Duplicate/similar struct definitions between src/decoder.h and src/dynamic_plugins/sf_engine/sf_snort_packet.h?

[<Joshua.Kinard () us-cert gov>]

Hi snort-devel,

Looking through src/decoder.h at the typedef/struct for 'Packet', a
comment says that if any changes were made, to update the similar
definition in sf_snort_packet.h.  Opening that file up, pretty much, all
the same data structures from decoder.h are duplicated, just with minor
variations (like u_int32_t versus uint32_t).

My question is why?

Wouldn't it be better to have a single, common definition in a central
header file for all the various protocol headers (IPv4, IPv6, TCP, UDP,
MPLS, etc), rather than re-defining multiple variants?  Aside from the
changes in the data types (which I am sure are just typedefs of each
other) and the names, everything looks the exact same.

Example:

src/decoder.h:
    typedef struct _UDPHdr
    {
        uint16_t uh_sport;
        uint16_t uh_dport;
        uint16_t uh_len;
        uint16_t uh_chk;
    }       UDPHdr;

src/dynamic_plugins/sf_engine/sf_snort_packet.h:
    typedef struct _UDPHeader
    {
        u_int16_t source_port;
        u_int16_t destination_port;
        u_int16_t data_length;
        u_int16_t checksum;
    } UDPHeader;

Seems wasteful, but maybe there is some kind of legacy issue that is
undocumented?

--J

------------------------------------------------------------------------------
Get a FREE DOWNLOAD! and learn more about uberSVN rich system, 
user administration capabilities and model configuration. Take 
the hassle out of deploying and managing Subversion and the 
tools developers use with it. 
http://p.sf.net/sfu/wandisco-dev2dev
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel