Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 15:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Move cur_pos from packet into packet manager loop.

Browse source
This commit is contained in:
Jan Grashoefer 2020-07-17 18:25:22 +02:00 committed by Tim Wojtulewicz
parent c2500d03d6
commit 96d0e11bb8
39 changed files with 148 additions and 169 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/packet_analysis/protocol/linux_sll/LinuxSLL.cc
View file

@ -9,18 +9,16 @@ LinuxSLLAnalyzer::LinuxSLLAnalyzer()
{
}
zeek::packet_analysis::AnalysisResultTuple LinuxSLLAnalyzer::Analyze(Packet* packet)
zeek::packet_analysis::AnalysisResultTuple LinuxSLLAnalyzer::Analyze(Packet* packet, const uint8_t*& data)
{
auto& pdata = packet->cur_pos;
if ( pdata + sizeof(SLLHeader) >= packet->GetEndOfData() )
if ( data + sizeof(SLLHeader) >= packet->GetEndOfData() )
{
packet->Weird("truncated_Linux_SLL_header");
return { AnalyzerResult::Failed, 0 };
}
//TODO: Handle different ARPHRD_types
auto hdr = (const SLLHeader*)pdata;
auto hdr = (const SLLHeader*)data;
uint32_t protocol = ntohs(hdr->protocol_type);
packet->l2_src = (u_char*) &(hdr->addr);
@ -29,6 +27,6 @@ zeek::packet_analysis::AnalysisResultTuple LinuxSLLAnalyzer::Analyze(Packet* pac
// here will cause crashes elsewhere.
packet->l2_dst = Packet::L2_EMPTY_ADDR;
pdata += sizeof(SLLHeader);
data += sizeof(SLLHeader);
return { AnalyzerResult::Continue, protocol };
}