Bug#181701: libc6: sendmsg used incorrectly in sunrpc/svc_udp.c
At Thu, 20 Feb 2003 10:47:38 +1100,
Neil F. Brown <neilb@cse.unsw.edu.au> wrote:
> sunrpc/svc_udp uses sendmsg when sending a reply to a rpc/udb request so
> that it can set the source address (using a PKTINFO control message) of the
> reply to match the destination address of the request. This is good.
>
> The way it does it is to set the IP_PKTINFO option so that recvmsg returns
> a PKTINFO control message, and then this control message is passed un-modified
> down to sendmsg. This is wrong.
>
> The PKTINFO control message returned by recvmsg contains an interface index,
> a local address and the destination address for the packet.
>
> In the PKTINFO control message accepted by sendmsg, the destination address is
> ignored, the local address is used as the source address, and the interface
> index is used to force the message to go out that particular interface.
>
> This last is the problem. By-passing the control packet back unchanged,
> the reply is forced to go out the same interface that the request came
> in one, even if there is no appropriate route out that interface.
>
> The following patch verifies the existance of a correctly formated PKTINFO
> control message, and zeros the ifi_ifindex field. This means that the reply
> will still have the correct source address, but that normally routing decissions
> will not be over-ridden.
>
> I have tested this patch on a multi-homed machine that suffered problems with
> the current glibc, and it behaves correctly.
>
> This patch is against glibc-2.2.5. The code in 2.3.1 is largely unchanged.
> To make the patch apply, insert '__' before 'recvmsg'.
Thanks, this bug is fixed in upstream, so we apply it in glibc 2.3.2-1.
Regards,
-- gotom
Reply to: