kern/79342: When looking for an unused port number for bind or
connect, if low & high port range are equal, kernel can trap in divide by
zero error
Maxim Konovalov
maxim at macomnet.ru
Wed Mar 30 09:20:07 PST 2005
The following reply was made to PR kern/79342; it has been noted by GNATS.
From: Maxim Konovalov <maxim at macomnet.ru>
To: Anjali Kulkarni <anjali at juniper.net>
Cc: silby at freebsd.org, bug-followup at freebsd.org
Subject: Re: kern/79342: When looking for an unused port number for bind or
connect, if low & high port range are equal, kernel can trap in divide by
zero error
Date: Wed, 30 Mar 2005 21:18:27 +0400 (MSD)
> Just a note the bug is appeared with
> net.inet.ip.portrange.randomized=1 only.
>
> I think we need to stop doing random port allocation if last - first
> delta is ridiculous small.
Here is my version of the patch:
Index: in_pcb.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v
retrieving revision 1.161
diff -u -p -r1.161 in_pcb.c
--- in_pcb.c 23 Mar 2005 09:26:38 -0000 1.161
+++ in_pcb.c 30 Mar 2005 16:36:58 -0000
@@ -411,13 +411,19 @@ in_pcbbind_setup(inp, nam, laddrp, lport
* For UDP, use random port allocation as long as the user
* allows it. For TCP (and as of yet unknown) connections,
* use random port allocation only if the user allows it AND
- * ipport_tick allows it.
+ * ipport_tick() allows it.
*/
if (ipport_randomized &&
(!ipport_stoprandom || pcbinfo == &udbinfo))
dorandom = 1;
else
dorandom = 0;
+ /*
+ * It makes no sense to do random port allocation if
+ * we have the only port available.
+ */
+ if (first == last)
+ dorandom = 0;
/* Make sure to not include UDP packets in the count. */
if (pcbinfo != &udbinfo)
ipport_tcpallocs++;
%%%
It's not perfect because it should turn random port allocation off if
the diapason of ports is small but I am not sure yet we need an
additional sysctl for that. Mike, what is your opinion?
As a side note for the original PR: random port allocation was broken
in RELENG_4, that is why we turned it off by default in RELENG_4 some
time after 4.10-REL and turned it on back right before 4.11-REL when
Mike implemented a new algorithm. If you are going to use 4.10-REL
you need to turn the port randomization off or import Mike's code.
--
Maxim Konovalov
More information about the freebsd-bugs
mailing list