NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/55179: ipfilter ip_state.c's problem
>Number: 55179
>Category: kern
>Synopsis: ipfilter ip_state.c's problem
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Apr 15 10:20:00 +0000 2020
>Originator: Kouichi Hashikawa
>Release: 9.0-RELEASE
>Organization:
>Environment:
NetBSD kalinka 9.0 NetBSD 9.0 (GENERIC) #0: Fri Feb 14 00:06:28 UTC 2020 mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>Description:
I think dp = ntohs(fin->fin_dport) may be dp = htons(fin->fin_dport),
at src/sys/external/bsd/ipf/netinet/ip_state.c:2414.
(but, same result)
--------
sp = 0;
dp = 0;
if (tcp != NULL) {
sp = htons(fin->fin_sport);
dp = ntohs(fin->fin_dport);
}
...
if (rev == 0) {
if ((IP6_EQ(&is->is_dst, dst) || (flags & SI_W_DADDR)) &&
(IP6_EQ(&is->is_src, src) || (flags & SI_W_SADDR))) {
if (tcp) {
if ((sp == is->is_sport || flags & SI_W_SPORT)
&&
(dp == is->is_dport || flags & SI_W_DPORT))
ret = 1;
--------
>How-To-Repeat:
always
>Fix:
I think following patch will fix problem.
(and replace fin_sport, fin_dpost to fin_data, used only one time
at ip_state.c)
--- ip_state.c-dist 2020-01-12 16:09:10.000000000 +0900
+++ ip_state.c 2020-04-15 00:47:19.333611016 +0900
@@ -2410,8 +2410,8 @@
dp = 0;
if (tcp != NULL) {
- sp = htons(fin->fin_sport);
- dp = ntohs(fin->fin_dport);
+ sp = htons(fin->fin_data[0]);
+ dp = htons(fin->fin_data[1]);
}
if (!rev) {
if (tcp != NULL) {
Home |
Main Index |
Thread Index |
Old Index