Subject: Re: kern/7831: panic: m_copydata
To: Manuel Bouyer <bouyer@antioche.lip6.fr>
From: Darren Reed <darrenr@reed.wattle.id.au>
List: tech-net
Date: 08/05/1999 10:29:32
In some email I received from Manuel Bouyer, sie wrote:
[...]
> My guess is that at this point ippr_ftp_in should check for this, and
> just forward the icmp message if this is and icmp message.
>
> If I understood things properly, ippr_ftp_in() is supposed to return
> the difference of size between the old and new mbuf - is this true ?
>
> What do competent persons think of the patch below ?
> I can't test it rigth now, but I will ASAP :)
There should be a sanity check higher up to ensure that the protocol of
the current packet being processed matches the protocol which the proxy
has been designed to support. Patch below.
Darren
Index: ip_proxy.c
===================================================================
RCS file: /devel/CVS/IP-Filter/ip_proxy.c,v
retrieving revision 2.1
diff -c -r2.1 ip_proxy.c
*** ip_proxy.c 1999/08/04 17:29:58 2.1
--- ip_proxy.c 1999/08/05 00:28:41
***************
*** 185,191 ****
nat->nat_aps = ap_new_session(nat->nat_ptr->in_apr, ip,
fin, nat);
aps = nat->nat_aps;
! if (aps != NULL) {
if (ip->ip_p == IPPROTO_TCP) {
tcp = (tcphdr_t *)fin->fin_dp;
/*
--- 185,191 ----
nat->nat_aps = ap_new_session(nat->nat_ptr->in_apr, ip,
fin, nat);
aps = nat->nat_aps;
! if ((aps != NULL) && (aps->aps_p == ip->ip_p)) {
if (ip->ip_p == IPPROTO_TCP) {
tcp = (tcphdr_t *)fin->fin_dp;
/*