NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: PR/44070 CVS commit: src/sys/dist/ipf/netinet

The following reply was made to PR kern/44070; it has been noted by GNATS.

From: List Mail User <>
Subject: Re: PR/44070 CVS commit: src/sys/dist/ipf/netinet
Date: Sat, 12 Feb 2011 10:48:14 -0800 (PST)

 > Log Message:
 > PR/44070: Avoid zero divide in modulo operations.
 > To generate a diff of this commit:
 > cvs rdiff -u -r1.41 -r1.42 src/sys/dist/ipf/netinet/ip_nat.c
        Hi again,
        Actually, the change in 1.42 is unfortunately not correct:
 The problem is that the syntax for minimum and maximum ports is
 _inclusive_ of the endpoint values, therefore any value between
 OR either if bth of the minimum and maximum port values should be
 possible;  The change in rev 1.42 does fix the original problem _I_
 had (i.e. when minimum == maximum to force a single port to be used),
 but the "fix" in 1.42 has a side effect that the maximum port number
 cannot be used for any specification larger than a single port - i.e.
 a rule like "... 167:168" will only use port 167 and can never use 168
 (this seems the "worst" case to me:  A single "fallback" is allowed for
 rare collisions, but doesn't have any effect/functionality because of
 the logic error).
        Of well, the panic is gone, so I can safely allow any of my
 local changes to bit-rot, but a (new/related) bug still remains :-(
        Paul Shupak

Home | Main Index | Thread Index | Old Index