Subject: bin/5230: ping reports next-hop MTU with wrong endian-ness
To: None <gnats-bugs@gnats.netbsd.org>
From: None <lcs@MorningStar.Com>
List: netbsd-bugs
Date: 03/29/1998 15:52:29
>Number:         5230
>Category:       bin
>Synopsis:       ping reports next-hop MTU with wrong endian-ness
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Mar 29 13:05:01 1998
>Last-Modified:
>Originator:     Leonard Samuelson
>Organization:
Ascend Communications
>Release:        NetBSD 1.3
>Environment:
	Intel x86 hardware
	OS: NetBSD 1.3 (GENERICASCEND) 
	Libraries not significant here

System: NetBSD picu.morningstar.com 1.3 NetBSD 1.3 (GENERICASCEND) #2: Wed Jan 28 19:16:30 EST 1998 laine@estrela.morningstar.com:/n/estrela/1/archive/OS/NetBSD/1.3/src/sys/arch/i386/compile/GENERICASCEND i386


>Description:

	Ping reports a next-hop MTU when it receives an ICMP 
	"ICMP_UNREACH_NEED_FRAG" packet.  RFC1191 specifies a
	16-bit field containing a router's next-hop MTU when it
	cannot route a packet without fragmenting a "don't fragment"
	packet.

	The current ping.c fails to swap the endian-ness of the
	ICMP next-hop MTU into host byte order, resulting in incorrect
	output.

How-To-Repeat:

	Send a non-fragmentable echo request to a system whose path
	contains a "small" MTU along the way, and observe the resulting
	error report.

lcs> ping -D -s1403 -i5 137.175.104.87

PING 137.175.104.87 (137.175.104.87): 1404 data bytes
36 bytes from q.MorningStar.Com (137.175.80.216): frag needed and DF set.
Next MTU=38661 for icmp_seq=0
1412 bytes from 137.175.104.87: icmp_seq=0 ttl=61 time=137.299 ms

The correct output would have been:

PING 137.175.104.87 (137.175.104.87): 1404 data bytes
36 bytes from q.MorningStar.Com (137.175.80.216): frag needed and DF set.
Next MTU=1431 for icmp_seq=0
1412 bytes from 137.175.104.87: icmp_seq=0 ttl=61 time=137.299 ms

Here is the RCS version ID line for the ping I use:
/* $NetBSD: ping.c,v 1.32.2.1 1997/12/01 20:02:05 mellon Exp $ */

>How-To-Repeat:
>Fix:

I provide a "diff" output that should patch the source code correctly.
-------------------------- cut here -----------------------------
lcs> diff -u ping.c ping.c.new
--- ping.c      Tue Dec  2 01:49:48 1997
+++ ping.c.new  Tue Mar 24 21:01:16 1998
@@ -1235,7 +1235,7 @@
                        break;
                case ICMP_UNREACH_NEEDFRAG:
                        (void)printf("frag needed and DF set.  Next MTU=%d",
-                              icp->icmp_nextmtu);
+                              ntohs(icp->icmp_nextmtu));
                        break;
                case ICMP_UNREACH_SRCFAIL:
                        (void)printf("Source Route Failed");
-------------------------- cut here -----------------------------
>Audit-Trail:
>Unformatted: