From 65607b0eb5a6fdfea44e6b04c07648583c6a6a94 Mon Sep 17 00:00:00 2001
From: Matias Fontanini <matias.fontanini@gmail.com>
Date: Sun, 21 Dec 2014 10:51:18 -0800
Subject: [PATCH] Fixed PKTAP next layer interpretation.

---
 include/tins/internals.h |  2 ++
 src/internals.cpp        | 34 ++++++++++++++++++++++++++++++++++
 src/pktap.cpp            |  4 ++--
 src/sniffer.cpp          |  2 +-
 tests/src/CMakeLists.txt |  2 ++
 tests/src/pktap.cpp      | 27 +++++++++++++++++++++++++++
 6 files changed, 68 insertions(+), 3 deletions(-)
 create mode 100644 tests/src/pktap.cpp

diff --git a/include/tins/internals.h b/include/tins/internals.h
index de03fc8..59a0704 100644
--- a/include/tins/internals.h
+++ b/include/tins/internals.h
@@ -113,6 +113,8 @@ PDU *pdu_from_flag(Constants::Ethernet::e flag, const uint8_t *buffer,
   uint32_t size, bool rawpdu_on_no_match = true);
 PDU *pdu_from_flag(Constants::IP::e flag, const uint8_t *buffer, 
   uint32_t size, bool rawpdu_on_no_match = true);
+PDU *pdu_from_dlt_flag(int flag, const uint8_t *buffer, 
+  uint32_t size, bool rawpdu_on_no_match = true);
 PDU *pdu_from_flag(PDU::PDUType type, const uint8_t *buffer, uint32_t size);
 
 Constants::Ethernet::e pdu_flag_to_ether_type(PDU::PDUType flag);
diff --git a/src/internals.cpp b/src/internals.cpp
index a84d34e..11673da 100644
--- a/src/internals.cpp
+++ b/src/internals.cpp
@@ -27,6 +27,7 @@
  *
  */
 
+#include <pcap.h>
 #include "internals.h"
 #include "ip.h"
 #include "ethernetII.h"
@@ -38,12 +39,16 @@
 #include "udp.h"
 #include "ipsec.h"
 #include "icmp.h"
+#include "loopback.h"
+#include "sll.h"
+#include "ppi.h"
 #include "icmpv6.h"
 #include "arp.h"
 #include "eapol.h"
 #include "rawpdu.h"
 #include "dot1q.h"
 #include "pppoe.h"
+#include "exceptions.h"
 #include "ip_address.h"
 #include "ipv6_address.h"
 #include "pdu_allocator.h"
@@ -134,6 +139,35 @@ Tins::PDU *pdu_from_flag(Constants::IP::e flag, const uint8_t *buffer,
     return 0;
 }
 
