Date: Tue, 24 Feb 2009 09:26:38 GMT From: david gueluy <david.gueluy@netasq.com> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/132050: bad usage of the shutdown system call produce a packet with null ip addresses Message-ID: <200902240926.n1O9QciE099523@www.freebsd.org> Resent-Message-ID: <200902240930.n1O9U1qn014219@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 132050 >Category: kern >Synopsis: bad usage of the shutdown system call produce a packet with null ip addresses >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Feb 24 09:30:00 UTC 2009 >Closed-Date: >Last-Modified: >Originator: david gueluy >Release: 7.1-PRERELEASE >Organization: netasq >Environment: /usr/obj/usr/src/sys/GENERIC i386 >Description: By using a PFIL_HOOK on FreeBSD 7.1-prerelease, I notice that I receive some packets from 0.0.0.0 to 0.0.0.0. A bugged software in userland produce these packets when the shutdown system call is used on a socket which is not connected. Even if it's a bad usage of a system call, this case can produce strange behaviours, I think it's necessary to add some checks in tcp_usr_shutdown. >How-To-Repeat: Just open a socket and call directly the shutdown function fd = socket(AF_INET, SOCK_STREAM, 0); shutdown(fd, SHUT_RDWR); close(fd); Add some debug in usr/src/sys/netinet/ip_output.c to dump outgoing packets ./test proto 6 src 0.0.0.0 dst 0.0.0.0 ttl 64 >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902240926.n1O9QciE099523>