sniff(offline=...) call blocks when output is large #1929
Description
Brief description
When using sniff() with offline set to a packet list, and the expected output is fairly large, then the call blocks.
This seems to be related to how scapy.utils.tcpdump() writes the entire pcap to tcpdump's stdin synchronously, and then reads the entire output from stdout.
Environment
- Scapy version:
2.4.2 - Python version:
3.7.2 - Operating System:
Linux (Debian buster)
How to reproduce
When the size of the returned packet is small, there is no problem:
>>> sniff(offline=IP()/UDP(sport=(10000, 20000), dport=30000), filter='port 10500')
reading from file -, link-type IPV4 (Raw IPv4)
<Sniffed: TCP:0 UDP:1 ICMP:0 Other:0>
>>>
But with the same input, when the output is expected to be fairly large the function call never returns:
>>> sniff(offline=IP()/UDP(sport=(10000, 20000), dport=30000), filter='udp')
reading from file -, link-type IPV4 (Raw IPv4)
$ ps xa | grep tcpdump
24212 pts/2 S+ 0:00 tcpdump -r - -w - udp
(gdb) bt
#0 0x00007f44e3701804 in __GI___libc_write (fd=1, buf=0x55962e536de0, nbytes=4096) at ../sysdeps/unix/sysv/linux/write.c:26
#1 0x00007f44e369262d in _IO_new_file_write (f=0x7f44e37d3760 <_IO_2_1_stdout_>, data=0x55962e536de0, n=4096) at fileops.c:1183
#2 0x00007f44e36919cf in new_do_write (fp=0x7f44e37d3760 <_IO_2_1_stdout_>, data=0x55962e536de0 "", to_do=to_do@entry=4096) at libioP.h:839