tcpdump mailing list archives
Re: setfilter causes core on Solaris
From: Guy Harris <guy () alum mit edu>
Date: Wed, 5 Dec 2007 15:44:58 -0800
On Dec 5, 2007, at 5:18 AM, Andy Howell wrote:
I'm using pcap_dispatch to call my callback. Inside the callback, I may set a new filter. This results in a core dump in bpf_filter.c, line 239. Its calling abort because of a bad filter code. This will only happen with a live capture.The bug is actually in pcap-dlpi.c. It keeps a pointer to the filter code. Unfortunately the pointer never gets reset as long as there are packets to read. Adding:fcode = p->fcode.bf_insns;after the callback returns takes care of the issue. I've attached a patch and posted it as 1844245.
The same problem exists in some other pcap-XXX.c files. I fixed it by getting rid of the fcode variable, and just passing the fcode.bf_insns member of the structure.
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- setfilter causes core on Solaris Andy Howell (Dec 05)
- Re: setfilter causes core on Solaris Guy Harris (Dec 05)
- Re: setfilter causes core on Solaris Andy Howell (Dec 05)
- Re: setfilter causes core on Solaris Guy Harris (Dec 05)