kern/132050: bad usage of the shutdown system call produce a packet
with null ip addresses
david gueluy
david.gueluy at netasq.com
Tue Feb 24 01:30:02 PST 2009
>Number: 132050
>Category: kern
>Synopsis: bad usage of the shutdown system call produce a packet with null ip addresses
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 24 09:30:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: david gueluy
>Release: 7.1-PRERELEASE
>Organization:
netasq
>Environment:
/usr/obj/usr/src/sys/GENERIC i386
>Description:
By using a PFIL_HOOK on FreeBSD 7.1-prerelease, I notice that I receive some packets from 0.0.0.0 to 0.0.0.0.
A bugged software in userland produce these packets when the shutdown system call is used on a socket which is not connected.
Even if it's a bad usage of a system call, this case can produce strange behaviours, I think it's necessary to add some checks in tcp_usr_shutdown.
>How-To-Repeat:
Just open a socket and call directly the shutdown function
fd = socket(AF_INET, SOCK_STREAM, 0);
shutdown(fd, SHUT_RDWR);
close(fd);
Add some debug in usr/src/sys/netinet/ip_output.c to dump outgoing packets
./test
proto 6 src 0.0.0.0 dst 0.0.0.0 ttl 64
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list