3 Mar 2010 01:14
Re: [PATCH] Prevent ping{4, 6} to leak stack content when ENABLE_FEATURE_FANCY_PING is on
Denys Vlasenko <vda.linux <at> googlemail.com>
2010-03-03 00:14:40 GMT
2010-03-03 00:14:40 GMT
On Tuesday 02 March 2010 13:56, Arnaud Ebalard wrote:
> I don't know if this has already been reported but I noticed that the
> ICMPv6 Echo Request packets generated by busybox ping6 implementation
> were leaking the content of the stack.
Please show the evidence (tcpdump? strace?).
Which bbox version and .config?
> Below is a patch against current
> git tree.
You added memsets to _receive_ buffers, not send ones...
send buffers are probeply cleared:
static void sendping4(int junk UNUSED_PARAM)
{
/* +4 reserves a place for timestamp, which may end up sitting
* *after* packet. Saves one if() */
struct icmp *pkt = alloca(datalen + ICMP_MINLEN + 4);
memset(pkt, 0, datalen + ICMP_MINLEN + 4);
....
}
#if ENABLE_PING6
static void sendping6(int junk UNUSED_PARAM)
{
struct icmp6_hdr *pkt = alloca(datalen + sizeof(struct icmp6_hdr) + 4);
memset(pkt, 0, datalen + sizeof(struct icmp6_hdr) + 4);
--
--
vda
RSS Feed