* Possible bug in net/core/neighbor.c
@ 2014-11-05 10:46 Ulf Samuelsson
2014-11-05 15:46 ` Ulf Samuelsson
0 siblings, 1 reply; 2+ messages in thread
From: Ulf Samuelsson @ 2014-11-05 10:46 UTC (permalink / raw)
To: netdev
I find the following in "net/core/neighbor.c"
/* Compare new lladdr with cached one */
if (!dev->addr_len) {
/* First case: device needs no address. */
lladdr = neigh->ha;
} else if (lladdr) {
/* The second case: if something is already cached
and a new address is proposed:
- compare new & old
- if they are different, check override flag
*/
/* POSSIBLE BUG */
if ((old & NUD_VALID) &&
!memcmp(lladdr, neigh->ha, dev->addr_len))
lladdr = neigh->ha;
/* END POSSIBLE BUG */
} else {
/* No address is supplied; if we know something,
use it, otherwise discard the request.
*/
err = -EINVAL;
if (!(old & NUD_VALID))
goto out;
lladdr = neigh->ha;
}
It looks to me like the code is saying
if the proposed address is equal to the original address,
set the proposed address to the original address.
which is pretty meaningless.
Should it not be:
if ((old & NUD_VALID) &&
memcmp(lladdr, neigh->ha, dev->addr_len)) /* True if
addresses are not equal */
neigh->ha = lladdr; /* Update to new address */
If not, I would appreciate an explanation what the code is doing.
--
Best Regards,
Ulf Samuelsson
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Possible bug in net/core/neighbor.c
2014-11-05 10:46 Possible bug in net/core/neighbor.c Ulf Samuelsson
@ 2014-11-05 15:46 ` Ulf Samuelsson
0 siblings, 0 replies; 2+ messages in thread
From: Ulf Samuelsson @ 2014-11-05 15:46 UTC (permalink / raw)
To: netdev
On 11/05/2014 11:46 AM, Ulf Samuelsson wrote:
> I find the following in "net/core/neighbor.c"
>
> /* Compare new lladdr with cached one */
> if (!dev->addr_len) {
> /* First case: device needs no address. */
> lladdr = neigh->ha;
> } else if (lladdr) {
> /* The second case: if something is already cached
> and a new address is proposed:
> - compare new & old
> - if they are different, check override flag
> */
>
> /* POSSIBLE BUG */
> if ((old & NUD_VALID) &&
> !memcmp(lladdr, neigh->ha, dev->addr_len))
> lladdr = neigh->ha;
> /* END POSSIBLE BUG */
> } else {
> /* No address is supplied; if we know something,
> use it, otherwise discard the request.
> */
> err = -EINVAL;
> if (!(old & NUD_VALID))
> goto out;
> lladdr = neigh->ha;
> }
>
> It looks to me like the code is saying
> if the proposed address is equal to the original address,
> set the proposed address to the original address.
>
> which is pretty meaningless.
>
> Should it not be:
>
> if ((old & NUD_VALID) &&
> memcmp(lladdr, neigh->ha, dev->addr_len)) /* True if
> addresses are not equal */
> neigh->ha = lladdr; /* Update to new address */
>
> If not, I would appreciate an explanation what the code is doing.
>
OK, I think I figured it out.
If laddr and neigh->ha are identical, we want lladdr (which is a pointer)
to have the same value as neigh->ha so after this, you know that
laddr is identical to neigh->ha by justr comparing the pointers.
When I google, I only find other people which does not understand
the purpose of the code.
The comments are also obsolete, since "check override flag" refers
to code which has been removed.
Best Regards,
Ulf Samuelsson
KI/EAB/ILM/GF
ulf.samuelsson@ericsson.com
+46 722 427 437
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-11-05 15:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-11-05 10:46 Possible bug in net/core/neighbor.c Ulf Samuelsson
2014-11-05 15:46 ` Ulf Samuelsson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).