[Bug 261566] Padding of DLT_PFLOG packets should be done differently

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 31 Jan 2022 21:57:21 UTC

Kristof Provost <kp@freebsd.org> changed:

           What    |Removed                     |Added
                 CC|                            |kp@freebsd.org

--- Comment #2 from Kristof Provost <kp@freebsd.org> ---
Thanks for the report.

I distinctly recall looking at the Wireshark code before implementing the
BPF_WORDALIGN(), however it clearly does `padded_length =
WS_ROUNDUP_4(length);`, so I don't know what happened there.

How does this look to you:

diff --git a/sys/net/if_pflog.h b/sys/net/if_pflog.h
index 0406f78474a8..443c1cc36cf6 100644
--- a/sys/net/if_pflog.h
+++ b/sys/net/if_pflog.h
@@ -33,7 +33,6 @@

 #include <sys/types.h>

-#include <net/bpf.h>
 #include <net/if.h>

 #define        PFLOGIFS_MAX    16
@@ -60,7 +59,9 @@ struct pfloghdr {
        u_int8_t        pad2[3];

-#define        PFLOG_HDRLEN            BPF_WORDALIGN(offsetof(struct pfloghdr,
+#define PFLOG_ALIGNMENT                sizeof(uint32_t)
+#define PFLOG_ALIGN(x)         (((x) + PFLOG_ALIGNMENT - 1) &
+#define        PFLOG_HDRLEN            PFLOG_ALIGN(offsetof(struct pfloghdr,
 /* minus pad, also used as a signature */
 #define        PFLOG_REAL_HDRLEN       offsetof(struct pfloghdr, pad2)

You are receiving this mail because:
You are the assignee for the bug.