+PDU *pdu_from_dlt_flag(int flag, const uint8_t *buffer, 
+  uint32_t size, bool rawpdu_on_no_match)
+{
+    switch (flag) {
+        case DLT_EN10MB:
+            return new EthernetII(buffer, size);
+
+        #ifdef HAVE_DOT11
+        case DLT_IEEE802_11_RADIO:
+            return new RadioTap(buffer, size);
+        case DLT_IEEE802_11:
+            return Dot11::from_bytes(buffer, size);
+        #else // HAVE_DOT11
+        case DLT_IEEE802_11_RADIO:
+        case DLT_IEEE802_11:
+            throw protocol_disabled();
+        #endif // HAVE_DOT11
+
+        case DLT_NULL:
+            return new Loopback(buffer, size);
+        case DLT_LINUX_SLL:
+            return new SLL(buffer, size);
+        case DLT_PPI:
+            return new PPI(buffer, size);
+        default:
+            return rawpdu_on_no_match ? new RawPDU(buffer, size) : 0;
+    };
+}
+
 Tins::PDU *pdu_from_flag(PDU::PDUType type, const uint8_t *buffer, uint32_t size) 
 {
     switch(type) {
diff --git a/src/pktap.cpp b/src/pktap.cpp
index c0decf8..95d9411 100644
--- a/src/pktap.cpp
+++ b/src/pktap.cpp
@@ -49,8 +49,8 @@ PKTAP::PKTAP(const uint8_t* buffer, uint32_t total_sz)
     total_sz -= header_length;
     if (header_.next && total_sz > 0) {
         inner_pdu(
-            Internals::pdu_from_flag(
-                (Constants::Ethernet::e)header_.dlt, 
+            Internals::pdu_from_dlt_flag(
+                header_.dlt, 
                 buffer, 
                 total_sz
             )
diff --git a/src/sniffer.cpp b/src/sniffer.cpp
index 67fef58..e8668fa 100644
--- a/src/sniffer.cpp
+++ b/src/sniffer.cpp
@@ -162,7 +162,7 @@ PtrPacket BaseSniffer::next_packet() {
     }
     #ifdef DLT_PKTAP
     else if (iface_type == DLT_PKTAP) {
-        handler = &sniff_loop_handler<PKTAP>();
+        handler = &sniff_loop_handler<PKTAP>;
     }
     #endif // DLT_PKTAP
     else if(iface_type == DLT_NULL)
diff --git a/tests/src/CMakeLists.txt b/tests/src/CMakeLists.txt
index d5914ef..d66592b 100644
--- a/tests/src/CMakeLists.txt
+++ b/tests/src/CMakeLists.txt
@@ -57,6 +57,7 @@ ADD_CUSTOM_TARGET(
     NetworkInterfaceTest
     OfflinePacketFilterTest
     PDUTest
+    PKTAPTest
     PPITest
     PPPoETest
     RadioTapTest
@@ -98,6 +99,7 @@ ADD_EXECUTABLE(MatchesResponseTest EXCLUDE_FROM_ALL matches_response.cpp)
 ADD_EXECUTABLE(NetworkInterfaceTest EXCLUDE_FROM_ALL network_interface.cpp)
 ADD_EXECUTABLE(OfflinePacketFilterTest EXCLUDE_FROM_ALL offline_packet_filter.cpp)
 ADD_EXECUTABLE(PDUTest EXCLUDE_FROM_ALL pdu.cpp)
+ADD_EXECUTABLE(PKTAPTest EXCLUDE_FROM_ALL pktap.cpp)
 ADD_EXECUTABLE(PPITest EXCLUDE_FROM_ALL ppi.cpp)
 ADD_EXECUTABLE(PPPoETest EXCLUDE_FROM_ALL pppoe.cpp)
 ADD_EXECUTABLE(RadioTapTest EXCLUDE_FROM_ALL radiotap.cpp)
diff --git a/tests/src/pktap.cpp b/tests/src/pktap.cpp
new file mode 100644
index 0000000..320b594
--- /dev/null
+++ b/tests/src/pktap.cpp
@@ -0,0 +1,27 @@
+#include <gtest/gtest.h>
+#include <cstring>
+#include <string>
+#include <iostream>
+#include <stdint.h>
+#include "pktap.h"
+
+using namespace std;
+using namespace Tins;
+
+
+class PKTAPTest : public testing::Test {
+public:
+    static const uint8_t packet1[];
+};
+
+const uint8_t PKTAPTest::packet1[] = {
+    108, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 101, 110, 48, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 2, 0, 0, 0, 14, 0, 0, 0, 0, 0, 0, 0, 178, 7, 0, 0, 111, 99, 115, 112, 100, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 255, 255, 255, 255, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 128, 57, 251, 101, 187, 44, 240, 238, 33, 128, 46, 8, 0, 69, 0, 0, 40, 188, 8, 64, 0, 64, 6, 70, 77, 10, 0, 0, 222, 17, 151, 28, 6, 196, 70, 0, 80, 63, 40, 147, 97, 101, 156, 12, 242, 80, 17, 64, 0, 45, 170, 0, 0
+};
+
+
+TEST_F(PKTAPTest, ConstructorFromBuffer) {
+    PKTAP pkt(packet1, sizeof(packet1));
+    PDU* inner = pkt.inner_pdu();
+    ASSERT_TRUE(inner);
+    EXPECT_EQ(PDU::ETHERNET_II, inner->pdu_type());
+}