...
 
Commits (2)
libpcap (1.1.1-2+squeeze1) stable; urgency=low
* Backport changes from upstream to fix corruption of snapshot length on
live captures (CVE-2011-1935) (closes: #623868).
* Backport fix from upstream to fix device detection when the bonding
module is loaded (closes: #612803).
-- Romain Francoise <rfrancoise@debian.org> Sun, 10 Jul 2011 19:26:04 +0200
libpcap (1.1.1-2) unstable; urgency=low
* debian/patches/50_kfreebsd.diff: Fix configure script to properly
......
commit 073a8b37f97b684a34d29800400879e4e902ff63
Author: andy-1 <andy-1@sourceforge.net>
Date: Tue Apr 27 23:33:23 2010 -0700
Ignore /sys/net/dev files if we get ENODEV for them, not just ENXIO.
Both of them are indications that there's no such interface, so the file
probably corresponds to something other than a device.
Reviewed-By: Guy Harris <guy@alum.mit.edu>
diff --git a/pcap-linux.c b/pcap-linux.c
index af12543..de3239a 100644
--- a/pcap-linux.c
+++ b/pcap-linux.c
@@ -1883,7 +1883,7 @@ scan_sys_class_net(pcap_if_t **devlistp, char *errbuf)
*/
strncpy(ifrflags.ifr_name, name, sizeof(ifrflags.ifr_name));
if (ioctl(fd, SIOCGIFFLAGS, (char *)&ifrflags) < 0) {
- if (errno == ENXIO)
+ if (errno == ENXIO || errno == ENODEV)
continue;
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"SIOCGIFFLAGS: %.*s: %s",
From cc4298babe767e394dc673c87ef3dbabe3fdb7c9 Mon Sep 17 00:00:00 2001
From: Julien Moutinho <julm@savines.alpes.fr.eu.org>
Date: Tue, 22 Mar 2011 23:53:15 -0700
Subject: [PATCH] Fix the calculation of the frame size in memory-mapped
captures.
The old calculation truncated packets to a smaller value than the
snapshot length.
---
pcap-linux.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 58 insertions(+), 3 deletions(-)
--- a/pcap-linux.c
+++ b/pcap-linux.c
@@ -3057,15 +3057,70 @@
{
unsigned i, j, frames_per_block;
struct tpacket_req req;
+ socklen_t len;
+ unsigned int sk_type, tp_reserve, maclen, tp_hdrlen, netoff, macoff;
/* Note that with large snapshot (say 64K) only a few frames
* will be available in the ring even with pretty large ring size
* (and a lot of memory will be unused).
* The snap len should be carefully chosen to achive best
* performance */
- req.tp_frame_size = TPACKET_ALIGN(handle->snapshot +
- TPACKET_ALIGN(handle->md.tp_hdrlen) +
- sizeof(struct sockaddr_ll));
+
+ /* NOTE: calculus matching those in tpacket_rcv()
+ * in linux-2.6/net/packet/af_packet.c
+ */
+ len = sizeof(sk_type);
+ if (getsockopt(handle->fd, SOL_SOCKET, SO_TYPE, &sk_type, &len) < 0) {
+ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "getsockopt: %s", pcap_strerror(errno));
+ return -1;
+ }
+#ifdef PACKET_RESERVE
+ len = sizeof(tp_reserve);
+ if (getsockopt(handle->fd, SOL_PACKET, PACKET_RESERVE, &tp_reserve, &len) < 0) {
+ if (errno != ENOPROTOOPT) {
+ /*
+ * ENOPROTOOPT means "kernel doesn't support
+ * PACKET_RESERVE", in which case we fall back
+ * as best we can.
+ */
+ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "getsockopt: %s", pcap_strerror(errno));
+ return -1;
+ }
+ tp_reserve = 0; /* older kernel, reserve not supported */
+ }
+#else
+ tp_reserve = 0;
+#endif
+ maclen = (sk_type == SOCK_DGRAM) ? 0 : MAX_LINKHEADER_SIZE;
+ /* XXX: in the kernel maclen is calculated from
+ * LL_ALLOCATED_SPACE(dev) and vnet_hdr.hdr_len
+ * in: packet_snd() in linux-2.6/net/packet/af_packet.c
+ * then packet_alloc_skb() in linux-2.6/net/packet/af_packet.c
+ * then sock_alloc_send_pskb() in linux-2.6/net/core/sock.c
+ * but I see no way to get those sizes in userspace,
+ * like for instance with an ifreq ioctl();
+ * the best thing I've found so far is MAX_HEADER in the kernel
+ * part of linux-2.6/include/linux/netdevice.h
+ * which goes up to 128+48=176; since pcap-linux.c defines
+ * a MAX_LINKHEADER_SIZE of 256 which is greater than that,
+ * let's use it.. maybe is it even large enough to directly
+ * replace macoff..
+ */
+ tp_hdrlen = TPACKET_ALIGN(handle->md.tp_hdrlen) + sizeof(struct sockaddr_ll) ;
+ netoff = TPACKET_ALIGN(tp_hdrlen + (maclen < 16 ? 16 : maclen)) + tp_reserve;
+ /* NOTE: AFAICS tp_reserve may break the TPACKET_ALIGN of
+ * netoff, which contradicts
+ * linux-2.6/Documentation/networking/packet_mmap.txt
+ * documenting that:
+ * "- Gap, chosen so that packet data (Start+tp_net)
+ * aligns to TPACKET_ALIGNMENT=16"
+ */
+ /* NOTE: in linux-2.6/include/linux/skbuff.h:
+ * "CPUs often take a performance hit
+ * when accessing unaligned memory locations"
+ */
+ macoff = netoff - maclen;
+ req.tp_frame_size = TPACKET_ALIGN(macoff + handle->snapshot);
req.tp_frame_nr = handle->opt.buffer_size/req.tp_frame_size;
/* compute the minumum block size that will handle this frame.
......@@ -2,5 +2,7 @@
15_linker_script.diff
30_man_fixes.diff
40_fix_bus_usb_path.diff
45_bonding.diff
46_tpacket_alignment.diff
50_kfreebsd.diff
50_autotools-dev.diff