]> The Tcpdump Group git mirrors - libpcap/commitdiff
projects / libpcap / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f45b92c)
dag-pcap was not correctly handling ERF records with extension headers.
authorsfd <[email protected]>
Mon, 25 Aug 2014 22:55:56 +0000 (10:55 +1200)
committersfd <[email protected]>
Mon, 25 Aug 2014 22:55:56 +0000 (10:55 +1200)
It was subtracting the extension header count from caplen after reducing it to packet_len, resulting in truncated records.

pcap-dag.c patch | blob | history

diff --git a/pcap-dag.c b/pcap-dag.c
index d41acfd8649c856690fe7973bbd8be6c46a9ba55..c1d5b8f176dabc81e3fab125a26210d44ee3cbc6 100644 (file)
--- a/pcap-dag.c
+++ b/pcap-dag.c
@@ -435,6 +435,9 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
                                        caplen = rlen - dag_record_size - 4;
                                        dp+=4;
                                }
                                        caplen = rlen - dag_record_size - 4;
                                        dp+=4;
                                }
+                               /* Skip over extension headers */
+                               caplen -= (8 * num_ext_hdr);
+
                                if (header->type == TYPE_ATM) {
                                        caplen = packet_len = ATM_CELL_SIZE;
                                }
                                if (header->type == TYPE_ATM) {
                                        caplen = packet_len = ATM_CELL_SIZE;
                                }
@@ -466,6 +469,8 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
                                packet_len = ntohs(header->wlen);
                                packet_len -= (pd->dag_fcs_bits >> 3);
                                caplen = rlen - dag_record_size - 2;
                                packet_len = ntohs(header->wlen);
                                packet_len -= (pd->dag_fcs_bits >> 3);
                                caplen = rlen - dag_record_size - 2;
+                               /* Skip over extension headers */
+                               caplen -= (8 * num_ext_hdr);
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
@@ -479,6 +484,8 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
                                packet_len = ntohs(header->wlen);
                                packet_len -= (pd->dag_fcs_bits >> 3);
                                caplen = rlen - dag_record_size;
                                packet_len = ntohs(header->wlen);
                                packet_len -= (pd->dag_fcs_bits >> 3);
                                caplen = rlen - dag_record_size;
+                               /* Skip over extension headers */
+                               caplen -= (8 * num_ext_hdr);
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
@@ -489,6 +496,8 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
                                packet_len = ntohs(header->wlen);
                                packet_len -= (pd->dag_fcs_bits >> 3);
                                caplen = rlen - dag_record_size - 4;
                                packet_len = ntohs(header->wlen);
                                packet_len -= (pd->dag_fcs_bits >> 3);
                                caplen = rlen - dag_record_size - 4;
+                               /* Skip over extension headers */
+                               caplen -= (8 * num_ext_hdr);
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
@@ -514,6 +523,8 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
                        case TYPE_IPV6:
                                packet_len = ntohs(header->wlen);
                                caplen = rlen - dag_record_size;
                        case TYPE_IPV6:
                                packet_len = ntohs(header->wlen);
                                caplen = rlen - dag_record_size;
+                               /* Skip over extension headers */
+                               caplen -= (8 * num_ext_hdr);
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
                                if (caplen > packet_len) {
                                        caplen = packet_len;
                                }
@@ -534,9 +545,6 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
                                continue;
                        } /* switch type */
 
                                continue;
                        } /* switch type */
 
-                       /* Skip over extension headers */
-                       caplen -= (8 * num_ext_hdr);
-
                } /* ERF encapsulation */
                
                if (caplen > p->snapshot)
                } /* ERF encapsulation */
                
                if (caplen > p->snapshot)
[mirror] the LIBpcap interface to various kernel packet capture mechanism