[6551] in bugtraq
"overdrop"+released patch
daemon@ATHENA.MIT.EDU (Aleph One)
Mon Apr 20 18:17:17 1998
Date: Mon, 20 Apr 1998 13:17:58 -0500
Reply-To: Aleph One <aleph1@DFW.NET>
From: Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
---------- Forwarded message ----------
Date: Sat, 18 Apr 1998 17:55:32 +0000 (WAT)
From: NYIsles <NYIsles@Xnet.org>
To: aleph1@dfw.net
Subject: "overdrop"+released patch
Hey.. I don't know whether or not you've seen this but its at
www.rootshell.com so i'm assuming you know about it... following the
syndrop kernel bug was the 'overdrop' bug, which was merely just an
annoyance for anyone at console.. however, the patched released to fix it
made this change starting at line 346 (others might be diff. depending on
any modifications) in net/ipv4/ip_fragment.c:
if(len>65535)
{
NETDEBUG(printk("Oversized IP packet from %s.\n", in_ntoa(qp->iph->saddr)));
ip_statistics.IpReasmFails++;
ip_free(qp);
return NULL;
}
The change made was simply to add a NETDEBUG() around the printk.
Evidently, this was the wrong printk, and this little patch did not fix
the problem. The correct one is on line 492 (but as i said, others' may be
a little different):
if(ntohs(iph->tot_len)+(int)offset>65535)
{
skb->sk = NULL;
printk("Oversized packet received from %s\n",in_ntoa(iph->saddr));
kfree_skb(skb, FREE_READ);
ip_statistics.IpReasmFails++;
return NULL;
}
The fix is to simply add a NETDEBUG() around the printk, making it:
NETDEBUG(printk("Oversized packet received from %s\n",in_ntoa(iph->saddr)));
and viola, no more overdrop annoyance :> Sorry for wasting your time if
someone has already told you about this. Regards,
Paul McGovern
NYIsleS@Xnet
