Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?

To: tech-net%netbsd.org@localhost
Subject: Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Tue, 10 May 2022 13:47:49 -0400 (EDT)

>>> I think looks like an error if it is not 4 or 6.
>> Yes, of course.  I didn't figure out whether some malicious packet
>> (which is somewhat likely on a gateway) could be arranged to tigger
>> that case.
> you could also add a printf() to see if this code path is used.

It occurs to me that there may well be non-malicious packets coming in
with ip_v - well, the four bits that in IP packets are ip_v - other
than 4 or 6.  Depending on what code paths ipf_send_ip can be called
from, they might be anything from spanning tree to EtherTalk to RARP
(though I haven't checked any of those to see what they have in those
four bits).

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
  - From: Edgar Fuß
- Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
  - From: Christos Zoulas
- Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
  - From: Edgar Fuß
- Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
  - From: Manuel Bouyer

Prev by Date: Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
Next by Date: Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
Previous by Thread: Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
Next by Thread: Re: Memory leak in sys/external/bsd/ipf/netinet/ip_fil_netbsd.c:ipf_send_ip()?
Indexes:

Home | Main Index | Thread Index | Old Index