[Winpcap-users] BUG rpcapd - inproper internal structure pcap_tusage
Gianluca Varenni
gianluca.varenni at cacetech.com
Tue Jun 22 13:55:44 PDT 2010
Tomas,
I'm working on applying your patches to our codebase. I'm not completely sure about changing bufsize to snaplen. First of all, I think that
- startcapreply->bufsize= htonl(fp->bufsize);
+ //startcapreply->bufsize= htonl(fp->bufsize);
+ startcapreply->bufsize= startcapreq.snaplen;
should actually read
+ startcapreply->bufsize= htonl(startcapreq.snaplen);
Then if bufsize is snaplen, I think that the TCP performance would be affected (it looks like bufsize is used to set SO_RCVBUF of the socket itself).
Have a nice day
GV
From: Tomas Konir
Sent: Wednesday, April 28, 2010 2:31 AM
To: winpcap-users at winpcap.org
Subject: [Winpcap-users] BUG rpcapd - inproper internal structure pcap_tusage
rpcapd use pcap-int.h and than directly pcap_t structure.
size of pcap_t and position of individual fields is not independent
and depends on config.h generated by configure.
The result is rewritten memory and bugs like: socket error, invalid socket, SIGSEGV and similar.
I tried to remove usage of internal pcap_t structure and use rpcapd owns.
Patch is attached, and i have two notes.
1. timezone is set to zero (but no code in libpcap/winpcap use it)
2. bufsize is set to snaplen instead of internal pcap_t->bufsize.
MOJE
P.S. another way would by use config.h from libpcap, but i don't prefer it.
--
Tomas Konir
Prague
Czech Republic
ICQ: 25849167
Jabber: Tomas.Konir at gmail.com
--------------------------------------------------------------------------------
_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-users/attachments/20100622/9354986a/attachment.htm
More information about the Winpcap-users
mailing list