Subject: port-alpha/3412: ipfilter crashes netbsd/alpha
To: None <gnats-bugs@gnats.netbsd.org>
From: None <ross@teraflop.com>
List: netbsd-bugs
Date: 03/29/1997 23:47:46
>Number: 3412
>Category: port-alpha
>Synopsis: incorrect use of long crashes netbsd/alpha
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: gnats-admin (GNATS administrator)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Mar 29 23:50:01 1997
>Last-Modified:
>Originator: Ross Harvey
>Organization:
Avalon Computer Systems, Inc.
>Release: NetBSD-current
>Environment:
System: NetBSD epsilon.ghs.com 1.2D NetBSD 1.2D (e) #5: Sat Mar 29 22:32:33 PST 1997 ross@epsilon.ghs.com:/bsd/ross/e alpha
>Description:
Adding "pseudo-device ipfilter 1" to netbsd/alpha will
cause it to crash when ifconfig turns on the interface.
Ipfilter code in netinet/fil.c uses pointer arithmetic to
effectively make structure-to-scalar casts. It uses long when
it really wants an int32 and gets alignment faults that crash
netbsd/alpha. General 64 bit problem, not exactly alpha.
>How-To-Repeat:
Add pseudo-device ipfilter 1. Boot your alpha. 2. Try to come
up multiuser. The first packet or so will halt everything.
>Fix:
Apply patch...
--- netinet/original-fil.c Sat Mar 29 23:28:29 1997
+++ netinet/fil.c Sat Mar 29 22:31:57 1997
@@ -192,8 +192,8 @@
tcp = (tcphdr_t *)((char *)ip + hlen);
fin->fin_dp = (void *)tcp;
(*(((u_short *)fi) + 1)) = (*(((u_short *)ip) + 4));
- (*(((u_long *)fi) + 1)) = (*(((u_long *)ip) + 3));
- (*(((u_long *)fi) + 2)) = (*(((u_long *)ip) + 4));
+ (*(((u_int32_t *)fi) + 1)) = (*(((u_int32_t *)ip) + 3));
+ (*(((u_int32_t *)fi) + 2)) = (*(((u_int32_t *)ip) + 4));
fi->fi_fl = (hlen > sizeof(struct ip)) ? FI_OPTIONS : 0;
off = (ip->ip_off & 0x1fff) << 3;
If it were me, I wouldn't do the pointer bit banging. I would just
assign the fields. I don't know if this makes ipfilter work, but it
fixes the immediate crash. There are lots of other incorrect longs,
but most appear to just allocate unintended but harmless extra bits.
I've notified darrenr@cyber.com.au.
>Audit-Trail:
>Unformatted: