From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:40851)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1TYvjo-0000Ev-O9
	for qemu-devel@nongnu.org; Thu, 15 Nov 2012 04:27:59 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1TYvjl-0006LS-M6
	for qemu-devel@nongnu.org; Thu, 15 Nov 2012 04:27:56 -0500
Received: from david.siemens.de ([192.35.17.14]:27168)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1TYvjl-0006LH-Ce
	for qemu-devel@nongnu.org; Thu, 15 Nov 2012 04:27:53 -0500
Message-ID: <50A4B58C.7080903@siemens.com>
Date: Thu, 15 Nov 2012 10:27:40 +0100
From: Jan Kiszka <jan.kiszka@siemens.com>
MIME-Version: 1.0
References: <1352739589-5264-1-git-send-email-nickolai@csail.mit.edu>
In-Reply-To: <1352739589-5264-1-git-send-email-nickolai@csail.mit.edu>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH v2] slirp: Don't crash on packets from
	0.0.0.0/8.
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Nickolai Zeldovich <nickolai@csail.mit.edu>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>

On 2012-11-12 17:59, Nickolai Zeldovich wrote:
> LWIP can generate packets with a source of 0.0.0.0, which triggers an
> assertion failure in arp_table_add().  Instead of crashing, simply return
> to avoid adding an invalid ARP table entry.
> 
> Signed-off-by: Nickolai Zeldovich <nickolai@csail.mit.edu>
> ---
>  slirp/arp_table.c |    4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> Change from v1: adhere to qemu's code style (put braces around all
> indentation blocks).
> 
> 
> diff --git a/slirp/arp_table.c b/slirp/arp_table.c
> index 5d7b8ac..bf698c1 100644
> --- a/slirp/arp_table.c
> +++ b/slirp/arp_table.c
> @@ -38,7 +38,9 @@ void arp_table_add(Slirp *slirp, uint32_t ip_addr, uint8_t ethaddr[ETH_ALEN])
>                  ethaddr[3], ethaddr[4], ethaddr[5]));
>  
>      /* Check 0.0.0.0/8 invalid source-only addresses */
> -    assert((ip_addr & htonl(~(0xf << 28))) != 0);
> +    if ((ip_addr & htonl(~(0xf << 28))) == 0) {
> +        return;
> +    }
>  
>      if (ip_addr == 0xffffffff || ip_addr == broadcast_addr) {
>          /* Do not register broadcast addresses */
> 

Thanks, applied to slirp queue.

Jan

-- 
Siemens AG, Corporate Technology, CT RTC ITP SDP-DE
Corporate Competence Center Embedded Linux