Date: Wed, 23 Oct 1996 23:18:07 PDT From: Bill Fenner <fenner@parc.xerox.com> To: Paul Traina <pst@shockwave.com> Cc: Garrett Wollman <wollman@freefall.freebsd.org>, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-sys@freefall.freebsd.org Subject: Re: cvs commit: src/sys/netinet ip.h ip_var.h Message-ID: <96Oct23.231808pdt.177480@crevenia.parc.xerox.com> In-Reply-To: Your message of "Wed, 23 Oct 96 17:53:15 PDT." <199610240053.RAA28472@precipice.shockwave.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199610240053.RAA28472@precipice.shockwave.com> you write: >Urp... I think I recall seeing a note somewhere explaining why they weren't >unsigned... something to do with some mbuf math somewhere. ...? <netinet/ip.h> talks about pragmatically making them signed so that unsigned math doesn't fail in strange ways. Having them signed actually appears to be a big chunk of why FreeBSD isn't vulnerable to the Win95 ping evilness (which gets ICMP to reflect a too-big packet & dies on output). I think that sign-extension makes the check to see if the packet will fit on the ifq fail since the packet appears huge (division by the unsigned if_mtu causes the negative ip_len to be coerced to unsigned). I'm not sure I'm convinced that gcc will warn us about every weirdness that arises from this change. I suspect that there's plenty of sloppy code that assumes these are signed and needs to be checked. Bill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?96Oct23.231808pdt.177480>