On Wednesday 26 January 2011 15:30:08 Marek Lindner wrote:
Signed-off-by: Marek Lindner lindner_marek@yahoo.de
- buff_len -= PRISM_HEADER_LEN;
- packet_buff += PRISM_HEADER_LEN;
- /* we assume a minimum size of 38 bytes
* (802.11 data frame + LLC)* before we calculate the real size */- if (buff_len <= 38)
return;- wifi_hdr = (struct ieee80211_hdr *)packet_buff;
- fc = wifi_hdr->frame_control;
- /* not carrying payload */
- if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
return;
Didn't we say yesterday that we must either use ntohs or only read the first byte of the framecontrol? The last option which comes to my mind is to define IEEE80211_FCTL_FTYPE and IEEE80211_FTYPE_DATA for big and little endian independently.
The same for IEEE80211_FCTL_TODS 0x0100 IEEE80211_FCTL_FROMDS 0x0200 IEEE80211_FCTL_PROTECTED 0x4000 IEEE80211_STYPE_QOS_DATA 0x0080
Your current version should only work on little endian systems. I would suggest following version:
#define IEEE80211_FCTL_FTYPE 0x0c00 #define IEEE80211_FTYPE_DATA 0x0800 #define IEEE80211_FCTL_TODS 0x0001 #define IEEE80211_FCTL_FROMDS 0x0002 #define IEEE80211_FCTL_PROTECTED 0x0040 #define IEEE80211_STYPE_QOS_DATA 0x8000
fc = ntohs(wifi_hdr->frame_control);
if (fc & IEEE80211_STYPE_QOS_DATA)hdr_len += 2;
Here are you testing only on bit. Are you sure that the other 3 bits aren't interesting? At least one combination isn't well defined by the 802.11 standard from 2007 and some others are null data types.
Best regards, Sven