[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 02046) Suspicious change in ipv6_auth_hdr

To: usagi-users@xxxxxxxxxxxxxx
Subject: (usagi-users 02046) Suspicious change in ipv6_auth_hdr
From: Kunihiro Ishiguro <kunihiro@xxxxxxxxxxxxxx>
Date: Fri, 03 Jan 2003 23:21:42 -0800
Reply-to: usagi-users@xxxxxxxxxxxxxx
User-agent: Wanderlust/2.10.0 (Venus) SEMI/1.14.3 (Ushinoya) FLIM/1.14.2 (Yagi-Nishiguchi) APEL/10.3 Emacs/21.2.92 (i686-pc-linux-gnu) MULE/5.0 (SAKAKI)

There is a below change in USAGI patch. 

net/ipv6/exthdr.c:ipv6_auth_hdr

-       len = (skb->h.raw[1]+1)<<2;
+       len = (skb->h.raw[1]+2)<<2;
 
To get length of authentication header, original code uses offset 1.
But USAGI patch changed it to offset 2.  Isn't this bad?  IPv6 AH
header length is second octet so it seems orignal code is right.

Please correct me if I'm wrong.  I didn't try to use AH, I just look
through patches.  So it may magically work fine...
--
Kunihiro Ishiguro

Follow-Ups:
- (usagi-users 02047) Re: Suspicious change in ipv6_auth_hdr
  - From: YOSHIFUJI Hideaki / 吉藤英明

Prev by Date: (usagi-users 02045) in_ntop() is not used
Next by Date: (usagi-users 02047) Re: Suspicious change in ipv6_auth_hdr
Previous by thread: (usagi-users 02045) in_ntop() is not used
Next by thread: (usagi-users 02047) Re: Suspicious change in ipv6_auth_hdr
Index(es):
- Date
- Thread