Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > libnet > 03 > 060414.html (Request Expert securityfocus.com Support)

an other bug?

From: sandr8 <sandr8(at)blu.it>
Date: Fri Jun 20 2003 - 16:41:02 EDT


thinking again about the bug report i've sent the other day... i had the feeling that there was an other similar bug... back home i look at the source and i wonder: what happens if this pblock is not the last one created? 

---8<------------ begin extract from libnet_build_ipv4 -----------------------------------

    if (sum == 0 && l->injection_type != LIBNET_RAW4)     { 

        /*

         *  If checksum is zero, by default libnet will compute a checksum

         *  for the user.  The programmer can override this by calling


         *  libnet_toggle_checksum(l, ptag, 1);


         */
        libnet_pblock_setflags(p, LIBNET_PBLOCK_DO_CHECKSUM);
    } 
---8<------------- end extract from libnet_build_ipv4 ------------------------------------

this is not a rare thing... just suppose an ipv4 in ipv4... or an ipv4 in an upper layer... well when somebody specifies 0 as checksum for a pblock and doesn't libnet_toggle_checksum() over that pblock his intention is to have the pblock checksummed by us... so if it doesn't happen we are not adhering the contract with the user programmer... maybe in his intention that inner ip will somewhere be extracted and sent over a network and in that moment it's important that it has the right checksum (if the user programmer wanted it checksummed).

if you confirm it's a bug,
my workaround would be to change the if condition in

    if (sum == 0)
and modify the code that performs checksums in pblock_coalesce() if we really want to avoid that libnet performs a checksum that will be performed by the kernel again... however it wouldn't be so bad if we do it even though it's not useful... if you want me to do that change it's not difficult for me to make out what the current code does (since it's my fault it's so hard to read) and change it. let me know
cheers
sandr8)


To unsubscribe, e-mail: libnet-unsubscribe@securityfocus.com For additional commands, e-mail: libnet-help@securityfocus.com Received on Sat Jun 21 13:15:57 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:24 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library