On Wednesday 26 January 2011 15:30:08 Marek Lindner wrote: > Signed-off-by: Marek Lindner <[email protected]> > --- > + buff_len -= PRISM_HEADER_LEN; > + packet_buff += PRISM_HEADER_LEN; > + > + /* we assume a minimum size of 38 bytes > + * (802.11 data frame + LLC) > + * before we calculate the real size */ > + if (buff_len <= 38) > + return; > + > + wifi_hdr = (struct ieee80211_hdr *)packet_buff; > + fc = wifi_hdr->frame_control; > + > + /* not carrying payload */ > + if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA) > + return;
Didn't we say yesterday that we must either use ntohs or only read the first
byte of the framecontrol? The last option which comes to my mind is to define
IEEE80211_FCTL_FTYPE and IEEE80211_FTYPE_DATA for big and little endian
independently.
The same for
IEEE80211_FCTL_TODS 0x0100
IEEE80211_FCTL_FROMDS 0x0200
IEEE80211_FCTL_PROTECTED 0x4000
IEEE80211_STYPE_QOS_DATA 0x0080
Your current version should only work on little endian systems. I would
suggest following version:
#define IEEE80211_FCTL_FTYPE 0x0c00
#define IEEE80211_FTYPE_DATA 0x0800
#define IEEE80211_FCTL_TODS 0x0001
#define IEEE80211_FCTL_FROMDS 0x0002
#define IEEE80211_FCTL_PROTECTED 0x0040
#define IEEE80211_STYPE_QOS_DATA 0x8000
fc = ntohs(wifi_hdr->frame_control);
> + if (fc & IEEE80211_STYPE_QOS_DATA)
> + hdr_len += 2;
Here are you testing only on bit. Are you sure that the other 3 bits aren't
interesting? At least one combination isn't well defined by the 802.11
standard from 2007 and some others are null data types.
Best regards,
Sven
signature.asc
Description: This is a digitally signed message part.
