| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 May 2020 10:30:42 +0900 From: 강유건 <yugun819@...pkinnet.com> To: Michal Kubecek <mkubecek@...e.cz> Cc: netdev@...r.kernel.org Subject: Re: With regard to processing overlapping fragment packet Thank you for explaining in detail and letting me know the website. thanks to you, I learned a little about how to RFC works. 2020년 5월 26일 (화) 오후 4:54, Michal Kubecek <mkubecek@...e.cz>님이 작성: > > On Tue, May 26, 2020 at 02:47:25PM +0900, 강유건 wrote: > > Hello > > > > Actually, I'm not sure if it's right to send mail here. > > > > I'm testing ipv6ready Self Test 5.0.4 using linux-4.19.118 kernel. > > ( https://www.ipv6ready.org.cn/home/views/default/resource/logo/phase2-core/index.htm > > ) > > > > Test failed in 82. Part B: Reverse Order Fragments ( Link-Local ) in > > Section 1. spec > > > > In test 82, source transmits 3 fragment packets in reverse order that > > are originally a icmpv6 packet. > > There is an overlapping interval between the 2nd and 3rd packet. > > > > The test requires the destination MUST drop all packets and respond nothing, > > but the dest replies Time Exceeded / Reassembly Timeout. > > > > I've read some /net/ipv6 codes and think when the kernel receives the > > 2nd packet ( overlapping occurs ), it drops 3rd and 2nd packets and > > recognizes the 1st packet as a new fragment packet. > > ( Is it right ? ) > > > > In RFC5722, when a node receives the overlapping fragment, it MUST > > discard those not yet received. ( In this case, I think it applies to > > 1st packet ) > > > > Please let me know if I misunderstood RFC or if it wasn't implemented > > in the kernel. > > You understood the requirement of the RFC correctly but the problem is > that implementing it would be too complicated, would make the > implementation susceptible to DoS attacks and could even result in > dropping legitimate (new) fragments. Therefore an erratum to RFC 5722 > was accepted which drops the requirement to also drop fragments not > received yet: > > https://www.rfc-editor.org/errata/eid3089 > > Michal -- 강 유 건 사원 펌킨네트웍스㈜ 개발1팀 08380 서울시 구로구 디지털로31길 20 에이스테크노타워 5차 405호 Direct: 070-4263-9937 Mobile: 010-9887-3517 E-mail: yugun819@...pkinnet.com Tel: 02-863-9380, Fax: 02-2109-6675 www.pumpkinnet.co.kr
Powered by blists - more mailing lists