see also: http://sourceforge.net/tracker/?func=detail&aid=3082386&group_id=53067&atid=469577 http://permalink.gmane.org/gmane.network.tcpdump.devel/4703
the upstream fix is commit ecdc5c0a7f7591a7cd4aff696e42757c677fbbf7, attached. it applies cleanly to 1.1.1 and appears to fix the issue. -- Robert Edmonds edmo...@debian.org
From ecdc5c0a7f7591a7cd4aff696e42757c677fbbf7 Mon Sep 17 00:00:00 2001 From: Guy Harris <g...@alum.mit.edu> Date: Wed, 4 May 2011 22:28:53 -0700 Subject: [PATCH] In userland, sign extend the offset for JA instructions. We currently use that to implement "ip6 protochain", and "pc" might be wider than "pc->k", in which case we need to arrange that "pc->k" be sign-extended, by casting it to bpf_int32. --- bpf/net/bpf_filter.c | 11 +++++++++++ 1 files changed, 11 insertions(+), 0 deletions(-) diff --git a/bpf/net/bpf_filter.c b/bpf/net/bpf_filter.c index 22aff79..0c4fb00 100644 --- a/bpf/net/bpf_filter.c +++ b/bpf/net/bpf_filter.c @@ -405,7 +405,18 @@ bpf_filter(pc, p, wirelen, buflen) continue; case BPF_JMP|BPF_JA: +#if defined(KERNEL) || defined(_KERNEL) + /* + * No backward jumps allowed. + */ pc += pc->k; +#else + /* + * XXX - we currently implement "ip6 protochain" + * with backward jumps, so sign-extend pc->k. + */ + pc += (bpf_int32)pc->k; +#endif continue; case BPF_JMP|BPF_JGT|BPF_K: -- 1.7.5.1
signature.asc
Description: Digital signature