Wireshark mailing list archives
Re: Why the name "Wiretap"?
From: Guy Harris <guy () alum mit edu>
Date: Fri, 28 Sep 2012 14:32:10 -0700
On Sep 28, 2012, at 1:48 PM, Jakub Zawadzki <darkjames-ws () darkjames pl> wrote:
On Fri, Sep 28, 2012 at 01:23:16PM -0700, Gilbert Ramirez wrote:Libpcap (...) has a wonderful BPF optimizing engine.With lot of bugs... http://sourceforge.net/tracker/?func=detail&aid=3054909&group_id=53067&atid=469577 http://seclists.org/tcpdump/2011/q4/83 http://permalink.gmane.org/gmane.network.tcpdump.devel/2265 (this one might have been fixed?)
That one might be "fixed" by not generating incorrect un-optimized code; the current code generates
(008) ldb [0]
rather than
(008) ldb [1]
when looking at the "type" subfield of the Frame Control field - that subfield is in the first octet. There might
still be an underlying optimizer bug (there certainly have been ones in the past that have been fixed).
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Why the name "Wiretap"? robert . bullen (Sep 28)
- Re: Why the name "Wiretap"? Gilbert Ramirez (Sep 28)
- Re: Why the name "Wiretap"? Jakub Zawadzki (Sep 28)
- Re: Why the name "Wiretap"? Guy Harris (Sep 28)
- Re: Why the name "Wiretap"? Jakub Zawadzki (Sep 28)
- Re: Why the name "Wiretap"? Gilbert Ramirez (Sep 28)