70960bb86a
ping -R (F_RROUTE) will loop at ping.c:1381 until it segfaults or
the unsigned int hlen happens to be less than the size of an IP header:
slippy$ ping -R 192.168.0.101
PING 192.168.0.101 (192.168.0.101): 56 data bytes
64 bytes from 192.168.0.101: icmp_seq=0 ttl=63 time=1.081 ms
RR: 192.168.0.1
192.168.0.101
192.168.0.101
10.1.1.254
10.1.1.91
unknown option bb
unknown option 32
unknown option 6
...
unknown option 96
unknown option 2d
Segmentation fault
The reason for this is while looping through loose source routing (LSRR)
and strict source routing (SSRR), hlen will become smaller than the IP
header. It may even become negative. This should terminate the loop.
However, when hlen is unsigned, an integer underflow occurs becoming a
large number causing the loop to continue virtually forever until hlen
is either by chance smaller than the lenghth of an IP header or it
segfaults.
Reviewed by: asomers
Fixes:
|
||
|---|---|---|
| .cirrus-ci | ||
| .github | ||
| bin | ||
| cddl | ||
| contrib | ||
| crypto | ||
| etc | ||
| gnu | ||
| include | ||
| kerberos5 | ||
| lib | ||
| libexec | ||
| release | ||
| rescue | ||
| sbin | ||
| secure | ||
| share | ||
| stand | ||
| sys | ||
| targets | ||
| tests | ||
| tools | ||
| usr.bin | ||
| usr.sbin | ||
| .arcconfig | ||
| .arclint | ||
| .cirrus.yml | ||
| .clang-format | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| COPYRIGHT | ||
| LOCKS | ||
| MAINTAINERS | ||
| Makefile | ||
| Makefile.inc1 | ||
| Makefile.libcompat | ||
| Makefile.sys.inc | ||
| ObsoleteFiles.inc | ||
| README.md | ||
| RELNOTES | ||
| UPDATING | ||
FreeBSD Source:
This is the top level of the FreeBSD source directory.
FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.
For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.
The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.
For information on the CPU architectures and platforms supported by FreeBSD, see the FreeBSD website's Platforms page.
Source Roadmap:
| Directory | Description |
|---|---|
| bin | System/user commands. |
| cddl | Various commands and libraries under the Common Development and Distribution License. |
| contrib | Packages contributed by 3rd parties. |
| crypto | Cryptography stuff (see crypto/README). |
| etc | Template files for /etc. |
| gnu | Commands and libraries under the GNU General Public License (GPL) or Lesser General Public License (LGPL). Please see gnu/COPYING and gnu/COPYING.LIB for more information. |
| include | System include files. |
| kerberos5 | Kerberos5 (Heimdal) package. |
| lib | System libraries. |
| libexec | System daemons. |
| release | Release building Makefile & associated tools. |
| rescue | Build system for statically linked /rescue utilities. |
| sbin | System commands. |
| secure | Cryptographic libraries and commands. |
| share | Shared resources. |
| stand | Boot loader sources. |
| sys | Kernel sources (see sys/README.md). |
| targets | Support for experimental DIRDEPS_BUILD |
| tests | Regression tests which can be run by Kyua. See tests/README for additional information. |
| tools | Utilities for regression testing and miscellaneous tasks. |
| usr.bin | User commands. |
| usr.sbin | System administration commands. |
For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.