kern/95277: IP Encapsulation mask_match() returns wrong results
Qiao Yang
qyang at stbernard.com
Mon Apr 3 18:40:22 UTC 2006
>Number: 95277
>Category: kern
>Synopsis: IP Encapsulation mask_match() returns wrong results
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Apr 03 18:40:16 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Qiao Yang
>Release: 5.4
>Organization:
St Bernard Software
>Environment:
>Description:
As documented in the code,
/*
* We prioritize the matches by using bit length of the
* matches. mask_match() and user-supplied matching function
* should return the bit length of the matches (for example,
* if both src/dst are matched for IPv4, 64 should be returned).
* 0 or negative return value means "it did not match".
*/
But in mask_match(), it use "struct sockaddr" to do byte-array comparison when applying the network mask. The problem is that this mask is applied to the whole 'struct sockaddr' data structure. Because 'struct sockaddr' includes both sa_len and sa_family, the result match_len will not be 0 even when the network mask is 0.0.0.0. And, if both src/dst are matched for IPv4, 88 instead of 64 is returned.
This causes problem for protocols which want to set 0.0.0.0 netmask on the tunnel end.
>How-To-Repeat:
Just read the code.
>Fix:
When doing byte-array comparison, use sockaddr.sa_data instead of sockaddr.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list