diff options
author | Guy Harris <guy@alum.mit.edu> | 2014-06-25 13:18:18 -0700 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2014-06-25 13:18:18 -0700 |
commit | d033c1bc381c76d13e4aface97a4f4ec8c3beca2 (patch) | |
tree | a062645b58516494669146b388625ac9f7e1577b | |
parent | f2b690e8b5f2cb9306ef77374346260ea0a7839c (diff) | |
download | tcpdump-d033c1bc381c76d13e4aface97a4f4ec8c3beca2.tar.gz |
Don't treat 65535 as the maximum snapshot length.
Make it 131072, instead; the MTU on the Linux loopback interface, in at
least some versions of the kernel, is 65536, and that doesn't count the
fake Ethernet header, so we need a value bigger than 65536. We don't
want a value that's *too* large, so that it causes attempts to allocate
huge amounts of memory, however.
This (plus the corresponding change to libpcap) should fix GitHub issue
-rw-r--r-- | netdissect.h | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/netdissect.h b/netdissect.h index 1b11bf8e..87a976a0 100644 --- a/netdissect.h +++ b/netdissect.h @@ -209,12 +209,15 @@ struct netdissect_options { * Maximum snapshot length. This should be enough to capture the full * packet on most network interfaces. * - * XXX - could it be larger? If so, should it? Some applications might - * use the snapshot length in a savefile header to control the size of - * the buffer they allocate, so a size of, say, 2^31-1 might not work - * well. + * Somewhat arbitrary, but chosen to be 1) big enough for maximum-size + * Linux loopback packets and 2) small enough not to cause attempts to + * allocate huge amounts of memory; some applications might use the + * snapshot length in a savefile header to control the size of the buffer + * they allocate, so a size of, say, 2^31-1 might not work well. + * + * XXX - does it need to be bigger still? */ -#define MAXIMUM_SNAPLEN 65535 +#define MAXIMUM_SNAPLEN 131072 /* * The default snapshot length is the maximum. |