Date: Thu, 18 Apr 2002 23:23:09 +0900 From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isl.rdc.toshiba.co.jp> To: Ruslan Ermilov <ru@FreeBSD.ORG> Cc: SUZUKI Shinsuke <suz@FreeBSD.ORG>, Garrett Wollman <wollman@FreeBSD.ORG>, jayanth@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Questions on ip_output.c's patch for FreeBSD-SA-02:21.tcpip Message-ID: <y7vpu0xm6gi.wl@ocean.jinmei.org> In-Reply-To: <20020418094722.GG98788@sunbay.com> References: <200204171923.g3HJNg958905@freefall.freebsd.org> <x7vgapxy7o.wl@s30.crl.hitachi.co.jp> <20020418094722.GG98788@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Thu, 18 Apr 2002 12:47:22 +0300, >>>>> Ruslan Ermilov <ru@FreeBSD.ORG> said: >> KAME rewrote the attached patch to improve this point: >> - This memory leak is fixed, of course:-) >> (at least I confirmed on 5-current). >> - Non-NULL rtentry for ip_output() is still accepted. So only a >> patch in ip_output.c is enough. >> >> Could you please correct me if I'm wrong, or consider adopting this >> patch? >> (it's a patch for 5-current, but it's not so difficult to modify it for >> 4-stable and 4.5-release branch) > I strongly object to this change. BSD historically didn't allow for > ip_output() to be called with the NULL route pointer. I changed this I'm not sure what you meant by "BSD" and "historically" here, but please let me point out that this behavior is specific to FreeBSD. At least BSD-4.4 Lite2 allows for ip_output to take the NULL route pointer (see the rev. 1.1.1.1. for FreeBSD). Additionally, BSD/OS, NetBSD, and OpenBSD still allow the case. FreeBSD prohibited the NULL route pointer argument for ip_output at the change from 1.34 to 1.35 (6 years ago, so I admit we could say this "historically"). > in rev. 1.143 in a blind attempt to fix a panic condition I introduced > in ip_icmp.c,v 1.64. Unfortunately, this didn't actually fix the > ip_icmp.c bug but rather _hided_ it. Many respectful people objected > to the 1.143 change, including Garrett Wollman, but I didn't realize > at the time why this was bad. I since have fixed my mind, and I now > realize why it's bad. The details could be found in the commit log > for ip_output.c,v 1.153. Hopefully you can follow that. We understood the issue, but when we proposed the other fix (from suz) we did not realize that the "iproute" local variable was "re-"enabled in 1.143, and thought that this was an IPsec issue. Since FreeBSD has been able to live with the code disabling the NULL iproute for ip_output (and requiring all callers to pass a non NULL argument) for 6 years, I agree that the proposed fix in the advisory is natural for FreeBSD. The only concern that I think of is that we may see kernel panic when porting code that calls ip_output() from other BSDs, since the others may pass the NULL pointer to ip_output(). But, perhaps this issue has already been discussed and thus the current code... JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?y7vpu0xm6gi.wl>