On Sat, Feb 23, 2002 at 01:50:33PM +0200, Ruslan Ermilov wrote:
[snip]
> Nice catch!
Igor M Podlesny <[EMAIL PROTECTED]>, PR misc/35022, caught it. I just
analyzed it.
[snip]
> The patch is incomplete (see dropwithreset below). Here's the tcp_input.c
> part of the original delta that introduced this bug:
I considered what to do for non-SYN segments, but I didn't see a
requirement in the standards (I may have missed it), so I just didn't
touch it.
> : Script started on Sat Feb 23 13:37:18 2002
> : $ sccs prs -r7.35 tcp_input.c
> : D 7.35 93/04/07 19:28:08 sklower 159 158 00007/00003/01623
> : MRs:
> : COMMENTS:
> : Mostly changes recommended by jch for variable subnets & multiple
> : IP addresses per physical interface. May require further work.
[snip]
> I think you should just back the CSRG revision 7.35 out of tcp_input.c,
> mentioning what was wrong with removing in_broadcast() check.
Where'd you pull this out? I'll integrate this version.
> route add -net 192.168.4 192.168.1.1
> ping 192.168.4.255
>
> on a directly attached 192.168.1 network isn't a "malicious use".
Then I would put that under the "misconfigured" header. The machine
you are pinging from would have to be local to 192.168.4.0/24 also,
why are you routing it through 192.168.1.1? But there may be some
situations that I have not considered where one might wish to do
that.
Anyway, if there are legit configurations where this rears its head,
it is even worse.
--
Crist J. Clark | [EMAIL PROTECTED]
| [EMAIL PROTECTED]
http://people.freebsd.org/~cjc/ | [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
