NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

bin/42464: timed interoperability has been broken since 2001

>Number:         42464
>Category:       bin
>Synopsis:       timed interoperability has been broken since 2001
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Dec 17 06:05:00 +0000 2009
>Originator:     Timothy McIntosh
>Release:        5.0
Green Dome Software
NetBSD 5.0 NetBSD 5.0 (GENERIC32_IP2x) #0: Mon Apr 27 06:08:08 
UTC 2009
timed interoperability has been broken since the patch described in FreeBSD 
SA-01:28 was implemented in 2001:

This patch erroneously forces all TSP packets to be maximally sized.  This is 
in violation of the time synchronization protocol definition, which defines the 
Machine Name field as a zero-terminated string from 1 to 256 ASCII characters 
in length (including the terminating NUL character).

Not all timed implementations send maximally-sized messages, as this 
implementation does.  One such system is Tru64 UNIX version 4.0F, where 
MAXHOSTNAMELEN is defined as 64.  The current timed implementation fails to 
communicate with such a system, producing messages such as the following in the 
system log:

Dec 16 22:52:38 hoth timed[364]: short packet (76/268 bytes) from

Note:  In the 4.3BSD TSP definition, the tsp_name field was 32 characters in 
Attempt to use timed with a system that does not send maximally-sized TSP 
I have applied the following patch locally to the timed on my Mac OS X 10.5.8 
(Darwin 9.8.0) system, and confirms that it resolves the interoperability 
issue.  The NetBSD 5 timed code is essentially the same, so the same approach 
would apply there, but I have not ported the patch as of this time:

diff -ur remote_cmds-13.0.2/timed.tproj/timed.tproj/globals.h 
--- remote_cmds-13.0.2/timed.tproj/timed.tproj/globals.h        1999-05-01 
22:57:34.000000000 -0500
+++ remote_cmds-13.0.2-patched/timed.tproj/timed.tproj/globals.h        
2009-12-15 01:33:17.000000000 -0600
@@ -70,6 +70,7 @@
 #include <errno.h>
 #include <limits.h>
 #include <netdb.h>
+#include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
diff -ur remote_cmds-13.0.2/timed.tproj/timed.tproj/readmsg.c 
--- remote_cmds-13.0.2/timed.tproj/timed.tproj/readmsg.c        2006-02-07 
00:23:04.000000000 -0600
+++ remote_cmds-13.0.2-patched/timed.tproj/timed.tproj/readmsg.c        
2009-12-15 01:37:12.000000000 -0600
@@ -231,15 +231,16 @@
                length = sizeof(from);
+               bzero(&msgin, sizeof msgin);
                if ((n = recvfrom(sock, (char *)&msgin, sizeof(struct tsp), 0,
                             (struct sockaddr*)&from, &length)) < 0) {
                        syslog(LOG_ERR, "recvfrom: %m");
-               if (n < (ssize_t)sizeof(struct tsp)) {
+               if (n <= (ssize_t)offsetof(struct tsp, tsp_name)) {
                            "short packet (%u/%u bytes) from %s",
-                             n, sizeof(struct tsp),
+                             n, offsetof(struct tsp, tsp_name)+1,

Home | Main Index | Thread Index | Old Index