svn commit: r249848 - head/sys/netinet
Gleb Smirnoff
glebius at FreeBSD.org
Thu Apr 25 08:25:01 UTC 2013
On Wed, Apr 24, 2013 at 06:30:32PM +0000, Randall Stewart wrote:
R> Author: rrs
R> Date: Wed Apr 24 18:30:32 2013
R> New Revision: 249848
R> URL: http://svnweb.freebsd.org/changeset/base/249848
R>
R> Log:
R> This fixes the issue with the "randomly changing" default
R> route. What it was is there are two places in ip_output.c
R> where we do a goto again. One place was fine, it
R> copies out the new address and then resets dst = ro->rt_dst;
R> But the other place does *not* do that, which means earlier
R> when we found the gateway, we have dst pointing there
R> aka dst = ro->rt_gateway is done.. then we do a
R> goto again.. bam now we clobber the default route.
R>
R> The fix is just to move the again so we are always
R> doing dst = &ro->rt_dst; in the again loop.
R>
R> PR: 174749,157796
R> MFC after: 1 week
This dst pointing either on stack or into routing table is dangerous.
We already have several places where the problem is carefully handled,
and now you fixed another one. Nevertheless this is subtle and
leaves a place for future bugs.
I think we should introduce a pointer to const struct sockaddr_in,
which either matches dst or rte->rt_gateway.
Patch attached.
--
Totus tuus, Glebius.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ip_output.c.diff
Type: text/x-diff
Size: 2371 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20130425/faf1f102/attachment.diff>
More information about the svn-src-all
mailing list