kern/79342: When looking for an unused port number for bind or connect, if low & high port range are equal, kernel can trap in divide by zero error

Maxim Konovalov maxim at macomnet.ru
Wed Mar 30 09:20:07 PST 2005 

The following reply was made to PR kern/79342; it has been noted by GNATS.

From: Maxim Konovalov <maxim at macomnet.ru>
To: Anjali Kulkarni <anjali at juniper.net>
Cc: silby at freebsd.org, bug-followup at freebsd.org
Subject: Re: kern/79342: When looking for an unused port number for bind or
 connect, if low & high port range are equal, kernel can trap in divide by
 zero error
Date: Wed, 30 Mar 2005 21:18:27 +0400 (MSD)

 > Just a note the bug is appeared with
 > net.inet.ip.portrange.randomized=1 only.
 >
 > I think we need to stop doing random port allocation if last - first
 > delta is ridiculous small.
 
 Here is my version of the patch:
 
 Index: in_pcb.c
 ===================================================================
 RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v
 retrieving revision 1.161
 diff -u -p -r1.161 in_pcb.c
 --- in_pcb.c	23 Mar 2005 09:26:38 -0000	1.161
 +++ in_pcb.c	30 Mar 2005 16:36:58 -0000
 @@ -411,13 +411,19 @@ in_pcbbind_setup(inp, nam, laddrp, lport
  		 * For UDP, use random port allocation as long as the user
  		 * allows it.  For TCP (and as of yet unknown) connections,
  		 * use random port allocation only if the user allows it AND
 -		 * ipport_tick allows it.
 +		 * ipport_tick() allows it.
  		 */
  		if (ipport_randomized &&
  			(!ipport_stoprandom || pcbinfo == &udbinfo))
  			dorandom = 1;
  		else
  			dorandom = 0;
 +		/*
 +		 * It makes no sense to do random port allocation if
 +		 * we have the only port available.
 +		 */
 +		if (first == last)
 +			dorandom = 0;
  		/* Make sure to not include UDP packets in the count. */
  		if (pcbinfo != &udbinfo)
  			ipport_tcpallocs++;
 %%%
 
 It's not perfect because it should turn random port allocation off if
 the diapason of ports is small but I am not sure yet we need an
 additional sysctl for that.  Mike, what is your opinion?
 
 As a side note for the original PR: random port allocation was broken
 in RELENG_4, that is why we turned it off by default in RELENG_4 some
 time after 4.10-REL and turned it on back right before 4.11-REL when
 Mike implemented a new algorithm.  If you are going to use 4.10-REL
 you need to turn the port randomization off or import Mike's code.
 
 -- 
 Maxim Konovalov

More information about the freebsd-bugs mailing list