params->sshkey_passphrase
, __builtin_object_size ((ssh_params->sshkey_passphrase), 0
)) : (g_free) (ssh_params->sshkey_passphrase);
548			ssh_params->sshkey_passphrase = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
549			memset(ws_optarg, 'X', strlen(ws_optarg));
550			break;
551 
552		case OPT_PROXYCOMMAND:
553			g_free(ssh_params->proxycommand)(__builtin_object_size ((ssh_params->proxycommand), 0) != (
(size_t) - 1)) ? g_free_sized (ssh_params->proxycommand, __builtin_object_size
 ((ssh_params->proxycommand), 0)) : (g_free) (ssh_params->
proxycommand);
554			ssh_params->proxycommand = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
555			break;
556 
557		case OPT_SSH_SHA1:
558			ssh_params->ssh_sha1 = true1;
559			break;
560 
561		case OPT_REMOTE_INTERFACE:
562			g_free(remote_interface)(__builtin_object_size ((remote_interface), 0) != ((size_t) -
 1)) ? g_free_sized (remote_interface, __builtin_object_size (
(remote_interface), 0)) : (g_free) (remote_interface);
563			remote_interface = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
564			break;
565 
566		case OPT_REMOTE_CAPTURE_COMMAND_SELECT:
567			g_free(remote_capture_command_select)(__builtin_object_size ((remote_capture_command_select), 0) !=
 ((size_t) - 1)) ? g_free_sized (remote_capture_command_select
, __builtin_object_size ((remote_capture_command_select), 0))
 : (g_free) (remote_capture_command_select);
568			remote_capture_command_select = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
569			break;
570 
571		case OPT_REMOTE_CAPTURE_COMMAND:
572			g_free(remote_capture_command)(__builtin_object_size ((remote_capture_command), 0) != ((size_t
) - 1)) ? g_free_sized (remote_capture_command, __builtin_object_size
 ((remote_capture_command), 0)) : (g_free) (remote_capture_command
);
573			remote_capture_command = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
574			break;
575 
576		case OPT_REMOTE_SUDO:
577			// Deprecated
578			g_free(priv)(__builtin_object_size ((priv), 0) != ((size_t) - 1)) ? g_free_sized
 (priv, __builtin_object_size ((priv), 0)) : (g_free) (priv);
579			priv = g_strdup("sudo")g_strdup_inline ("sudo");
580			break;
581 
582		case OPT_REMOTE_PRIV:
583			g_free(priv)(__builtin_object_size ((priv), 0) != ((size_t) - 1)) ? g_free_sized
 (priv, __builtin_object_size ((priv), 0)) : (g_free) (priv);
584			priv = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
585			break;
586 
587		case OPT_REMOTE_PRIV_USER:
588			g_free(priv_user)(__builtin_object_size ((priv_user), 0) != ((size_t) - 1)) ? g_free_sized
 (priv_user, __builtin_object_size ((priv_user), 0)) : (g_free
) (priv_user);
589			priv_user = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
590			break;
591 
592		case OPT_REMOTE_FILTER:
593			g_free(remote_filter)(__builtin_object_size ((remote_filter), 0) != ((size_t) - 1)
) ? g_free_sized (remote_filter, __builtin_object_size ((remote_filter
), 0)) : (g_free) (remote_filter);
594			remote_filter = g_strdup(ws_optarg)g_strdup_inline (ws_optarg);
595			break;
596 
597		case OPT_REMOTE_COUNT:
598			if (!ws_strtou32(ws_optarg, NULL((void*)0), &count)) {
599				ws_warning("Invalid value for count: %s", ws_optarg)do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 599, __func__, "Invalid value for count: %s", ws_optarg); }
 } while (0);
600				goto end;
601			}
602			break;
603 
604		case OPT_REMOTE_NOPROM:
605			noprom = true1;
606			break;
607 
608		case ':':
609			/* missing option argument */
610			ws_warning("Option '%s' requires an argument", argv[ws_optind - 1])do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 610, __func__, "Option '%s' requires an argument", argv[ws_optind
 - 1]); } } while (0);
611			break;
612 
613		default:
614			if (!extcap_base_parse_options(extcap_conf, result - EXTCAP_OPT_LIST_INTERFACES, ws_optarg)) {
615				ws_warning("Invalid option: %s", argv[ws_optind - 1])do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 615, __func__, "Invalid option: %s", argv[ws_optind - 1]); }
 } while (0);
616				goto end;
617			}
618		}
619	}
620 
621	extcap_cmdline_debug(argv, argc);
622 
623	if (extcap_base_handle_interface(extcap_conf)) {
21
←
Assuming the condition is false→
22
←
Taking false branch→
624		ret = EXIT_SUCCESS0;
625		goto end;
626	}
627 
628	if (extcap_conf->show_config) {
23
←
Assuming field 'show_config' is 0→
24
←
Taking false branch→
629		ret = list_config(extcap_conf->interface, ssh_params->port);
630		goto end;
631	}
632 
633	err_msg = ws_init_sockets();
634	if (err_msg != NULL((void*)0)) {
25
←
Assuming 'err_msg' is equal to NULL→
26
←
Taking false branch→
635		ws_warning("ERROR: %s", err_msg)do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 635, __func__, "ERROR: %s", err_msg); } } while (0);
