[Bug 218959] routed closes socket 0 when /etc/gateways in use
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Apr 29 21:37:24 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218959
Bug ID: 218959
Summary: routed closes socket 0 when /etc/gateways in use
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: freebsd-bugs at FreeBSD.org
Reporter: webpages at sprow.co.uk
Created attachment 182180
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=182180&action=edit
Patch to parms.c
In the process of starting in main() routed gets
rt_sock = socket(AF_ROUTE, SOCK_RAW, 0);
which on my test system is the first socket to be opened, and hence rt_sock is
0.
[https://svnweb.freebsd.org/base/head/sbin/routed/main.c?annotate=314436#l309]
A little further down main() we call gwkludge(), which parses the /etc/gateways
file and adds fake interfaces for passive networks.
[https://svnweb.freebsd.org/base/head/sbin/routed/main.c?annotate=314436#l350]
Then, still in msin() we call ifinit() which looks through the interfaces known
and turns on router discovery and RIP
if_ok_rdisc(ifp);
rip_on(ifp);
[https://svnweb.freebsd.org/base/head/sbin/routed/if.c?annotate=314436#l1141]
In the rip_on() function for any interfaces that are having RIP turned on any
query sockets are closed
(void)close(ifp->int_rip_sock);
[https://svnweb.freebsd.org/base/head/sbin/routed/main.c?annotate=314436#l770]
The problem is that when the fake interface was created memset was used to
clear the struct interface, but the member int_rip_sock is never initialised.
Therefore, when the loop iterates over the interfaces to turn RIP on it finds a
positive number (0) and closes the socket - inadvertantly closing the rt_sock
by mistake.
Patch attached initialises that member to -1, an invalid socket number.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list