[Bug 199304] minor bug in /usr/src/sys/netinet6/nd6_nbr.c
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Apr 9 00:24:59 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199304
Bug ID: 199304
Summary: minor bug in /usr/src/sys/netinet6/nd6_nbr.c
Product: Base System
Version: 10.1-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: fbsd.bugzilla at fenyo.net
In /usr/src/sys/netinet6/nd6_nbr.c, there are 2 times the following code:
if (max_linkhdr + maxlen >= MCLBYTES) {
#ifdef DIAGNOSTIC
printf("nd6_ns_output: max_linkhdr + maxlen >= MCLBYTES "
"(%d + %d > %d)\n", max_linkhdr, maxlen, MCLBYTES);
#endif
return;
}
There is two times the same little mistake in this code: the ">=" should
changed to ">".
It is correctly written in the last part of the diag: "(%d + %d > %d)\n"
But it is incorrect in the test (">= MCLBYTES" instead of "> MCLBYTES") and in
the first part of the diag: "max_linkhdr + maxlen >= MCLBYTES" instead of
"max_linkhdr + maxlen > MCLBYTES".
This is a bug because if the packet need exactly MCLBYTES, it is possible to
process it, but the code would not process the packet.
Anyway, this case should never happen because the Neigbor Advertisement and
Neighbor Solicitation packets are always small enough to be contained in a
single MBUF cluster. But the code is wrong, it would be nicer if corrected.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list