Re: (another) bug in the BPF compiler (wireless)

["Bruce Keats" <brucekeats () gmail com>]

I found a bug awhile ago related to SRC MAC for wireless networks.
The code is missing the assigment to struct slist *s, so this might be
your bug.

I have attached the diff you can try it out.

Bruce

On Nov 26, 2007 1:51 PM, Gianluca Varenni <gianluca.varenni () cacetech com> wrote:
> ----- Original Message -----
> From: "Arien Vijn" <arien.vijn () ams-ix net>
> To: <tcpdump-workers () lists tcpdump org>
> Cc: "Arien Vijn" <arien.vijn () ams-ix net>
> Sent: Monday, November 26, 2007 10:13 AM
> Subject: Re: [tcpdump-workers] (another) bug in the BPF compiler (wireless)
>
>
> > Hi,
> >
> > On 26 Nov 2007, at 19:05, Gianluca Varenni wrote:
> >
> > > I don't know what the status of the libpcap 1.0/tcpdump 4.0 release  is,
> > > but I'd like to hold on the release for a day or so.
> > >
> > > I've just found (another) bug in the BPF compiler for wireless link
> > > types. A simple filter like "link src host 11:22:33:44:55:66" seems  to
> > > discard all the packets.
> >
> > Although I do not know much about wireless but in ethernet this would  be
> > source multicast, which is prohibited.
>
> That was just a dummy address I wrote (i could have written
> xx:xx:xx:xx:xx:xx).
>
> The problem is related to the fact that the BPF code is picking the wrong
> address: when ToDS=0, fromDS=1 and it's a data frame, link src host picks
> the BSSID instead of the Source address.
>
> GV
>
>
>
> > Kind regards, Arien
> >
> > -
> > This is the tcpdump-workers list.
> > Visit https://cod.sandelman.ca/ to unsubscribe.
>
> -
> This is the tcpdump-workers list.
> Visit https://cod.sandelman.ca/ to unsubscribe.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.