pcap_next()将地址返回到无法访问的内存区域

时间:2014-06-01 17:22:51

标签: c linux network-programming pcap

我编写ARP-Sniffer并发生下一个运行时错误:

pcap_next()函数返回一个指向地址空间的指针,该地址空间不可访问,仅在某些情况下导致运行时期间的分段错误错误。这是代码:

void function_arp(){
(...)

const unsigned char *frameRcv = NULL;
unsigned int byteNr = 0;
struct ether_arp *arpPack = NULL;

while (true) {
    // check on waiting time
    gettimeofday(&currentWaitTime, NULL);
    struct timeval diff = timediff(beginWaitTime, currentWaitTime);

    if (diff.tv_sec > 5) // wait for up to 5 seconds
    {
        fprintf(stderr, "Reading timed out\n");
        break;
    }

    // Receiving Frame
    byteNr = receiveRawFrame(handle, &frameRcv);
    if(frameRcv == 0x0) 
        continue;
    //when reading *frameRcv, the Segmentation fault occurs sometimes 
    fprintf(stdout, "%x - ", *frameRcv);  
    (...) 
    //The receiving of frames will be timed out after 4 sec
}

函数receiveRawFrame()的代码:

unsigned int
receiveRawFrame(struct capture_info handle, const unsigned char** receivedFrame)
{
    *receivedFrame = NULL;
    // try reading frames
    const unsigned char* frame;
    struct pcap_pkthdr pcapinfo;
    frame = pcap_next(handle.pcapHandle, &pcapinfo);

    *receivedFrame = frame;
    return pcapinfo.caplen;
}

一些注意事项:本程序将接收IP作为参数,并发送该IP的ARP请求,以期待之后的回复。仅当IP不在本地网络中时才会发生分段故障。在这种情况下,程序应该超时。对于相同的输入(IP向外扩展本地网络),有时会发生分段错误,有时不会......

我想在while循环中多次调用函数pcap_next会发生意外情况。

操作系统:Debian 3.2.57-3 x86_64 (64 Bit) Pcap版本:1.15

GDB提供下一个输出:

Program received signal SIGSEGV, Segmentation fault.
0x0000000000401b29 in function_arp () at src/arp_impl.c:120
120                             fprintf(stdout, "%x - ", *frameRcv);

1 个答案:

答案 0 :(得分:2)

检查pcap_next的结果。只有在结果为非零时才能访问框架和信息。

相关问题
最新问题