Date: Sun, 22 May 2011 15:30:07 -0400 From: Wesley Shields <wxs@FreeBSD.org> To: freebsd-net@FreeBSD.org Subject: Re: fwd: kern/157188: [libpcap] [patch] incorporate patch from upstream Message-ID: <20110522193007.GA63178@atarininja.org> In-Reply-To: <20110521064847.GB23992@lonesome.com> References: <201105192153.p4JLrvtH004172@red.freebsd.org> <20110521064847.GB23992@lonesome.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I've updated the port to address this. The audit trail for this PR has a patch which touches more than just libpcap. I'm curious if anyone on this list has comments on it, and if any committer wants to commit it (at least the libpcap part, the others appear right to me). -- WXS On Sat, May 21, 2011 at 01:48:47AM -0500, Mark Linimon wrote: > Apparently affects both the port and src. > mcl > > On Thu, May 19, 2011 at 09:53:57PM +0000, Peter Losher wrote: > > > > >Number: 157188 > > >Category: misc > > >Synopsis: libpcap > > >Confidential: no > > >Severity: non-critical > > >Priority: medium > > >Responsible: freebsd-bugs > > >State: open > > >Quarter: > > >Keywords: > > >Date-Required: > > >Class: sw-bug > > >Submitter-Id: current-users > > >Arrival-Date: Thu May 19 22:00:27 UTC 2011 > > >Closed-Date: > > >Last-Modified: > > >Originator: Peter Losher > > >Release: 8.2-RELEASE > > >Organization: > > Internet Systems Consortium > > >Environment: > > FreeBSD freebsd8.lab.isc.org 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Thu Feb 17 02:41:51 UTC 2011 root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 > > >Description: > > One of our engineers @ISC discovered that there is a bug in the currently released version of libpcap (in base and in ports) that can be triggered when using an "ip6 protochain" filter. It's due to the fairly complicated BPF bytecode that libpcap generates for IPv6 header chasing combined with a sign extension bug when processing JA (jump absolute) opcodes. (JA is used to go backwards and without sign extension on 64 bit platforms the BPF interpreter incorrectly jumps forward... a lot.) > > > > >How-To-Repeat: > > root@freebsd8:~# tcpdump -nr ip6-hopbyhop-icmp.pcap 'ip6 protochain 58' > > reading from file ip6-hopbyhop-icmp.pcap, link-type EN10MB (Ethernet) > > Segmentation fault: 11 (core dumped) > > > > >Fix: > > There is a fix in the libpcap repository: > > > > https://github.com/mcr/libpcap/commit/ecdc5c0a7f7591a7cd4aff696e42757c677fbbf7 > > > > but the tcpdump-workers have been pretty tardy about putting out newer code, so it sits there stalled. > > > > With the patch applied, it all works well and you should see something like this: > > > > -=- > > $ tcpdump -nr ip6-hopbyhop-icmp.pcap 'ip6 protochain 58' > > reading from file ip6-hopbyhop-icmp.pcap, link-type EN10MB (Ethernet) > > 18:43:07.098489 IP6 fe80::208:7dff:feb7:2cca > ff02::1: HBH ICMP6, multicast listener queryv2 [gaddr ::], length 28 > > -=- > > > > >Release-Note: > > >Audit-Trail: > > >Unformatted: > > _______________________________________________ > > freebsd-bugs@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-bugs > > To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110522193007.GA63178>