Subject: Re: ip_nat MSS clamping
To: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
From: Andrey Petrov <petrov@netbsd.org>
List: tech-net
Date: 06/03/2002 10:59:26
On Mon, Jun 03, 2002 at 03:04:46PM +0900, YAMAMOTO Takashi wrote:
> From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
> Subject: ip_nat MSS clamping
> Date: Mon, 03 Jun 2002 08:24:07 +0900
> > 	sys/netinet/ip_nat.c has tcp option parsing bug in MSS clamping
> > 	handling.
> > 	- it does not stop at EOL
> > 	- it does incorrect processing of NOP
> > 
> > 	does the following look ok?
> 
> 
> >  				if (mss > maxmss) {
> >  					*(short *)cp = htons((short)(maxmss));
					^^^^^^^^^^^^
This is quite dangerous construction for any platform with strict
alignment.


> 
> s/cp/&cp[2]/  ?
> 
> ---
> YAMAMOTO Takashi<yamt@mwd.biglobe.ne.jp>