Preserve references to metadata when adjusting the program.

This fixes the offset issue I mention in https://github.com/the-tcpdump-group/tcpdump/issues/480#issuecomment-486827278
author: Bill Fenner <fenner@gmail.com> 2019-04-26 04:10:59 -0700
committer: Bill Fenner <fenner@gmail.com> 2019-09-26 17:30:15 -0700
commit: eebbdd4d267217a60c87dbada2176ec51bbcd0d1 (patch)
tree: b038b7590c7816b4af72cdc3ce0f39bd01ea12d4 /pcap-linux.c
parent: 14db34dba0e79f3e126b815e021565ddecd55475 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/pcap-linux.c b/pcap-linux.c
index ed80b2da..31c1a6a0 100644
--- a/pcap-linux.c
+++ b/pcap-linux.c
@@ -7496,6 +7496,14 @@ fix_program(pcap_t *handle, struct sock_fprog *fcode, int is_mmapped)
 static int
 fix_offset(pcap_t *handle, struct bpf_insn *p)
 {
+	/*
+	 * Existing references to auxiliary data shouldn't be adjusted.
+	 *
+	 * Note that SKF_AD_OFF is negative, but p->k is unsigned, so
+	 * we use >= and cast SKF_AD_OFF to unsigned.
+	 */
+	if (p->k >= (bpf_u_int32)SKF_AD_OFF)
+		return 0;
 	if (handle->linktype == DLT_LINUX_SLL2) {
 		/*
 		 * What's the offset?
author	Bill Fenner <fenner@gmail.com>	2019-04-26 04:10:59 -0700
committer	Bill Fenner <fenner@gmail.com>	2019-09-26 17:30:15 -0700
commit	eebbdd4d267217a60c87dbada2176ec51bbcd0d1 (patch)
tree	b038b7590c7816b4af72cdc3ce0f39bd01ea12d4 /pcap-linux.c
parent	14db34dba0e79f3e126b815e021565ddecd55475 (diff)