802.11: fix header length when HT Control header is present

sebastien-meter · infrastation · commit 3d92cb0d28d1 · 2025-10-03T09:42:00.000+01:00
When the ORDER bit is set in the 802.11 flags, the header length
needs to be incremented by the size of the HTControl field (4 B).
diff --git a/print-802_11.c b/print-802_11.c
@@ -2108,10 +2108,16 @@ extract_header_length(netdissect_options *ndo,
 
 	switch (FC_TYPE(fc)) {
 	case T_MGMT:
-		return MGMT_HDRLEN;
+		len = MGMT_HDRLEN;
+		// HT Control field presence determined by +HTC bit
+		// (9.2.4.6 of IEEE 802.11-2020)
+		if (FC_ORDER(fc))
+			len += IEEE802_11_HT_CONTROL_LEN;
+		return len;
 	case T_CTRL:
 		switch (FC_SUBTYPE(fc)) {
 		case CTRL_CONTROL_WRAPPER:
+			// HT Control field included in length
 			return CTRL_CONTROL_WRAPPER_HDRLEN;
 		case CTRL_BAR:
 			return CTRL_BAR_HDRLEN;
@@ -2135,8 +2141,13 @@ extract_header_length(netdissect_options *ndo,
 		}
 	case T_DATA:
 		len = (FC_TO_DS(fc) && FC_FROM_DS(fc)) ? 30 : 24;
-		if (DATA_FRAME_IS_QOS(FC_SUBTYPE(fc)))
+		if (DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) {
 			len += 2;
+			// HT Control field presence determined by +HTC bit
+			// (9.2.4.6 of IEEE 802.11-2020)
+			if (FC_ORDER(fc))
+				len += IEEE802_11_HT_CONTROL_LEN;
+		}
 		return len;
 	default:
 		ND_PRINT("unknown 802.11 frame type (%u)", FC_TYPE(fc));
diff --git a/tests/TESTLIST b/tests/TESTLIST
@@ -337,6 +337,7 @@ scps_invalid	scps_invalid.pcap	scps_invalid.out
 802.11_exthdr	ieee802.11_exthdr.pcap	ieee802.11_exthdr.out	-v
 802.11_rx-stbc	ieee802.11_rx-stbc.pcap	ieee802.11_rx-stbc.out
 802.11_meshid	ieee802.11_meshid.pcap	ieee802.11_meshid.out
+802.11_htc 	ieee802.11_htc.pcap 	ieee802.11_htc.out 	-e
 
 # OpenFlow tests
 of10_p3295-vv	of10_p3295.pcap		of10_p3295-vv.out	-vv
diff --git a/tests/ieee802.11_htc.out b/tests/ieee802.11_htc.out
@@ -0,0 +1 @@
+    1  2025-09-30 12:22:28.668829 967750278us tsft wep 5180 MHz 11a -45dBm signal -107dBm noise antenna 0 [bit 23] CF +QoS BSSID:36:80:94:c0:22:8b SA:b0:be:83:5b:4b:40 DA:ff:ff:ff:ff:ff:ff LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Ethernet (0x000000), ethertype IPv4 (0x0800), length 328: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from b0:be:83:5b:4b:40, length 300
diff --git a/tests/ieee802.11_htc.pcap b/tests/ieee802.11_htc.pcap

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+ 1 2025-09-30 12:22:28.668829 967750278us tsft wep 5180 MHz 11a -45dBm signal -107dBm noise antenna 0 [bit 23] CF +QoS BSSID:36:80:94:c0:22:8b SA:b0:be:83:5b:4b:40 DA:ff:ff:ff:ff:ff:ff LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Ethernet (0x000000), ethertype IPv4 (0x0800), length 328: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from b0:be:83:5b:4b:40, length 300`