Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 30 Apr 1999 11:18:54 +0200 (MET DST)
From:      Luigi Rizzo <luigi@labinfo.iet.unipi.it>
To:        net@freebsd.org
Subject:   possible bug in udp_usrreq ?
Message-ID:  <199904300918.LAA14603@labinfo.iet.unipi.it>
next in thread | raw e-mail | index | archive | help 
Hi,

i just noticed a possible bug in udp_usrreq.c:udp_input()

When demuxing datagrams to udp socket, near line 199 of the file,
there is the following section of code to skip the ip and udp
headers:

	/*
	 * Construct sockaddr format source address.
	 */
	udp_in.sin_port = uh->uh_sport;
	udp_in.sin_addr = ip->ip_src;
 -->	m->m_len -= sizeof (struct udpiphdr);
 -->	m->m_data += sizeof (struct udpiphdr);

note, there is no update to m->m_pkthdr.len such as

	m->m_pkthdr.len -= sizeof (struct udpiphdr);

which in my opinion should be there, as it is instead done in the
Stevens TCPIP/Ill.vol.2 pg 775 (fig.23.25) and also in the section
of code related to unicast datagrams near line 313:

        iphlen += sizeof(struct udphdr);
        m->m_len -= iphlen;
        m->m_pkthdr.len -= iphlen;
        m->m_data += iphlen;

Actually, looking at the differences, the multicast section of the
code looks really broken and unable to handle ip options. It should
be exactly the same as in the unicast case.

Just for curiosity, i cheched in the CVS tree and all revisions of
udp_input() seems to have the same problem. Even my old 1.1.5
machine also shows the same bug, so i wonder when the problem
came out, maybe someone with access to older Berkeley sources can
see when that happened ?

	cheers
	luigi
-----------------------------------+-------------------------------------
  Luigi RIZZO                      .
  EMAIL: luigi@iet.unipi.it        . Dip. di Ing. dell'Informazione
  HTTP://www.iet.unipi.it/~luigi/  . Universita` di Pisa
  TEL/FAX: +39-050-568.533/522     . via Diotisalvi 2, 56126 PISA (Italy)
-----------------------------------+-------------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904300918.LAA14603>