Hello,
I believe I have found a bug in PF_PACKET socket filtering (introduced in
linux-2.6.19). If BPF returns values larger than 0x80000000u, run_filter in
af_packet.c considers that as error instead of simply accepting packet in its
full length. sk_filter does not have this problem.
Raivis Bucis
Index: linux-2.6.19/net/packet/af_packet.c
===================================================================
--- linux-2.6.19/net/packet/af_packet.c
+++ linux-2.6.19/net/packet/af_packet.c
@@ -447,6 +447,8 @@
err = -EPERM;
else if (*snaplen > err)
*snaplen = err;
+ else
+ err = *snaplen;
}
rcu_read_unlock_bh();
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
