This is the mail archive of the ecos-discuss@sourceware.org mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

A bug in DNS lookup.


Hi,

I found a "signed and unsigned" bug in eCos DNS lookup code. If you guys agree that, please fix it and put it in the 3.0 release.

In dns_impl.inl, there is a function build_query() which build the DNS query packet. It uses the following line code to set the transaction ID.

dns_hdr->id = htons(id++);

The type of dns_hdr->id is a unsigned 16 bit, but the id in dns.c is a short integer. According to the protocol, this transaction ID will be increased frequently, so when the id increased from 0x7fff to 0x8000, it corrupts the next element's data which is a flag. The flag indicates the type of the packet. It should be indicated as "standard query" but it becomes to "standard query response" when it hits the bug.

I force my system keep doing DNS lookup, it hits the bug in about 1 hour with about 32000 lookup.

My fixing is that set the id in dns.c to unsigned short integer. The path of the files I am talking about is under eocs/packages/net/ns/dns/.

Thanks,
-Frank

--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]