On 3 Aug 99, at 8:26, Srinivasa Rao Addepalli wrote:
> IP Spec says that the reassembly algorithm should take care
> of overlapped fragments.
>
> My question is, when does this happen? Who sends overlapped
> fragments? Does this happen in reality?
1. Buggy fragmentation code.
2. Attacker hoping to take advantage of buggy reassembly code.
> One of my VLSI friends is working on implementing reassembly
> in the ASIC. He was asking whether to take care of overlapped
> segments or not in the hardware.
Spec implies that he must do *something*. I would say that he should throw
some kind of "exception" if the overlap involves an inconsistency or leaves
part of the packet contents unspecified.
i.e., all packet octets must have values supplied; where overlap involves
multiple values supplied for any octet, they must all agree.
David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
