From owner-freebsd-net@FreeBSD.ORG Thu Oct 2 03:51:33 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 00F4A1AE for ; Thu, 2 Oct 2014 03:51:32 +0000 (UTC) Received: from mail-ig0-f169.google.com (mail-ig0-f169.google.com [209.85.213.169]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C05C5C3B for ; Thu, 2 Oct 2014 03:51:32 +0000 (UTC) Received: by mail-ig0-f169.google.com with SMTP id uq10so1264422igb.4 for ; Wed, 01 Oct 2014 20:51:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=hpOkYu6ULHvkgqs702XMiYXyVc79+6l4xCcG5v4s+mc=; b=ZY8jLDyLLWTZdLXl77aA7v+zpk9ODKM1KRbb2k6V6kogT2+h8lyMU01CNra0H+zoFR 73R2NDBqNbC/Y+WiqS6LTbQxo0SEWda3xCOAGntJ0psfjhQysUmJg8/ESB7J1Q2HFUvw WZqNhaFTNM4SdWp10uDLhzCrJkMhz/++nMJ9nV2oQ2LpDMDejvQNEsKaS4ym6vxVB88G /TCx7RnMaw+z+7B9kKku6l0ZbgrhrxvXUhgl+95v2QBXQQF/WuBJogTN6wBSNlfgwSiC KjUqBkRNR28o6WVWeQcmF2XmNwj3vahMfW8Rk4trNO1dAtc5xxQD9LjCYnohOOS7aEeE W0Wg== X-Gm-Message-State: ALoCoQlKHPRQX9Z163MuSEeMYMNgGAGPNU3V5g4j0vjs8UEX+8uBvmoISFTyq6awoIabUWk//Av/ X-Received: by 10.42.227.10 with SMTP id iy10mr1695433icb.3.1412221886102; Wed, 01 Oct 2014 20:51:26 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.19.30 with HTTP; Wed, 1 Oct 2014 20:51:06 -0700 (PDT) X-Originating-IP: [72.177.8.109] In-Reply-To: References: From: Bryan Venteicher Date: Wed, 1 Oct 2014 22:51:06 -0500 Message-ID: Subject: Re: UDP/IPv6 handling To: Michael Tuexen Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: FreeBSD Net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Oct 2014 03:51:33 -0000 On Wed, Oct 1, 2014 at 11:58 AM, Michael Tuexen < Michael.Tuexen@lurchi.franken.de> wrote: > Dear all, > > in udp6_input() we have the following code: > > if (nxt =3D=3D IPPROTO_UDP && plen !=3D ulen) { > UDPSTAT_INC(udps_badlen); > goto badunlocked; > } > /* > * Checksum extended UDP header and data. > */ > if (uh->uh_sum =3D=3D 0) { > if (ulen > plen || ulen < sizeof(struct udphdr)) { > UDPSTAT_INC(udps_nosum); > goto badunlocked; > } > } > > I'm trying to understand the UDP code path... > > =E2=80=8BI too was recently confused by this code. =E2=80=8BI pointed out o= ne issue to kevlo@ recently, but it still kind of seemed like the UDP-Lite was mismerged to IPv6. So (ulen > plen) can't be true. I'm wondering why do we only check the ulen > is not too > short only in the case when the UDP checksum is zero. A zero checksum > should also never happen. > > =E2=80=8BI hope to have a patch for =E2=80=8BRFC6935 [1] soon so a zero che= cksum may be allowed if the inp/udpcb is configured for it. I think we should check for ulen < sizeof(struct udphdr) in any case. > > =E2=80=8BI think previously, the checks in ip6_input(), IP6_EXTHDR_CHECK(),= and plen =3D=3D ulen made this unnecessary. I think we'd want to do it for UDP-= Lite if ulen was not initially zero. =E2=80=8B[1] - http://tools.ietf.org/html/rfc6935=E2=80=8B > Opinions? > > Best regards > Michael > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >