Bug in rip_output()
lwa%mit-csr at sri-unix.UUCP
lwa%mit-csr at sri-unix.UUCP
Thu Dec 1 01:35:00 AEST 1983
Index: /sys/netinet/raw_ip.c 4.2BSD
Description:
When performing raw internet output, the ip_off field in the
internet header is never completely cleared. Although the
ip_output routine later zeroes everything but the IP_DF flag,
this flag may still be randomly set (depending on the previous
contents of the mbuf used to hold the ip header). As a result,
raw output packets larger than the maximum local net packet size
may be rejected as "too large".
Repeat-By:
Try repeatedly sending packets larger than the maximum local net
packet size using the raw interface. Some will be rejected as
too large.
Fix:
Add the following line to the rip_output() routine in the file
/sys/netinet/raw_ip.c:
ip = mtod(m, struct ip *);
/* add the following line */
ip->ip_off = 0;
/* end of addition */
ip->ip_p = so->so_proto->pr_protocol;
-Larry Allen
-------
More information about the Comp.unix.wizards
mailing list