Date: Thu, 22 Jun 2000 14:41:40 +0100 From: Brian Somers <brian@Awfulhak.org> To: "Oles' Hnatkevych" <gnut@fc.kiev.ua> Cc: freebsd-bugs@freebsd.org, brian@Awfulhak.org, brian@hak.lan.Awfulhak.org Subject: Re: bug in PPP code Message-ID: <200006221341.OAA01823@hak.lan.Awfulhak.org> In-Reply-To: Message from "Oles' Hnatkevych" <gnut@fc.kiev.ua> of "Thu, 22 Jun 2000 09:52:35 %2B0400." <13411.000622@fc.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, This bug has been fixed recently in -current, -stable and releng3 and is available via http://www.Awfulhak.org/ppp.html > Hello! > > PPP code does not properly handle the information about > interfaces, resulting in routing lost to some peers > and complaining about inability to delete address from > interface (though it does not belong to that interface). > > Some of you may have seen me in freebsd-questions complaining > about "Warning" that issued PPP telling that can not removed > address from interface. > > Finally the bug in PPP source code was found. The bug is > difficult to spot because not many of you use more than > 10 tunnel devices simultaneously. > > The bug is in iface.c: look at the lines below and check out the > quoted line > > while (ptr < end && iface == NULL) { > ifm = (struct if_msghdr *)ptr; /* On if_msghdr */ > if (ifm->ifm_type != RTM_IFINFO) > break; > dl = (struct sockaddr_dl *)(ifm + 1); /* Single _dl at end */ > >> if (!strncmp(name, dl->sdl_data, dl->sdl_nlen)) { > iface = (struct iface *)malloc(sizeof *iface); > if (iface == NULL) { > fprintf(stderr, "iface_Create: malloc: %s\n", strerror(errno)); > return NULL; > } > > Suppose the tun30 has been chosen and in the loop > we've received the information about tun3. The strncmp function > WILL return 0, because tun3 = tun30, comparing just first 4 > characters, which is the length of "tun3" (dl->sdl_nlen). The > result of this that internal PPP structure that contains > information about interface at the beginning has wrong > data about it's current addresses (in example tun3 address). > And again, the route to this address is removed from routing > table, but kernel can not delete this address from interface > cause it does not belong to it. > > We've removed the letter 'n' from the function name and > it's last argument and are now happy ;) > > I believe that strncmp may cause some other errors, since > it is used serveral times in the PPP source code, and > I'm not bothering to find out if it is used properly. > > With best wishes, Oles' Hnatkevych, http://gnut.kiev.ua, gnut@fc.kiev.ua > Finance & Credit Banking Corporation, Kyiv, Ukraine. > Industrialnaya str. 27 +380 44 2417190 > Artema str. 60, +380 44 4906877 > > > -- Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org> <http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org> Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006221341.OAA01823>