From: Werner Almesberger <werner@almesberger.net>
To: netdev@vger.kernel.org, davem@davemloft.net
Subject: Re: minimum ICMPv6 message size vs. RPL's DIS
Date: Thu, 25 Jul 2013 18:47:49 -0300 [thread overview]
Message-ID: <20130725214749.GD29572@ws> (raw)
In-Reply-To: <20130725184044.GC24007@order.stressinduktion.org>
Hannes Frederic Sowa wrote:
> I don't know how they could do this if they want to let other RFCs extend
> icmp types.
Oh, ICMPs can have padding. That's used to enforce "nice" alignment.
Even RFC 6550 (RPL) has that. For example, you could simply pad the
troublesome DIS, message which is
Offset Value Description
------ ----- ------------------------------------------------
0 0x9b ICMPv6 Type = RPL (155, section 6)
1 0x00 ICMPv6 Code = DODAG Information Solicitation (0)
2 0x?? Checksum
3 0x?? (continued)
4 0x00 Flags = 0 (section 6.2.1)
5 0x00 Reserved
to eight bytes (i.e., four bytes of body) by adding
6 0x01 Option Type = PadN (section 6.7.3)
7 0x00 Option Length = 0
But if nothing obliges the sender to do so, there's no excuse for
Linux to expect such padding.
> Yes, that could be an issue. I would be willing to accept this fallout. :)
I'm kinda curious what sort of policy we have on that. The worst
case would be that there's a bunch of 64 bit Linux machines out
there, doing critical infrastructure things in the Internet (not an
unlikely role, given the API in question), and their user space has
some vulnerability if the kernel lets a "short" ICMPv6 packet
through.
Of course, "The Almesberger-Sowa Internet Meltdown of 2013" does
have a nice ring to it, in an apocalyptic kind of way ...
- Werner
next prev parent reply other threads:[~2013-07-25 21:49 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-24 23:28 minimum ICMPv6 message size vs. RPL's DIS Werner Almesberger
2013-07-25 6:17 ` Hannes Frederic Sowa
2013-07-25 10:30 ` Werner Almesberger
2013-07-25 13:03 ` Hannes Frederic Sowa
2013-07-25 13:58 ` Hannes Frederic Sowa
2013-07-25 14:32 ` Werner Almesberger
2013-07-25 18:40 ` Hannes Frederic Sowa
2013-07-25 21:47 ` Werner Almesberger [this message]
2013-07-25 23:31 ` Hannes Frederic Sowa
2013-08-01 5:48 ` Hannes Frederic Sowa
2013-08-02 1:10 ` David Miller
2013-08-02 4:51 ` Werner Almesberger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130725214749.GD29572@ws \
--to=werner@almesberger.net \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).