From owner-freebsd-current  Thu Jun 24 15: 6: 0 1999
Delivered-To: freebsd-current@freebsd.org
Received: from fasterix.frmug.org (d066.paris-81.cybercable.fr [212.198.81.66])
	by hub.freebsd.org (Postfix) with ESMTP id 9616A14DCF
	for <freebsd-current@FreeBSD.org>; Thu, 24 Jun 1999 15:05:46 -0700 (PDT)
	(envelope-from pb@fasterix.frmug.org)
Received: (from pb@localhost)
	by fasterix.frmug.org (8.9.3/8.9.3/pb-19990315) id AAA00900
	for freebsd-current@FreeBSD.org; Fri, 25 Jun 1999 00:05:41 +0200 (CEST)
Message-ID: <19990625000537.A657@fasterix.frmug.fr.net>
Date: Fri, 25 Jun 1999 00:05:37 +0200
From: Pierre Beyssac <pb@fasterix.freenix.org>
To: freebsd-current@FreeBSD.org
Subject: please review: patch for PR kern/12265
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.92.8i
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I'm working on a fix to PR kern/12265 (panic when trying to RTM_GET
the default route while there is none).

The problem is that in route_output(), in that case, rn_lookup()
returns the root node of the radix table (he got it from rn_match()),
while the code expects NULL or a node with an AF_INET address
family. Later, rtfree() gets very confused and panics because the
route node to be freed doesn't have the right address family.

From TCP/IP Illustrated vol. 2, it seems that rtalloc1() is written
to expect that from rn_match(): it explicitly checks if the returned
node is the root node.

So there are two solutions:
	- fix rn_match() to return NULL when it currently returns
	  the root node;
	- fix RTM_GET and friends, and scan for the same kind of error
	  elsewhere, to trap for this same condition.

I'm testing the first approach with the following patch on my
machine and there seems to be no ill-effect.

Unless someone thinks the second solution or another approach is
better, I'll commit this patch.

--- radix.c.orig	Thu Jun 24 23:26:04 1999
+++ radix.c	Thu Jun 24 23:26:26 1999
@@ -261,7 +261,7 @@
 	 * This extra grot is in case we are explicitly asked
 	 * to look up the default.  Ugh!
 	 */
-	if ((t->rn_flags & RNF_ROOT) && t->rn_dupedkey)
+	if (t->rn_flags & RNF_ROOT)
 		t = t->rn_dupedkey;
 	return t;
 on1:
-- 
Pierre Beyssac	      pb@fasterix.frmug.org pb@fasterix.freenix.org
{Free,Net,Open}BSD, Linux : il y a moins bien, mais c'est plus cher
    Free domains: http://www.eu.org/ or mail dns-manager@EU.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message