>Number:         13956
>Category:       bin
>Synopsis:       pppd exits with 'Fatal signal 10' if more then 32 interfaces are defined
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Sep 15 12:37:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Andreas Wrede <andreas@planix.com>
>Release:        NetBSD 1.5.2
>Organization:
Planix, Inc.
>Environment:
System: NetBSD woffi.planix.com 1.5.2 NetBSD 1.5.2 (PLANIX-IPv6) #1: Wed Aug 29 14:01:08 EDT 2001 root@whome.planix.com:/usr/src/sys/arch/i386/compile/WOFFI i386


>Description:
	With a kernel that has more than 32 interfaces defined, trying to run pppd
with option 'proxyarp' will cause it to exit with a bus error. This is
caused by a buffer overrun in the SIOCGIFCONF ioctl when pppd tries
to load the interface list.

	Note that the kernel knows the length of the buffer and should probably
be fixed to not overrun it, somewhere in ifconf() in sys/net/if.c.

>How-To-Repeat:
	Build a kernel with 'pseudo-device   ppp      32'.
	Add option 'proxyarp' to /etc/ppp/options.
	Start a pppd session.

>Fix:
	Apply patch below to up the number of interface to 256. 

 
Index: sys-bsd.c
===================================================================
RCS file: /u5/NetBSD-CVS/main/basesrc/usr.sbin/pppd/pppd/sys-bsd.c,v
retrieving revision 1.34.4.1
diff -c -c -r1.34.4.1 sys-bsd.c
*** sys-bsd.c	2000/09/30 06:21:45	1.34.4.1
--- sys-bsd.c	2001/09/15 19:23:33
***************
*** 1611,1617 ****
   * get_ether_addr - get the hardware address of an interface on the
   * the same subnet as ipaddr.
   */
! #define MAX_IFS		32
  
  static int
  get_ether_addr(ipaddr, hwaddr)
--- 1611,1617 ----
   * get_ether_addr - get the hardware address of an interface on the
   * the same subnet as ipaddr.
   */
! #define MAX_IFS		256
  
  static int
  get_ether_addr(ipaddr, hwaddr)
>Release-Note:
>Audit-Trail:
>Unformatted: