Lots of embedded devices (like Cisco IP Phones) send TFTP requests with 0
checksums.
Tom
> On Oct 1, 2014, at 12:58 PM, Michael Tuexen
> <michael.tue...@lurchi.franken.de> wrote:
>
> Dear all,
>
> in udp6_input() we have the following code:
>
> if (nxt == IPPROTO_UDP && plen != ulen) {
> UDPSTAT_INC(udps_badlen);
> goto badunlocked;
> }
> /*
> * Checksum extended UDP header and data.
> */
> if (uh->uh_sum == 0) {
> if (ulen > plen || ulen < sizeof(struct udphdr)) {
> UDPSTAT_INC(udps_nosum);
> goto badunlocked;
> }
> }
>
> I'm trying to understand the UDP code path...
>
> So (ulen > plen) can't be true. I'm wondering why do we only check the ulen
> is not too
> short only in the case when the UDP checksum is zero. A zero checksum should
> also never happen.
>
> I think we should check for ulen < sizeof(struct udphdr) in any case.
>
> Opinions?
>
> Best regards
> Michael
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
