[ECOS] A bug in DNS lookup.

[Jonathan Larmour]

Frank Huang wrote:
> Hi,
> 
> I found a "signed and unsigned" bug in eCos DNS lookup code. If you guys
> agree that, please fix it and put it in the 3.0 release.
> 
> In dns_impl.inl, there is a function build_query() which build the DNS
> query packet. It uses the following line code to set the transaction ID.
> 
> 
> dns_hdr->id = htons(id++);
> 
> The type of dns_hdr->id is a unsigned 16 bit, but the id in dns.c is a
> short integer.

dns_hdr->id is in fact an unsigned int, but in a 16-bit bitfield. This is
different from being a natural 16-bit quantity like an unsigned short, and
is I think the real cause of the problem.

> According to the protocol, this transaction ID will be
> increased frequently, so when the id increased from 0x7fff to 0x8000, it
> corrupts the next element's data which is a flag. The flag indicates the
> type of the packet. It should be indicated as "standard query" but it
> becomes to "standard query response" when it hits the bug.
> 
> I force my system keep doing DNS lookup, it hits the bug in about 1 hour
> with about 32000 lookup.
> 
> My fixing is that set the id in dns.c to unsigned short integer. The
> path of the files I am talking about is under eocs/packages/net/ns/dns/.

Thanks, for the report. The attached patch includes your suggestion, and
just to be explicit, includes a cast to a cyg_uint16.

Jifl
-- 
eCosCentric Limited      http://www.eCosCentric.com/     The eCos experts
Barnwell House, Barnwell Drive, Cambridge, UK.       Tel: +44 1223 245571
Registered in England and Wales: Reg No 4422071.
------["Si fractum non sit, noli id reficere"]------       Opinions==mine
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dns.id.patch
Type: text/x-patch
Size: 2253 bytes
Desc: not available
URL: <http://sourceware.org/pipermail/ecos-patches/attachments/20080812/f5d1d8d5/attachment.bin>