This is the mail archive of the ecos-discuss@sources.redhat.com mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: IPv6 & DHCP stack corruption


On Thu, 2003-04-03 at 06:56, Andrew Lunn wrote:
> On Wed, Apr 02, 2003 at 08:01:24AM -0700, Gary Thomas wrote:
> > On Wed, 2003-04-02 at 01:47, Andrew Lunn wrote:
> > > Hi Ken, Gary, et al
> > > 
> > > I found a problem with the dhcp client when IPv6 is enabled. In
> > > do_dhcp_down_net, if IPv6 is enabled two extra ioctl calls are
> > > made. This is being passed a struct ifreq. The comments in if.h
> > > suggests this should actually take struct if_laddrreq, which is
> > > bigger. During the ioctl, some addresses are copied into the
> > > structure, which is too small and so the stack is corrupted. This
> > > causes a crash on the synth target and will also affect any targets
> > > where the stack grows down in memory.
> > > 
> > 
> > This looks correct to me. Please go ahead and apply this change.
> 
> Im going to hold off for the moment. I want to understand what the
> other fields are for and what this bit of code is actually doing and
> why.

Even if there are other concerns, the fact that the DHCP
code is using the wrong structure is reason enough to warrant
the change.  

It's too bad that the 'ioctl()' paradigm doesn't provide good ways 
to do parameter checking.

-- 
------------------------------------------------------------
Gary Thomas                 |
MLB Associates              |  Consulting for the
+1 (970) 229-1963           |    Embedded world
http://www.mlbassoc.com/    |
email: <gary at mlbassoc dot com>  |
gpg: http://www.chez-thomas.org/gary/gpg_key.asc
------------------------------------------------------------


-- 
Before posting, please read the FAQ: http://sources.redhat.com/fom/ecos
and search the list archive: http://sources.redhat.com/ml/ecos-discuss


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]