[Listener] Radiotap: handle Extended Present Flags

Check the 31st bit of the Present Flags field, i.e. the Ext bit, set
when additional Present Flags fields follow.
This commit is contained in:
Matteo Cypriani 2014-03-20 14:53:58 -04:00
parent 9c83ae3593
commit dd8497fb53
2 changed files with 26 additions and 5 deletions

View File

@ -140,8 +140,11 @@ enum {MODE_ACTIVE = 'a', MODE_PASSIVE = 'p', MODE_MIXED = 'm'} ;
#define RTAP_CHANNEL 3 // Channel frequency and flags
#define RTAP_FHSS 4 // FHSS hop set and hop pattern
#define RTAP_ANTENNASIGNAL 5
// ... (we use only the antenna signal field, so we don't need to handle
// the bits greater than RTAP_ANTENNASIGNAL)
/* We use only the first Antenna Signal field, so we don't need to handle
* the bits greater than RTAP_ANTENNASIGNAL, except for the Ext bit
* (Extended Presence), to be able to jump after all the Present Flags
* fields: */
#define RTAP_EXT 31
/* Lengths of the radiotap optional fields (in bytes) */
#define RTAP_L_TSFT 8 // MAC timestamp (Time Synchronization Function Timer)

View File

@ -1332,15 +1332,33 @@ bool extract_radiotap_ss(const u_char *const pkt_data,
{
uint32_t rtap_presentflags ;
uint_fast16_t rtap_position ;
bool rtap_ext ;
// Get rtap flags:
// Get the first Present Flags field from the Radiotap header:
memcpy(&rtap_presentflags,
&pkt_data[RTAP_P_PRESENTFLAGS], RTAP_L_PRESENTFLAGS) ;
// The Radiotap header is little-endian
rtap_presentflags = le32toh(rtap_presentflags) ;
// The fields dependent on present flags start at byte 8
rtap_position = 8 ;
// The optional fields start right after the Present Flags field:
rtap_position =
RTAP_L_HREVISION + RTAP_L_HPAD +
RTAP_L_HLENGTH + RTAP_L_PRESENTFLAGS ;
// Skip the potential additional Present Flags fields:
rtap_ext = FIELD_PRESENT(rtap_presentflags, RTAP_EXT) ;
while (rtap_ext)
{
// Get the additional Present Flags field:
uint32_t rtap_presentflags_ext ;
memcpy(&rtap_presentflags_ext,
&pkt_data[rtap_position], RTAP_L_PRESENTFLAGS) ;
rtap_presentflags_ext = le32toh(rtap_presentflags_ext) ;
// Check if there is another one after it:
rtap_ext = FIELD_PRESENT(rtap_presentflags_ext, RTAP_EXT) ;
// Skip the current field:
rtap_position += SKIP_FIELD(rtap_position, RTAP_L_PRESENTFLAGS) ;
}
// Test the first bits of the flag field in order to check their
// presence, up to the antenna signal field which is the only one