infinite loop in esp6_ctlinput()?
JINMEI Tatuya / 神明達哉
jinmei at isl.rdc.toshiba.co.jp
Mon Aug 27 23:19:38 PDT 2007
At Tue, 28 Aug 2007 10:15:31 +0800,
blue <susan.lan at zyxel.com.tw> wrote:
> When receiving a "packet too big" ICMP error message, FreeBSD will call
> the ctlinput() function of the upper protocol. If the preceding packet
> is an ESP IPv6 packet, then FreeBSD will call esp6_ctlinput(). In
> esp6_ctlinput(), pfctlinput2() will be executed to traverse all possible
> upper protocols, and call their registered ctlinput() function. However,
> that would call esp6_ctlinput() again since ESP is one of the upper
> protocols! Then an infinite loop occurs!!
From a quick look at the code, there's a slight difference between the
IPSEC (netinet6/esp_input.c) and FAST_IPSEC (netipsec/ipsec_input.c)
implementations. I suspect the loop doesn't occur at least for the
esp_input.c version. Did you actually see the loop for both, or are
you guessing from the code?
> After comparing both IPSEC and FAST_IPSEC, the operations are exactly
> the same. Is it a bug?
If it actually causes an infinite loop, it's a bug, of course.
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
jinmei at isl.rdc.toshiba.co.jp
More information about the freebsd-net
mailing list