636		g_free(err_msg)(__builtin_object_size ((err_msg), 0) != ((size_t) - 1)) ? g_free_sized
 (err_msg, __builtin_object_size ((err_msg), 0)) : (g_free) (
err_msg);
637		ws_warning("%s", please_report_bug())do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 637, __func__, "%s", please_report_bug()); } } while (0);
638		goto end;
639	}
640 
641	if (extcap_conf->capture) {
27
←
Assuming field 'capture' is not equal to 0→
28
←
Taking true branch→
642		char* filter;
643		char* privilege;
644 
645		if (!ssh_params->host) {
29
←
Assuming field 'host' is non-null→
646			ws_warning("Missing parameter: --remote-host")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_WARNING, "extcap/sshdump.c"
, 646, __func__, "Missing parameter: --remote-host"); } } while
 (0);
647			goto end;
648		}
649 
650		if ((priv29.1
'priv' is null
) && g_strcmp0(priv, "none") && strlen(g_strstrip(priv)g_strchomp (g_strchug (priv)))) {
651			if ((priv_user) && strlen(g_strstrip(priv_user)g_strchomp (g_strchug (priv_user))))
652				/* Both sudo and doas use the same command line option */
653				privilege = g_strconcat(priv, " -u ", priv_user, NULL((void*)0));
654			else
655				privilege = g_strdup(priv)g_strdup_inline (priv);
656		} else {
657			privilege = g_strdup("")g_strdup_inline ("");
658		}
659 
660		// This may result in the use of a different port number than was given in
661		// the default filter string, as presented in the config dialog. The default
662		// given is always using the default SSH port since there's no remote SSH port
663		// given on the command line to get the extcap arguments.
664		// However the remote SSH port used here is the one given on the command line
665		// when the capture us started, which is the intended one.
666		// And this is only happening when no remote filter is specified on the command
667		// line to start the capture.
668		if (remote_filter29.2
'remote_filter' is equal to NULL
 == NULL((void*)0))
30
←
Taking true branch→
669			remote_filter = local_interfaces_to_filter(ssh_params->port);
670		filter = concat_filters(extcap_conf->capture_filter, remote_filter);
671		ssh_params_set_log_level(ssh_params, extcap_conf->debug);
672		ret = ssh_open_remote_connection(ssh_params, remote_interface,
31
←
Calling 'ssh_open_remote_connection'→
673			filter, remote_capture_command_select, remote_capture_command,
674			privilege, noprom, count, extcap_conf->fifo);
675		g_free(filter)(__builtin_object_size ((filter), 0) != ((size_t) - 1)) ? g_free_sized
 (filter, __builtin_object_size ((filter), 0)) : (g_free) (filter
);
676		g_free(privilege)(__builtin_object_size ((privilege), 0) != ((size_t) - 1)) ? g_free_sized
 (privilege, __builtin_object_size ((privilege), 0)) : (g_free
) (privilege);
677	} else {
678		ws_debug("You should not come here... maybe some parameter missing?")do { if (1) { ws_log_full("sshdump", LOG_LEVEL_DEBUG, "extcap/sshdump.c"
, 678, __func__, "You should not come here... maybe some parameter missing?"
); } } while (0);
679		ret = EXIT_FAILURE1;
680	}
681 
682end:
683	/* clean up stuff */
684	ssh_params_free(ssh_params);
685	g_free(remote_capture_command_select)(__builtin_object_size ((remote_capture_command_select), 0) !=
 ((size_t) - 1)) ? g_free_sized (remote_capture_command_select
, __builtin_object_size ((remote_capture_command_select), 0))
 : (g_free) (remote_capture_command_select);
686	g_free(remote_capture_command)(__builtin_object_size ((remote_capture_command), 0) != ((size_t
) - 1)) ? g_free_sized (remote_capture_command, __builtin_object_size
 ((remote_capture_command), 0)) : (g_free) (remote_capture_command
);
687	g_free(remote_interface)(__builtin_object_size ((remote_interface), 0) != ((size_t) -
 1)) ? g_free_sized (remote_interface, __builtin_object_size (
(remote_interface), 0)) : (g_free) (remote_interface);
688	g_free(remote_filter)(__builtin_object_size ((remote_filter), 0) != ((size_t) - 1)
) ? g_free_sized (remote_filter, __builtin_object_size ((remote_filter
), 0)) : (g_free) (remote_filter);
689	g_free(priv)(__builtin_object_size ((priv), 0) != ((size_t) - 1)) ? g_free_sized
 (priv, __builtin_object_size ((priv), 0)) : (g_free) (priv);
690	g_free(priv_user)(__builtin_object_size ((priv_user), 0) != ((size_t) - 1)) ? g_free_sized
 (priv_user, __builtin_object_size ((priv_user), 0)) : (g_free
) (priv_user);
691	extcap_base_cleanup(&extcap_conf);
692	return ret;
693}
694 
695/*
696 * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
697 *
698 * Local variables:
699 * c-basic-offset: 8
700 * tab-width: 8
701 * indent-tabs-mode: t
702 * End:
703 *
704 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
705 * :indentSize=8:tabSize=8:noTabs=false:
706 */