On 08/30/2017 04:11 PM, Phil Sutter wrote:
On Wed, Aug 30, 2017 at 03:53:59PM +0200, Daniel Borkmann wrote:
On 08/29/2017 05:09 PM, Phil Sutter wrote:
[...]
I don't really have a strong opinion on this, but the logic for
normalizing here is getting a bit convoluted. Is your use case
for making the parser more robust mainly so you can just use the
-ddd output from tcpdump for cBPF w/o piping through tr? But even
that shouldn't give multiple empty lines afaik, no?
Well, using tcpdump output was functional before already. I just noticed
that if I add an empty line to the end of bytecode-file, it will fail
and I didn't like that. Then while searching for the EOF issue, I
noticed that the parser logic above is a bit faulty in that it will
treat different characters equally but doesn't make sure c_prev will be
assigned only one of them. So apart from the added robustness, it really
fixes an inconsistency in the parsing logic.
Ok, fine by me.
