Date: Fri, 06 Jun 1997 22:17:57 +0100 From: Brian Somers <brian@awfulhak.org> To: "Lenzi, Sergio" <lenzi@bsi.com.br> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: pppd problem when using natd (cont.). Message-ID: <199706062117.WAA20815@awfulhak.demon.co.uk> In-Reply-To: Your message of "Fri, 06 Jun 1997 15:28:46 -0000." <Pine.BSF.3.91.970606152339.341A-100000@sergio>
next in thread | previous in thread | raw e-mail | index | archive | help
>
> The panic on module ppp seems to be in pppfcs call.
>
> The system panics while using natd (network address translator) and pppd
>
>
> (line 570 of file /usr/src/sys/net/ppp_tty.c).
>
> It arises when ppp_fcs receive a len less than zero.
>
> static u_short
> pppfcs(fcs, cp, len)
> register u_short fcs;
> register u_char *cp;
> register int len;
> {
> while (len--)
> fcs = PPP_FCS(fcs, *cp++);
> return (fcs);
> }
>
> Can someone please guide me what to do if this function receives
> len < 0 ???
>
> In a test with a printf... it receives len = -17.
>
> Thanks for any help.
Looks like the/a cause. cp will get de-referenced until len
wraps - that means panic in my book. I wonder why it's being
called with -17. Are you able to commit, or would you like me
to take a look at fixing this (or Joerg, you've been in there
recently, do you want to wear the hat) ?
> Sergio Lenzi.
>
> Unix consult.
>
--
Brian <brian@awfulhak.org>, <brian@freebsd.org>
<http://www.awfulhak.org>;
Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706062117.WAA20815>