Darren Reed writes:
>> ! while ((len = m->b_rptr - m->b_wptr) <= off) {
>
> Hmmm, are you sure you haven't got that around the wrong way ?
> With the above, len is nearly always going to be < 0.
> i.e. i think it should be:
>
> while ((len = m->b_wptr - m->b_rptr) <= off) {
You are quite correct. Fixed version included below.
*** SunOS/pfildrv.c.ORIGINAL Mon Feb 21 19:07:18 2005
--- SunOS/pfildrv.c Tue Feb 22 14:54:15 2005
*************** int pfil_precheck(queue_t *q, mblk_t **m
*** 541,562 ****
}
- ip = (struct ip *)(m->b_rptr + off);
-
/*
* We might have a 1st data block which is really M_PROTO, i.e. it is
* only big enough for the link layer header
*/
! while ((u_char *)ip >= m->b_wptr) {
! len = (u_char *)ip - m->b_wptr;
m = m->b_cont;
if (m == NULL) {
atomic_add_long(&qif->qf_nodata, 1);
return -4; /* not enough data for IP */
}
- ip = (struct ip *)(m->b_rptr + len);
}
! off = (u_char *)ip - m->b_rptr;
mlen = msgdsize(m) - off;
sap = qif->qf_sap;
if (mlen == 0)
--- 541,560 ----
}
/*
* We might have a 1st data block which is really M_PROTO, i.e. it is
* only big enough for the link layer header
*/
! while ((len = m->b_wptr - m->b_rptr) <= off) {
! off -= len;
m = m->b_cont;
if (m == NULL) {
atomic_add_long(&qif->qf_nodata, 1);
return -4; /* not enough data for IP */
}
}
!
! ip = (struct ip *)(m->b_rptr + off);
mlen = msgdsize(m) - off;
sap = qif->qf_sap;
if (mlen == 0)
-- John
-------------------------------------------------------------------------
| Feith Systems | Voice: 1-215-646-8000 | Email: [EMAIL PROTECTED] |
| John Wehle | Fax: 1-215-540-5495 | |
-------------------------------------------------------------------------
