Hi, The attached patch changes the type of "i" in ospf_hello_rx() from "u8" to "u32" to prevent bird from entering an endless loop here: for(i=0;i<size-(sizeof(struct ospf_hello_packet));i++) The problem occurs when: size-(sizeof(struct ospf_hello_packet)) > 255, which is the case when you start to have a lot of neighbors in the area (I triggered this while trying to run bird in an area with more than 60 neighbors). Regards, Rani --- bird-1.0.7/proto/ospf/hello.c 2003-08-14 10:13:14.000000000 +0200 +++ bird-1.0.7-debian/proto/ospf/hello.c 2003-09-03 05:57:13.000000000 +0200 @@ -59,7 +59,8 @@ { u32 nrid, *pnrid; struct ospf_neighbor *neigh,*n; - u8 i,twoway,oldpriority; + u32 i; + u8 twoway,oldpriority; ip_addr olddr,oldbdr; ip_addr mask; char *beg=": Bad OSPF hello packet from ", *rec=" received: ";
On Wed, 3 Sep 2003, Rani Assaf wrote:
Hi,
The attached patch changes the type of "i" in ospf_hello_rx() from "u8" to "u32" to prevent bird from entering an endless loop here:
for(i=0;i<size-(sizeof(struct ospf_hello_packet));i++)
The problem occurs when: size-(sizeof(struct ospf_hello_packet)) > 255,
which is the case when you start to have a lot of neighbors in the area (I triggered this while trying to run bird in an area with more than 60 neighbors).
Regards, Rani
Hello! Thank you very much I was not able to imagine something like that. Patch accepted, it will go to 1.0.8. ("Debian" means that you're building debian packages?) Feela
--- bird-1.0.7/proto/ospf/hello.c 2003-08-14 10:13:14.000000000 +0200 +++ bird-1.0.7-debian/proto/ospf/hello.c 2003-09-03 05:57:13.000000000 +0200 @@ -59,7 +59,8 @@ { u32 nrid, *pnrid; struct ospf_neighbor *neigh,*n; - u8 i,twoway,oldpriority; + u32 i; + u8 twoway,oldpriority; ip_addr olddr,oldbdr; ip_addr mask; char *beg=": Bad OSPF hello packet from ", *rec=" received: ";
Hi!
- u8 i,twoway,oldpriority; + u32 i; + u8 twoway,oldpriority;
I think that using types smaller than int for any local variables except structures and arrays is very impractical and should be avoided -- not only you risk problems of this type, but it's also in many cases slower [every time you do any arithmetic on them, they get automatically promoted to int and although the compiler is able to optimize out many of these promotions, many others remain]. It would be probably better to replace any u8's and u16's used for loops by unsigned int's. Have a nice fortnight -- Martin `MJ' Mares <mj@ucw.cz> http://atrey.karlin.mff.cuni.cz/~mj/ Faculty of Math and Physics, Charles University, Prague, Czech Rep., Earth We all live in a yellow subroutine...
On Thu, 4 Sep 2003, Martin Mares wrote:
Hi!
- u8 i,twoway,oldpriority; + u32 i; + u8 twoway,oldpriority;
I think that using types smaller than int for any local variables except structures and arrays is very impractical and should be avoided -- not only you risk problems of this type, but it's also in many cases slower [every time you do any arithmetic on them, they get automatically promoted to int and although the compiler is able to optimize out many of these promotions, many others remain].
It would be probably better to replace any u8's and u16's used for loops by unsigned int's.
Yes I know, this was an error. Feela
Have a nice fortnight
participants (4)
-
Martin Mares -
Ondrej Feela Filip -
Ondrej Fila Filip
-
Rani Assaf