>Number:         25594
>Category:       bin
>Synopsis:       LP64 sign extension bug in ipnat
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun May 16 11:45:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     Arto Huusko
>Release:        NetBSD 2.0E
>Organization:
	
>Environment:
	
	
System: NetBSD maailma.yok.utu.fi 2.0E NetBSD 2.0E (MAAILMA) #0: Mon May 10 19:49:32 EEST 2004 root@lady:/local/netbsd/current/alpha/obj/sys/arch/alpha/compile/MAAILMA alpha
Architecture: alpha
Machine: alpha
>Description:
	On NetBSD, the command argument of ioctl() is unsigned long.
	In the ipnat_y.y file of ipnat command, the command argument is
	stored in a signed int variable before being passed to ioctl().

	This causes sign extension to happen on hosts where long is 64
	bits and int 32 bits, and thus renders some commands unrecognizable
	for the kernel. For example, SIOCADNAT is affected, and this
	makes ipnat totally unusable.
>How-To-Repeat:
	Boot NetBSD on alpha, and run "ipnat -f ipnat.conf", where
	ipnat.conf contains some rules. Ipnat dies with
	"invalid argument".
>Fix:
	This isn't probably the correct fix for ipnat across all systems
	it supports, but it works on NetBSD:

Index: dist/ipf/tools/ipnat_y.y
===================================================================
RCS file: /cvsroot/netbsd/src/dist/ipf/tools/ipnat_y.y,v
retrieving revision 1.1.1.1
diff -r1.1.1.1 ipnat_y.y
688c688
< 	int add, del;
---
> 	unsigned long add, del;
>Release-Note:
>Audit-Trail:
>Unformatted: